Thread: 7.4.5 / 7.4.6 crash (pg_hba.conf issue)

I've run across a bug in pg_hba.conf routines which is repeatable in
both 32bit intel on Linux and 64bit AMD on FreeBSD with both 7.4.5 and
7.4.6. It results in the postmaster crashing which is quite annoying
when it leaves behind it's children.

create a file dev.users within the data directory such as the attached.

Edit pg_hba.conf to have a line like:
    host    db     @dev.users   127.0.0.1        255.255.255.255 trust

Hup the postmaster,.

--

Rod Taylor <pg@rbt.ca> writes:
> I've run across a bug in pg_hba.conf routines which is repeatable in
> both 32bit intel on Linux and 64bit AMD on FreeBSD with both 7.4.5 and
> 7.4.6. It results in the postmaster crashing which is quite annoying
> when it leaves behind it's children.

Off-by-one memory allocation problem --- it only bites you if the string
lengths are just right, which probably explains the lack of prior
reports even though the bug has been there since 7.3.  Simplest fix is

Index: hba.c
===================================================================
RCS file: /cvsroot/pgsql/src/backend/libpq/hba.c,v
retrieving revision 1.87.2.4
retrieving revision 1.87.2.5
diff -c -r1.87.2.4 -r1.87.2.5
*** hba.c    13 Apr 2003 04:07:31 -0000    1.87.2.4
--- hba.c    17 Nov 2004 19:54:53 -0000    1.87.2.5
***************
*** 281,287 ****         {             if (strlen(comma_str))             {
!                 comma_str = repalloc(comma_str, strlen(comma_str) + 1);                 strcat(comma_str,
MULTI_VALUE_SEP);            }             comma_str = repalloc(comma_str,
 
--- 281,287 ----         {             if (strlen(comma_str))             {
!                 comma_str = repalloc(comma_str, strlen(comma_str) + 1 + 1);                 strcat(comma_str,
MULTI_VALUE_SEP);            }             comma_str = repalloc(comma_str,
 

        regards, tom lane

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,

On Wed, 17 Nov 2004, Tom Lane wrote:

> Off-by-one memory allocation problem --- it only bites you if the string
> lengths are just right, which probably explains the lack of prior
> reports even though the bug has been there since 7.3.

Is this worth new dot releases?

Regards,
- --
Devrim GUNDUZ 
devrim~gunduz.org                devrim.gunduz~linux.org.tr            http://www.tdmsoft.com
http://www.gunduz.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFBm79Ztl86P3SPfQ4RAh34AKDp/fCXVBYcbY1dYKO/TfwteNnBZACgpnl5
uG/yaUhmh97ZM+h9al1fmeE=
=RdZ5
-----END PGP SIGNATURE-----

Devrim GUNDUZ <devrim@gunduz.org> writes:
>> Off-by-one memory allocation problem --- it only bites you if the string
>> lengths are just right, which probably explains the lack of prior
>> reports even though the bug has been there since 7.3.

> Is this worth new dot releases?

I'd say not.
        regards, tom lane

Tom Lane wrote:> Devrim GUNDUZ <devrim@gunduz.org> writes:>>>>Off-by-one memory allocation problem --- it only bites
youif the string>>>lengths are just right, which probably explains the lack of prior>>>reports even though the bug has
beenthere since 7.3.>>>>Is this worth new dot releases?>>> I'd say not.
 

At my knowledge Postgres can read that file even if it's writable by
anyone ( I can not test right now or look at the code), if this is the
case then this is a sort of serious bug :-(


Regards
Gaetano Mendola