Thread: pg_dump: fix crash on error

If pg_dump fails to connect to Postgres, it attempts to print an error
message in ConnectDatabase():

/* check to see that the backend connection was successfully made */
if (PQstatus(AH->connection) == CONNECTION_BAD)
     die_horribly(AH, modulename,
                  "connection to database \"%s\" failed: %s",
                  dbname, PQerrorMessage(AH->connection));

But if no database is explicitly specified, `dbname' is NULL, and libc
is entitled to crash if you pass a NULL pointer to it for a %s
formatting sequence (it actually does crash on Solaris, for example --
per report from Omar Kilani).

Attached is a patch that fixes this by just removing `dbname' from the
error message, as PQerrorMessage() should provide enough information.

Barring any objections, I'll apply this to HEAD and back branches within
24 hours.

-Neil
Index: src/bin/pg_dump/pg_backup_db.c
===================================================================
RCS file: /var/lib/cvs/pgsql/src/bin/pg_dump/pg_backup_db.c,v
retrieving revision 1.63
diff -c -r1.63 pg_backup_db.c
*** src/bin/pg_dump/pg_backup_db.c    1 Jul 2005 21:03:25 -0000    1.63
--- src/bin/pg_dump/pg_backup_db.c    27 Jul 2005 01:23:27 -0000
***************
*** 265,272 ****

      /* check to see that the backend connection was successfully made */
      if (PQstatus(AH->connection) == CONNECTION_BAD)
!         die_horribly(AH, modulename, "connection to database \"%s\" failed: %s",
!                      dbname, PQerrorMessage(AH->connection));

      /* check for version mismatch */
      _check_database_version(AH, ignoreVersion);
--- 265,272 ----

      /* check to see that the backend connection was successfully made */
      if (PQstatus(AH->connection) == CONNECTION_BAD)
!         die_horribly(AH, modulename, "connection to database failed: %s",
!                      PQerrorMessage(AH->connection));

      /* check for version mismatch */
      _check_database_version(AH, ignoreVersion);

Neil Conway <neilc@samurai.com> writes:
> If pg_dump fails to connect to Postgres, it attempts to print an error
> message in ConnectDatabase():
> ...
> But if no database is explicitly specified, `dbname' is NULL, and libc
> is entitled to crash if you pass a NULL pointer to it for a %s
> formatting sequence (it actually does crash on Solaris, for example --
> per report from Omar Kilani).

[ scratches head... ]  Did this code change recently?  It's a tad hard
to believe that such a thing could have gone unnoticed for long.

            regards, tom lane

Tom Lane wrote:
> [ scratches head... ]  Did this code change recently?  It's a tad hard
> to believe that such a thing could have gone unnoticed for long.

Seems the problem was introduced here:

http://developer.postgresql.org/cvsweb.cgi/pgsql/src/bin/pg_dump/pg_backup_db.c.diff?r1=1.58;r2=1.59

(I could just revert the code to using PQdb(), but I don't think there's
a need to mention the database in the error message ourselves --
PQerrorMessage() should include that information if appropriate.)

-Neil

Neil Conway <neilc@samurai.com> writes:
> Tom Lane wrote:
>> [ scratches head... ]  Did this code change recently?  It's a tad hard
>> to believe that such a thing could have gone unnoticed for long.

> Seems the problem was introduced here:
> http://developer.postgresql.org/cvsweb.cgi/pgsql/src/bin/pg_dump/pg_backup_db.c.diff?r1=1.58;r2=1.59

Oh dear, that makes it my fault :-(

> (I could just revert the code to using PQdb(), but I don't think there's
> a need to mention the database in the error message ourselves --
> PQerrorMessage() should include that information if appropriate.)

I'd go with reverting it to using PQdb, myself.  Looks like I got bit by
the perennial mantra: premature optimization is the root of all evil.

            regards, tom lane

Tom Lane wrote:
> I'd go with reverting it to using PQdb, myself.

Fair enough; reverted to using PQdb(), and applied to HEAD and
REL8_0_STABLE.

-Neil