Participants
tanghy.fnst@fujitsu.com
tanghy.fnst@fujitsu.com
Daniel Gustafsson
Daniel Gustafsson
Attachments
  • #1Sep 15, 2021
    v1-0001-remove-double-check-when-field_name-is-not-NULL-i.patch
Thread Outline
#1tanghy.fnst@fujitsu.comtanghy.fnst@fujitsu.com
Sep 15, 2021
#2Daniel GustafssonDaniel Gustafssonto tanghy.fnst@fujitsu.com (#1)
Sep 15, 2021
#3tanghy.fnst@fujitsu.comtanghy.fnst@fujitsu.comto Daniel Gustafsson (#2)
Sep 15, 2021

Remove double check when field_name is not NULL in be-secure-openssl.c

Started by tanghy.fnst@fujitsu.comover 4 years ago3 messages
#1tanghy.fnst@fujitsu.com
tanghy.fnst@fujitsu.com
tanghy.fnst@fujitsu.com
1 attachment(s)

Hi

Attached a small fix to remove double check when field_name is not NULL in be-secure-openssl.c.
The double check is introduced in 13cfa02f7 for "Improve error handling in backend OpenSSL implementation".

Regards,
Tang

Attachments:

v1-0001-remove-double-check-when-field_name-is-not-NULL-i.patchapplication/octet-stream; name=v1-0001-remove-double-check-when-field_name-is-not-NULL-i.patchDownload
From c88559ef6b65deef42994f780ee8bbb9f8ddc9b9 Mon Sep 17 00:00:00 2001
From: tanghy <tanghy.fnst@fujitsu.com>
Date: Wed, 15 Sep 2021 16:53:37 +0900
Subject: [PATCH v1] remove double check when field_name is not NULL in
 be-secure-openssl.c


diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index deedac29d7..4bfd87c780 100644
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -1406,11 +1406,13 @@ X509_NAME_to_cstring(X509_NAME *name)
 		v = X509_NAME_ENTRY_get_data(e);
 		field_name = OBJ_nid2sn(nid);
 		if (field_name == NULL)
+		{
 			field_name = OBJ_nid2ln(nid);
-		if (field_name == NULL)
-			ereport(ERROR,
-					(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
-					 errmsg("could not convert NID %d to an ASN1_OBJECT structure", nid)));
+			if (field_name == NULL)
+				ereport(ERROR,
+						(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+						 errmsg("could not convert NID %d to an ASN1_OBJECT structure", nid)));
+		}
 		BIO_printf(membuf, "/%s=", field_name);
 		ASN1_STRING_print_ex(membuf, v,
 							 ((ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB)
-- 
2.31.1.windows.1
#2Daniel Gustafsson
Daniel Gustafsson
daniel@yesql.se
In reply to: tanghy.fnst@fujitsu.com (#1)
Re: Remove double check when field_name is not NULL in be-secure-openssl.c

On 15 Sep 2021, at 10:06, tanghy.fnst@fujitsu.com wrote:

Attached a small fix to remove double check when field_name is not NULL in be-secure-openssl.c.
The double check is introduced in 13cfa02f7 for "Improve error handling in backend OpenSSL implementation".

The proposal removes a second == NULL check on field_name in the case where
OBJ_nid2sn() returns an ASN1_OBJECT. This is not in a hot path, and the ASM
generated is equal under optimization levels so I don't see the value in the
code churn and the potential for collisions during backpatching around here.

--
Daniel Gustafsson https://vmware.com/

#3tanghy.fnst@fujitsu.com
tanghy.fnst@fujitsu.com
tanghy.fnst@fujitsu.com
In reply to: Daniel Gustafsson (#2)
RE: Remove double check when field_name is not NULL in be-secure-openssl.c

On Wednesday, September 15, 2021 6:54 PM, Daniel Gustafsson <daniel@yesql.se> wrote:

The proposal removes a second == NULL check on field_name in the case where
OBJ_nid2sn() returns an ASN1_OBJECT. This is not in a hot path, and the ASM
generated is equal under optimization levels so I don't see the value in the
code churn and the potential for collisions during backpatching around here.

Thanks for your kindly explanation.
Got it.

Regards,
Tang

← Back to Topics