Participants
Sedlak Anton
Sedlak Anton
Stephan Szabo
Stephan Szabo
Bruce Momjian
Bruce Momjian
Attachments
Show all attachments
Thread Outline
#1Sedlak AntonSedlak Anton
Oct 22, 2002
#2Stephan SzaboStephan Szaboto Sedlak Anton (#1)
Oct 23, 2002
#3Bruce MomjianBruce Momjianto Sedlak Anton (#1)
Nov 06, 2002

Error in chkpass.c (contrib area) with suggestion

Started by Sedlak Antonover 23 years ago3 messagesbugs
Jump to latest
#1Sedlak Anton
Sedlak Anton
ased@cce.cz

Because author is not responding I'm writing to you.
In contrib/chkpass.c there is no checking against NULL values on input,
thus if you call eg. raw(NULL) then postgresql always dies.
Although storing encrypted password are highly required this behavior
makes this extension module unusable.

To correct it one must add some checkin before any PG_GETARG_XXX in
chkpass.c:
Suggested type of code follows:
------------------------------------------------------------------
if(PG_ARGISNULL(0)) PG_RETURN_NULL();
------------------------------------------------------------------

Best regards and let me know if this is acceptable

Sedlak Anton

#2Stephan Szabo
Stephan Szabo
sszabo@megazone23.bigpanda.com
In reply to: Sedlak Anton (#1)
Re: Error in chkpass.c (contrib area) with suggestion

On Tue, 22 Oct 2002, Sedlak Anton wrote:

Because author is not responding I'm writing to you.
In contrib/chkpass.c there is no checking against NULL values on input,
thus if you call eg. raw(NULL) then postgresql always dies.
Although storing encrypted password are highly required this behavior
makes this extension module unusable.

To correct it one must add some checkin before any PG_GETARG_XXX in
chkpass.c:
Suggested type of code follows:
------------------------------------------------------------------
if(PG_ARGISNULL(0)) PG_RETURN_NULL();
------------------------------------------------------------------

Best regards and let me know if this is acceptable

It might be easier to declare the function strict which means that
it returns NULL on NULL input without calling the function for each
of the functions that should act that way (I'd guess all of
raw, eq and ne should be strict). This can also be done without
needing to recompile if you drop the functions and recreate them
with "with (isstrict)"

#3Bruce Momjian
Bruce Momjian
bruce@momjian.us
In reply to: Sedlak Anton (#1)
Re: Error in chkpass.c (contrib area) with suggestion

Looks like 7.3beta has the null checking in the code. Thanks.

---------------------------------------------------------------------------

Sedlak Anton wrote:

Because author is not responding I'm writing to you.
In contrib/chkpass.c there is no checking against NULL values on input,
thus if you call eg. raw(NULL) then postgresql always dies.
Although storing encrypted password are highly required this behavior
makes this extension module unusable.

To correct it one must add some checkin before any PG_GETARG_XXX in
chkpass.c:
Suggested type of code follows:
------------------------------------------------------------------
if(PG_ARGISNULL(0)) PG_RETURN_NULL();
------------------------------------------------------------------

Best regards and let me know if this is acceptable

Sedlak Anton

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to majordomo@postgresql.org)

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073
← Back to Topics