Prevent too long user name or password from client

In most cases, this wouldn't work anyway, because for example the user
wouldn't be found in pgbouncer, since userlist.txt doesn't permit too
long user names.  But in the case of PAM there was no such check, so
too long user names could be added by add_pam_user(), which would
truncate them, and then a subsequent search using the not-truncated
name wouldn't find it, causing duplicates to be added.

Reported-by: @achix
fixes #353

diff --git a/src/client.c b/src/client.c
index dfe856b72b819d9c9f40df0504f49f6f320887b7..979cded1bde0b477d6a482408319f164b77a61d8 100644 (file)
--- a/src/client.c
+++ b/src/client.c
@@ -257,6 +257,21 @@ bool set_pool(PgSocket *client, const char *dbname, const char *username, const
                        return finish_set_pool(client, takeover);
        }
 
+       /* avoid dealing with invalid data below, and give an
+        * appropriate error message */
+       if (strlen(username) >= MAX_USERNAME) {
+               disconnect_client(client, true, "username too long");
+               if (cf_log_connections)
+                       slog_info(client, "login failed: db=%s user=%s", dbname, username);
+               return false;
+       }
+       if (strlen(password) >= MAX_PASSWORD) {
+               disconnect_client(client, true, "password too long");
+               if (cf_log_connections)
+                       slog_info(client, "login failed: db=%s user=%s", dbname, username);
+               return false;
+       }
+
        /* find user */
        if (cf_auth_type == AUTH_ANY) {
                /* ignore requested user */