]> granicus.if.org Git - postgresql/commitdiff
projects / postgresql / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 555494d)
Avoid improbable null pointer dereference in pgpassfileWarning().
authorTom Lane <tgl@sss.pgh.pa.us>
Fri, 3 Feb 2017 00:49:15 +0000 (19:49 -0500)
committerTom Lane <tgl@sss.pgh.pa.us>
Fri, 3 Feb 2017 00:49:15 +0000 (19:49 -0500)
Coverity complained that we might pass a null pointer to strcmp()
if PQresultErrorField were to return NULL.  That shouldn't be possible,
since the server is supposed to always provide some SQLSTATE or other
in an error message.  But we usually defend against such hazards, and
it only takes a little more code to do so here.

There's no good reason to think this is a live bug, so no back-patch.

src/interfaces/libpq/fe-connect.c patch | blob | history

diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index 0dda1804a58179ce6d155e95fbec289f7fd27625..b83af64e090460ba5ae06fed64e289ae5de1d127 100644 (file)
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -6312,22 +6312,23 @@ passwordFromFile(char *hostname, char *port, char *dbname,
 
 
 /*
- *     If the connection failed, we should mention if
- *     we got the password from the pgpassfile in case that
- *     password is wrong.
+ *     If the connection failed due to bad password, we should mention
+ *     if we got the password from the pgpassfile.
  */
 static void
 pgpassfileWarning(PGconn *conn)
 {
        /* If it was 'invalid authorization', add pgpassfile mention */
        /* only works with >= 9.0 servers */
-       if (conn->pgpassfile_used && conn->password_needed && conn->result &&
-               strcmp(PQresultErrorField(conn->result, PG_DIAG_SQLSTATE),
-                          ERRCODE_INVALID_PASSWORD) == 0)
+       if (conn->pgpassfile_used && conn->password_needed && conn->result)
        {
-               appendPQExpBuffer(&conn->errorMessage,
+               const char *sqlstate = PQresultErrorField(conn->result,
+                                                                                                 PG_DIAG_SQLSTATE);
+
+               if (sqlstate && strcmp(sqlstate, ERRCODE_INVALID_PASSWORD) == 0)
+                       appendPQExpBuffer(&conn->errorMessage,
                                          libpq_gettext("password retrieved from file \"%s\"\n"),
-                                                 conn->pgpassfile);
+                                                         conn->pgpassfile);
        }
 }
 
Unnamed repository; edit this file 'description' to name the repository.