Lock_AF_UNIX(unsigned short portNumber, char *unixSocketName)
{
UNIXSOCK_PATH(sock_path, portNumber, unixSocketName);
+ if (strlen(sock_path) >= UNIXSOCK_PATH_BUFLEN)
+ {
+ ereport(LOG,
+ (errmsg("Unix-domain socket path \"%s\" is too long (maximum %d bytes)",
+ sock_path,
+ (int) (UNIXSOCK_PATH_BUFLEN - 1))));
+ return STATUS_ERROR;
+ }
/*
* Grab an interlock file associated with the socket file.
DEFAULT_PGSOCKET_DIR, \
(port))
+/*
+ * The maximum workable length of a socket path is what will fit into
+ * struct sockaddr_un. This is usually only 100 or so bytes :-(.
+ *
+ * For consistency, always pass a MAXPGPATH-sized buffer to UNIXSOCK_PATH(),
+ * then complain if the resulting string is >= UNIXSOCK_PATH_BUFLEN bytes.
+ * (Because the standard API for getaddrinfo doesn't allow it to complain in
+ * a useful way when the socket pathname is too long, we have to test for
+ * this explicitly, instead of just letting the subroutine return an error.)
+ */
+#define UNIXSOCK_PATH_BUFLEN sizeof(((struct sockaddr_un *) NULL)->sun_path)
+
+
/*
* These manipulate the frontend/backend protocol version number.
*
connectDBStart(PGconn *conn)
{
int portnum;
- char portstr[128];
+ char portstr[MAXPGPATH];
struct addrinfo *addrs = NULL;
struct addrinfo hint;
const char *node;
node = NULL;
hint.ai_family = AF_UNIX;
UNIXSOCK_PATH(portstr, portnum, conn->pgunixsocket);
+ if (strlen(portstr) >= UNIXSOCK_PATH_BUFLEN)
+ {
+ appendPQExpBuffer(&conn->errorMessage,
+ libpq_gettext("Unix-domain socket path \"%s\" is too long (maximum %d bytes)\n"),
+ portstr,
+ (int) (UNIXSOCK_PATH_BUFLEN - 1));
+ conn->options_valid = false;
+ goto connect_errReturn;
+ }
#else
/* Without Unix sockets, default to localhost instead */
node = DefaultHost;
projects / postgresql / commitdiff