From: Thomas Munro Date: Tue, 13 Nov 2018 03:27:13 +0000 (+1300) Subject: Fix possible buffer overrun in hba.c. X-Git-Tag: REL_12_BETA1~1254 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6a3dcd28568a04b6e4aea2bf41ea2c7e9c7b0e96;p=postgresql Fix possible buffer overrun in hba.c. Coverty reports a possible buffer overrun in the code that populates the pg_hba_file_rules view. It may not be a live bug due to restrictions on options that can be used together, but let's increase MAX_HBA_OPTIONS and correct a nearby misleading comment. Back-patch to 10 where this code arrived. Reported-by: Julian Hsiao Discussion: https://postgr.es/m/CADnGQpzbkWdKS2YHNifwAvX5VEsJ5gW49U4o-7UL5pzyTv4vTg%40mail.gmail.com --- diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c index 1a65ec87bd..0129dd24d0 100644 --- a/src/backend/libpq/hba.c +++ b/src/backend/libpq/hba.c @@ -2218,10 +2218,12 @@ load_hba(void) /* * This macro specifies the maximum number of authentication options * that are possible with any given authentication method that is supported. - * Currently LDAP supports 10, so the macro value is well above the most any - * method needs. + * Currently LDAP supports 11, and there are 3 that are not dependent on + * the auth method here. It may not actually be possible to set all of them + * at the same time, but we'll set the macro value high enough to be + * conservative and avoid warnings from static analysis tools. */ -#define MAX_HBA_OPTIONS 12 +#define MAX_HBA_OPTIONS 14 /* * Create a text array listing the options specified in the HBA line. @@ -2327,6 +2329,7 @@ gethba_options(HbaLine *hba) CStringGetTextDatum(psprintf("radiusports=%s", hba->radiusports_s)); } + /* If you add more options, consider increasing MAX_HBA_OPTIONS. */ Assert(noptions <= MAX_HBA_OPTIONS); if (noptions > 0)