From 8ac0365c22f20dcd2a6b6752b95b665ada83e858 Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Thu, 2 Feb 2017 19:49:15 -0500
Subject: [PATCH] Avoid improbable null pointer dereference in
pgpassfileWarning().
Coverity complained that we might pass a null pointer to strcmp()
if PQresultErrorField were to return NULL. That shouldn't be possible,
since the server is supposed to always provide some SQLSTATE or other
in an error message. But we usually defend against such hazards, and
it only takes a little more code to do so here.
There's no good reason to think this is a live bug, so no back-patch.
---
src/interfaces/libpq/fe-connect.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index 0dda1804a58..b83af64e090 100644
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -6312,22 +6312,23 @@ passwordFromFile(char *hostname, char *port, char *dbname,
/*
- * If the connection failed, we should mention if
- * we got the password from the pgpassfile in case that
- * password is wrong.
+ * If the connection failed due to bad password, we should mention
+ * if we got the password from the pgpassfile.
*/
static void
pgpassfileWarning(PGconn *conn)
{
/* If it was 'invalid authorization', add pgpassfile mention */
/* only works with >= 9.0 servers */
- if (conn->pgpassfile_used && conn->password_needed && conn->result &&
- strcmp(PQresultErrorField(conn->result, PG_DIAG_SQLSTATE),
- ERRCODE_INVALID_PASSWORD) == 0)
+ if (conn->pgpassfile_used && conn->password_needed && conn->result)
{
- appendPQExpBuffer(&conn->errorMessage,
+ const char *sqlstate = PQresultErrorField(conn->result,
+ PG_DIAG_SQLSTATE);
+
+ if (sqlstate && strcmp(sqlstate, ERRCODE_INVALID_PASSWORD) == 0)
+ appendPQExpBuffer(&conn->errorMessage,
libpq_gettext("password retrieved from file \"%s\"\n"),
- conn->pgpassfile);
+ conn->pgpassfile);
}
}
--
GitLab