On Wed, Jun 15, 2011 at 10:53, Ahmed Shinwari <ahmed.shinw...@gmail.com> wrote: > Hi All, > > I faced a bug on Windows while connecting via SSPI authentication. I was > able to find the bug and have attached the patch. Details listed below; > > Postgres Installer: Version 9.0.4 > OS: Windows Server 2008 R2/Windows 7
<big snip> Thanks - great analysis! However, I think there is a better fix for this - simply moving a } one line. In particular, I'm concerned about passing the same pointer both as input and output to the function - I couldn't find anything in the documentation saying this was safe (nor did I find anything saying it's unsafe, but.) Especially since this code clearly behaves different on different versions - I've been completely unable to reproduce this on any of my test machines, but they are all Windows Server 2003. So - attached is a new version of the patch, how does this look to you? FYI, I've had Thom test this new version and it does appear to work fine in his scenario. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 7799111..936cfea 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -1349,16 +1349,22 @@ pg_SSPI_recvauth(Port *port) _("could not accept SSPI security context"), r); } + /* + * Overwrite the current context with the one we just received. + * If sspictx is NULL it was the first loop and we need to allocate + * a buffer for it. On subsequent runs, we can just overwrite the + * buffer contents since the size does not change. + */ if (sspictx == NULL) { sspictx = malloc(sizeof(CtxtHandle)); if (sspictx == NULL) ereport(ERROR, (errmsg("out of memory"))); - - memcpy(sspictx, &newctx, sizeof(CtxtHandle)); } + memcpy(sspictx, &newctx, sizeof(CtxtHandle)); + if (r == SEC_I_CONTINUE_NEEDED) elog(DEBUG4, "SSPI continue needed");
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers