Fix a read of uninitialized memory in next_token() of hba.c, spotted via

valgrind: a buffer passed to strncmp() had to be NUL-terminated. Original report and patch from Dennis Bjorkland, some cleanup by Andrew Dunstan, and finally some editorializing from Neil Conway.
2004-02-02 16:58:30 +00:00 · 2004-02-02 16:58:30 +00:00 · 9e218af7ed
commit 9e218af7ed
parent 4c29e21578
2 changed files with 96 additions and 96 deletions
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@ -10,7 +10,7 @@
 *
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.119 2003/12/25 03:44:04 momjian Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.120 2004/02/02 16:58:30 neilc Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -37,12 +37,23 @@
 #include "storage/fd.h"


-#define IDENT_USERNAME_MAX 512
 /* Max size of username ident server can return */
+#define IDENT_USERNAME_MAX 512
+
+/* Standard TCP port number for Ident service.  Assigned by IANA */
+#define IDENT_PORT 113
+
+/* Name of the config file  */
+#define CONF_FILE "pg_hba.conf"
+
+/* Name of the usermap file */
+#define USERMAP_FILE "pg_ident.conf"

 /* This is used to separate values in multi-valued column strings */
 #define MULTI_VALUE_SEP "\001"

+#define MAX_TOKEN	256
+
 /*
 * These variables hold the pre-parsed contents of the hba and ident
 * configuration files.  Each is a list of sublists, one sublist for
@ -83,16 +94,16 @@ pg_isblank(const char c)
 * Grab one token out of fp. Tokens are strings of non-blank
 * characters bounded by blank characters, beginning of line, and
 * end of line. Blank means space or tab. Return the token as
- *	 *buf. Leave file positioned to character immediately after the
+ * *buf. Leave file positioned at the character immediately after the
 * token or EOF, whichever comes first. If no more tokens on line,
- *	 return null string as *buf and position file to beginning of
- *	 next line or EOF, whichever comes first. Allow spaces in quoted
- *	 strings. Terminate on unquoted commas. Handle comments. Treat
- *   unquoted keywords that might be user names or database names 
- *   specially, by appending a newline to them.
+ * return empty string as *buf and position the file to the beginning
+ * of the next line or EOF, whichever comes first. Allow spaces in
+ * quoted strings. Terminate on unquoted commas. Handle
+ * comments. Treat unquoted keywords that might be user names or
+ * database names specially, by appending a newline to them.
 */
-void
-next_token(FILE *fp, char *buf, const int bufsz)
+static void
+next_token(FILE *fp, char *buf, int bufsz)
 {
 	int			c;
 	char	   *start_buf = buf;
@ -101,12 +112,18 @@ next_token(FILE *fp, char *buf, const int bufsz)
 	bool		was_quote = false;
 	bool        saw_quote = false;

+	Assert(end_buf > start_buf);
+
 	/* Move over initial whitespace and commas */
 	while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
 		;

-	if (c != EOF && c != '\n')
+	if (c == EOF || c == '\n')
 	{
+		*buf = '\0';
+		return;
+	}
+
 	/*
 	 * Build a token in buf of next characters up to EOF, EOL,
 	 * unquoted comma, or unquoted whitespace.
@ -166,23 +183,18 @@ next_token(FILE *fp, char *buf, const int bufsz)
 	 */
 	if (c != EOF)
 		ungetc(c, fp);
-	}
-
-
-	if ( !saw_quote && 
-	     (
-			 strncmp(start_buf,"all",3) == 0  ||
-			 strncmp(start_buf,"sameuser",8) == 0  ||
-			 strncmp(start_buf,"samegroup",9) == 0 
-		 )
-		)
-	{
-		/* append newline to a magical keyword */
-		*buf++ = '\n';
-	}

 	*buf = '\0';

+	if (!saw_quote && 
+	     (strcmp(start_buf, "all") == 0 ||
+		  strcmp(start_buf, "sameuser") == 0 ||
+		  strcmp(start_buf, "samegroup") == 0))
+	{
+		/* append newline to a magical keyword */
+		*buf++ = '\n';
+		*buf = '\0';
+	}
 }

 /*
--- a/src/include/libpq/hba.h
+++ b/src/include/libpq/hba.h
@ -4,7 +4,7 @@
 *	  Interface to hba.c
 *
 *
- * $PostgreSQL: pgsql/src/include/libpq/hba.h,v 1.34 2003/11/29 22:41:03 pgsql Exp $
+ * $PostgreSQL: pgsql/src/include/libpq/hba.h,v 1.35 2004/02/02 16:58:30 neilc Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -17,15 +17,6 @@

 #include "nodes/pg_list.h"

-#define CONF_FILE "pg_hba.conf"
- /* Name of the config file  */
-
-#define USERMAP_FILE "pg_ident.conf"
- /* Name of the usermap file */
-
-#define IDENT_PORT 113
- /* Standard TCP port number for Ident service.  Assigned by IANA */
-
 typedef enum UserAuth
 {
 	uaReject,
@ -43,9 +34,6 @@ typedef enum UserAuth

 typedef struct Port hbaPort;

-#define MAX_TOKEN	256
-
-extern void next_token(FILE *fp, char *buf, const int bufsz);
 extern List **get_user_line(const char *user);
 extern void load_hba(void);
 extern void load_ident(void);