git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Tom Lane <tgl@sss.pgh.pa.us>
	Thu, 29 Jul 2021 17:33:31 +0000 (13:33 -0400)
committer	Tom Lane <tgl@sss.pgh.pa.us>
	Thu, 29 Jul 2021 17:33:41 +0000 (13:33 -0400)
commit	43f1d2ab361ccbd5ba8b53578fd4bcea9a6344a6
tree	682e8a24e2c2b8962d2a94f93dd565feec7f36a1	tree \| snapshot
parent	c42d3d04d7d03782ae179bf92ea0eb9f2fa8f409	commit \| diff

Improve libpq's handling of OOM during error message construction.

Commit ffa2e4670 changed libpq so that multiple error reports
occurring during one operation (a connection attempt or query)
are accumulated in conn->errorMessage, where before new ones
usually replaced any prior error.  At least in theory, that makes
us more vulnerable to running out of memory for the errorMessage
buffer.  If it did happen, the user would be left with just an
empty-string error report, which is pretty unhelpful.

We can improve this by relying on pqexpbuffer.c's existing "broken
buffer" convention to track whether we've hit OOM for the current
operation's error string, and then substituting a constant "out of
memory" string in the small number of places where the errorMessage
is read out.

While at it, apply the same method to similar OOM cases in
pqInternalNotice and pqGetErrorNotice3.

Back-patch to v14 where ffa2e4670 came in.  In principle this could
go back further; but in view of the lack of field reports, the
hazard seems negligible in older branches.

Discussion: https://postgr.es/m/530153.1627425648@sss.pgh.pa.us

src/interfaces/libpq/fe-connect.c		diff \| blob \| blame \| history
src/interfaces/libpq/fe-exec.c		diff \| blob \| blame \| history
src/interfaces/libpq/fe-protocol3.c		diff \| blob \| blame \| history
src/interfaces/libpq/libpq-int.h		diff \| blob \| blame \| history