database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-14 18:42:34 +03:00
Code Activity

Fix InitializeSessionUserId not to deference NULL rolename pointer.

Browse Source 
Dmitriy Sarafannikov, reviewed by Michael Paquier and Haribabu Kommi,
with a minor fix by me.
This commit is contained in:
Robert Haas
2016-03-04 12:05:15 -05:00
parent d78a7d9c7f
commit 546cd0d766
1 changed files with 17 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/backend/utils/init/miscinit.c
View File

@ -474,6 +474,7 @@ InitializeSessionUserId(const char *rolename, Oid roleid)
{
HeapTuple roleTup;
Form_pg_authid rform;
char *rname;
/*
* Don't do scans if we're bootstrapping, none of the system catalogs
@ -485,16 +486,25 @@ InitializeSessionUserId(const char *rolename, Oid roleid)
AssertState(!OidIsValid(AuthenticatedUserId));
if (rolename != NULL)
{
roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(rolename));
if (!HeapTupleIsValid(roleTup))
ereport(FATAL,
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
errmsg("role \"%s\" does not exist", rolename)));
}
else
{
roleTup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(roleid));
if (!HeapTupleIsValid(roleTup))
ereport(FATAL,
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
errmsg("role \"%s\" does not exist", rolename)));
if (!HeapTupleIsValid(roleTup))
ereport(FATAL,
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
errmsg("role with OID %u does not exist", roleid)));
}
rform = (Form_pg_authid) GETSTRUCT(roleTup);
roleid = HeapTupleGetOid(roleTup);
rname = NameStr(rform->rolname);
AuthenticatedUserId = roleid;
AuthenticatedUserIsSuperuser = rform->rolsuper;
@ -520,7 +530,7 @@ InitializeSessionUserId(const char *rolename, Oid roleid)
ereport(FATAL,
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
errmsg("role \"%s\" is not permitted to log in",
rolename)));
rname)));
/*
* Check connection limit for this role.
@ -538,11 +548,11 @@ InitializeSessionUserId(const char *rolename, Oid roleid)
ereport(FATAL,
(errcode(ERRCODE_TOO_MANY_CONNECTIONS),
errmsg("too many connections for role \"%s\"",
rolename)));
rname)));
}
/* Record username and superuser status as GUC settings too */
SetConfigOption("session_authorization", rolename,
SetConfigOption("session_authorization", rname,
PGC_BACKEND, PGC_S_OVERRIDE);
SetConfigOption("is_superuser",
AuthenticatedUserIsSuperuser ? "on" : "off",