1
0
mirror of https://github.com/postgres/postgres.git synced 2025-10-24 01:29:19 +03:00

Re-simplify management of inStart in pqParseInput3's subroutines.

Commit 92785dac2 copied some logic related to advancement of inStart
from pqParseInput3 into getRowDescriptions and getAnotherTuple,
because it wanted to allow user-defined row processor callbacks to
potentially longjmp out of the library, and inStart would have to be
updated before that happened to avoid an infinite loop.  We later
decided that that API was impossibly fragile and reverted it, but
we didn't undo all of the related code changes, and this bit of
messiness survived.  Undo it now so that there's just one place in
pqParseInput3's processing where inStart is advanced; this will
simplify addition of better tracing support.

getParamDescriptions had grown similar processing somewhere along
the way (not in 92785dac2; I didn't track down just when), but it's
actually buggy because its handling of corrupt-message cases seems to
have been copied from the v2 logic where we lacked a known message
length.  The cases where we "goto not_enough_data" should not simply
return EOF, because then we won't consume the message, potentially
creating an infinite loop.  That situation now represents a
definitively corrupt message, and we should report it as such.

Although no field reports of getParamDescriptions getting stuck in
a loop have been seen, it seems appropriate to back-patch that fix.
I chose to back-patch all of this to keep the logic looking more alike
in supported branches.

Discussion: https://postgr.es/m/2217283.1615411989@sss.pgh.pa.us
This commit is contained in:
Tom Lane
2021-03-11 14:43:45 -05:00
parent 338b9a0d4c
commit d2be6cdc55

View File

@@ -293,8 +293,6 @@ pqParseInput3(PGconn *conn)
/* First 'T' in a query sequence */ /* First 'T' in a query sequence */
if (getRowDescriptions(conn, msgLength)) if (getRowDescriptions(conn, msgLength))
return; return;
/* getRowDescriptions() moves inStart itself */
continue;
} }
else else
{ {
@@ -340,8 +338,7 @@ pqParseInput3(PGconn *conn)
case 't': /* Parameter Description */ case 't': /* Parameter Description */
if (getParamDescriptions(conn, msgLength)) if (getParamDescriptions(conn, msgLength))
return; return;
/* getParamDescriptions() moves inStart itself */ break;
continue;
case 'D': /* Data Row */ case 'D': /* Data Row */
if (conn->result != NULL && if (conn->result != NULL &&
conn->result->resultStatus == PGRES_TUPLES_OK) conn->result->resultStatus == PGRES_TUPLES_OK)
@@ -349,8 +346,6 @@ pqParseInput3(PGconn *conn)
/* Read another tuple of a normal query response */ /* Read another tuple of a normal query response */
if (getAnotherTuple(conn, msgLength)) if (getAnotherTuple(conn, msgLength))
return; return;
/* getAnotherTuple() moves inStart itself */
continue;
} }
else if (conn->result != NULL && else if (conn->result != NULL &&
conn->result->resultStatus == PGRES_FATAL_ERROR) conn->result->resultStatus == PGRES_FATAL_ERROR)
@@ -467,7 +462,6 @@ handleSyncLoss(PGconn *conn, char id, int msgLength)
* command for a prepared statement) containing the attribute data. * command for a prepared statement) containing the attribute data.
* Returns: 0 if processed message successfully, EOF to suspend parsing * Returns: 0 if processed message successfully, EOF to suspend parsing
* (the latter case is not actually used currently). * (the latter case is not actually used currently).
* In the former case, conn->inStart has been advanced past the message.
*/ */
static int static int
getRowDescriptions(PGconn *conn, int msgLength) getRowDescriptions(PGconn *conn, int msgLength)
@@ -572,19 +566,9 @@ getRowDescriptions(PGconn *conn, int msgLength)
result->binary = 0; result->binary = 0;
} }
/* Sanity check that we absorbed all the data */
if (conn->inCursor != conn->inStart + 5 + msgLength)
{
errmsg = libpq_gettext("extraneous data in \"T\" message");
goto advance_and_error;
}
/* Success! */ /* Success! */
conn->result = result; conn->result = result;
/* Advance inStart to show that the "T" message has been processed. */
conn->inStart = conn->inCursor;
/* /*
* If we're doing a Describe, we're done, and ready to pass the result * If we're doing a Describe, we're done, and ready to pass the result
* back to the client. * back to the client.
@@ -608,9 +592,6 @@ advance_and_error:
if (result && result != conn->result) if (result && result != conn->result)
PQclear(result); PQclear(result);
/* Discard the failed message by pretending we read it */
conn->inStart += 5 + msgLength;
/* /*
* Replace partially constructed result with an error result. First * Replace partially constructed result with an error result. First
* discard the old result to try to win back some memory. * discard the old result to try to win back some memory.
@@ -629,6 +610,12 @@ advance_and_error:
printfPQExpBuffer(&conn->errorMessage, "%s\n", errmsg); printfPQExpBuffer(&conn->errorMessage, "%s\n", errmsg);
pqSaveErrorResult(conn); pqSaveErrorResult(conn);
/*
* Show the message as fully consumed, else pqParseInput3 will overwrite
* our error with a complaint about that.
*/
conn->inCursor = conn->inStart + 5 + msgLength;
/* /*
* Return zero to allow input parsing to continue. Subsequent "D" * Return zero to allow input parsing to continue. Subsequent "D"
* messages will be ignored until we get to end of data, since an error * messages will be ignored until we get to end of data, since an error
@@ -640,12 +627,8 @@ advance_and_error:
/* /*
* parseInput subroutine to read a 't' (ParameterDescription) message. * parseInput subroutine to read a 't' (ParameterDescription) message.
* We'll build a new PGresult structure containing the parameter data. * We'll build a new PGresult structure containing the parameter data.
* Returns: 0 if completed message, EOF if not enough data yet. * Returns: 0 if processed message successfully, EOF to suspend parsing
* In the former case, conn->inStart has been advanced past the message. * (the latter case is not actually used currently).
*
* Note that if we run out of data, we have to release the partially
* constructed PGresult, and rebuild it again next time. Fortunately,
* that shouldn't happen often, since 't' messages usually fit in a packet.
*/ */
static int static int
getParamDescriptions(PGconn *conn, int msgLength) getParamDescriptions(PGconn *conn, int msgLength)
@@ -685,33 +668,19 @@ getParamDescriptions(PGconn *conn, int msgLength)
result->paramDescs[i].typid = typid; result->paramDescs[i].typid = typid;
} }
/* Sanity check that we absorbed all the data */
if (conn->inCursor != conn->inStart + 5 + msgLength)
{
errmsg = libpq_gettext("extraneous data in \"t\" message");
goto advance_and_error;
}
/* Success! */ /* Success! */
conn->result = result; conn->result = result;
/* Advance inStart to show that the "t" message has been processed. */
conn->inStart = conn->inCursor;
return 0; return 0;
not_enough_data: not_enough_data:
PQclear(result); errmsg = libpq_gettext("insufficient data in \"t\" message");
return EOF;
advance_and_error: advance_and_error:
/* Discard unsaved result, if any */ /* Discard unsaved result, if any */
if (result && result != conn->result) if (result && result != conn->result)
PQclear(result); PQclear(result);
/* Discard the failed message by pretending we read it */
conn->inStart += 5 + msgLength;
/* /*
* Replace partially constructed result with an error result. First * Replace partially constructed result with an error result. First
* discard the old result to try to win back some memory. * discard the old result to try to win back some memory.
@@ -729,6 +698,12 @@ advance_and_error:
printfPQExpBuffer(&conn->errorMessage, "%s\n", errmsg); printfPQExpBuffer(&conn->errorMessage, "%s\n", errmsg);
pqSaveErrorResult(conn); pqSaveErrorResult(conn);
/*
* Show the message as fully consumed, else pqParseInput3 will overwrite
* our error with a complaint about that.
*/
conn->inCursor = conn->inStart + 5 + msgLength;
/* /*
* Return zero to allow input parsing to continue. Essentially, we've * Return zero to allow input parsing to continue. Essentially, we've
* replaced the COMMAND_OK result with an error result, but since this * replaced the COMMAND_OK result with an error result, but since this
@@ -742,7 +717,6 @@ advance_and_error:
* We fill rowbuf with column pointers and then call the row processor. * We fill rowbuf with column pointers and then call the row processor.
* Returns: 0 if processed message successfully, EOF to suspend parsing * Returns: 0 if processed message successfully, EOF to suspend parsing
* (the latter case is not actually used currently). * (the latter case is not actually used currently).
* In the former case, conn->inStart has been advanced past the message.
*/ */
static int static int
getAnotherTuple(PGconn *conn, int msgLength) getAnotherTuple(PGconn *conn, int msgLength)
@@ -815,28 +789,14 @@ getAnotherTuple(PGconn *conn, int msgLength)
} }
} }
/* Sanity check that we absorbed all the data */
if (conn->inCursor != conn->inStart + 5 + msgLength)
{
errmsg = libpq_gettext("extraneous data in \"D\" message");
goto advance_and_error;
}
/* Advance inStart to show that the "D" message has been processed. */
conn->inStart = conn->inCursor;
/* Process the collected row */ /* Process the collected row */
errmsg = NULL; errmsg = NULL;
if (pqRowProcessor(conn, &errmsg)) if (pqRowProcessor(conn, &errmsg))
return 0; /* normal, successful exit */ return 0; /* normal, successful exit */
goto set_error_result; /* pqRowProcessor failed, report it */ /* pqRowProcessor failed, fall through to report it */
advance_and_error: advance_and_error:
/* Discard the failed message by pretending we read it */
conn->inStart += 5 + msgLength;
set_error_result:
/* /*
* Replace partially constructed result with an error result. First * Replace partially constructed result with an error result. First
@@ -856,6 +816,12 @@ set_error_result:
printfPQExpBuffer(&conn->errorMessage, "%s\n", errmsg); printfPQExpBuffer(&conn->errorMessage, "%s\n", errmsg);
pqSaveErrorResult(conn); pqSaveErrorResult(conn);
/*
* Show the message as fully consumed, else pqParseInput3 will overwrite
* our error with a complaint about that.
*/
conn->inCursor = conn->inStart + 5 + msgLength;
/* /*
* Return zero to allow input parsing to continue. Subsequent "D" * Return zero to allow input parsing to continue. Subsequent "D"
* messages will be ignored until we get to end of data, since an error * messages will be ignored until we get to end of data, since an error