From dce92e59b1a9ff8401a660a1ac448ea37d498284 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Thu, 17 Nov 2022 14:12:04 +0100 Subject: [PATCH] libpq: Correct processing of startup response messages After sending a startup message, libpq expects either an error response ('E') or an authentication request ('R'). Before processing the message, it ensures it has read enough bytes to correspond to the length specified in the message. However, when processing the 'R' message, if an EOF status is returned it loops back waiting for more input, even though we already checked that we have enough input. In this particular case, this is probably not reachable anyway, because other code ensures we have enough bytes for an authentication request message, but the code is wrong and misleading. In the more general case, processing a faulty message could result in an EOF status, which would then result in an infinite loop waiting for the end of a message that will never come. The correction is to make this an error. Reported-by: Jacob Champion Discussion: https://www.postgresql.org/message-id/flat/f9c7862f-b864-8ef7-a861-c4638c83e209@enterprisedb.com --- src/interfaces/libpq/fe-connect.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index a6120bf58b8..7d54aa35899 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -3358,8 +3358,7 @@ keep_going: /* We will come back to here until there is /* Get the type of request. */ if (pqGetInt((int *) &areq, 4, conn)) { - /* We'll come back when there are more data */ - return PGRES_POLLING_READING; + goto error_return; } msgLength -= 4;