Avoid core dump after getpwuid_r failure.

tglsfdc · tglsfdc · commit 2e62fa62d674 · 2024-09-08T19:14:40.000-04:00
Looking up a nonexistent user ID would lead to a null pointer dereference. That's unlikely to happen here, but perhaps not impossible. Thinko in commit 4d5111b, noticed by Coverity.
diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
@@ -1205,7 +1205,7 @@ pg_fe_getusername(uid_t user_id, PQExpBuffer errorMessage)
 	DWORD		namesize = sizeof(username);
 #else
 	struct passwd pwbuf;
-	struct passwd *pw;
+	struct passwd *pw = NULL;
 	char		buf[1024];
 	int			rc;
 #endif
@@ -1230,7 +1230,8 @@ pg_fe_getusername(uid_t user_id, PQExpBuffer errorMessage)
 		if (errorMessage)
 			libpq_append_error(errorMessage, "local user with ID %ld does not exist", (long) user_id);
 	}
-	name = pw->pw_name;
+	else
+		name = pw->pw_name;
 #endif
 
 	if (name)
