libpq: Correct processing of startup response messages

petere · pull[bot] · commit 1050a27f3b32 · 2023-07-03T20:20:14.000Z
After sending a startup message, libpq expects either an error response ('E') or an authentication request ('R'). Before processing the message, it ensures it has read enough bytes to correspond to the length specified in the message. However, when processing the 'R' message, if an EOF status is returned it loops back waiting for more input, even though we already checked that we have enough input. In this particular case, this is probably not reachable anyway, because other code ensures we have enough bytes for an authentication request message, but the code is wrong and misleading. In the more general case, processing a faulty message could result in an EOF status, which would then result in an infinite loop waiting for the end of a message that will never come. The correction is to make this an error. Reported-by: Jacob Champion <jchampion@timescale.com> Discussion: https://www.postgresql.org/message-id/flat/f9c7862f-b864-8ef7-a861-c4638c83e209@enterprisedb.com
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
@@ -3358,8 +3358,7 @@ PQconnectPoll(PGconn *conn)
 				/* Get the type of request. */
 				if (pqGetInt((int *) &areq, 4, conn))
 				{
-					/* We'll come back when there are more data */
-					return PGRES_POLLING_READING;
+					goto error_return;
 				}
 				msgLength -= 4;
 

Original file line number	Diff line number	Diff line change
`@@ -3358,8 +3358,7 @@ PQconnectPoll(PGconn *conn)`
`3358`	`3358`	`/* Get the type of request. */`
`3359`	`3359`	`if (pqGetInt((int *) &areq, 4, conn))`
`3360`	`3360`	`{`
`3361`		`- /* We'll come back when there are more data */`
`3362`		`- return PGRES_POLLING_READING;`
	`3361`	`+ goto error_return;`
`3363`	`3362`	`}`
`3364`	`3363`	`msgLength -= 4;`
`3365`	`3364`