On Wednesday 09 July 2008, Andrew O. Zhukov wrote:
> [..]
Hi Andrew,
i think i've found some problems in the postgres module. The problem were
caused from a invalid data in the query:
>>> Jul 7 23:17:56 ipshka openser[1980]: ERROR:postgres:val2str:
>>> PQescapeStringConn failed
this break the postgres data escaping function
>>> Jul 7 23:17:56 ipshka openser[1980]: WARNING:postgres:pg_get_result:
>>> 0x776080 Probable invalid query
and causes a PGRES_FATAL_ERROR in the pg_get_result function, which outputs
the following errors.
>>> Jul 7 23:17:56 ipshka openser[1980]: WARNING:postgres:pg_get_result:
>>> 0x776080: PGRES_FATAL_ERROR
>>> Jul 7 23:17:56 ipshka openser[1980]: WARNING:postgres:pg_get_result:
>>> 0x776080: ERROR: invalid byte sequence for encoding "UTF8":
The function then zeros the result and return the int value of this error,
which is apparently positive [1]. This is not recognized from openser as an
error in upper layers.
> #0 0x00002aaaad01caa8 in get_ha1 (_username=0x7c5918,
> _domain=0x7fff1761f1a0, _table=0x74e540 "subscriber",
> _ha1=0x7fff1761f0a0 "1a7e21993885536306879ec84260450e",
> res=0x7fff1761f1c0) at authorize.c:107
> 107 if (RES_ROW_N(*res) == 0) {
> (gdb) print res
> $1 = (db_res_t **) 0x7fff1761f1c0
> (gdb) print *res
> $2 = (db_res_t *) 0x0
The access to the zero result set causes the crash you observed.
I've fixed this for pg_get_result and pg_fetch_result in trunk. I've attached
a patch for the 1.3 branch to this mail. I did some basic tests, but it would
be great if you could also test the fix. :-) Then i can backport this to the
stable branch too.
Cheers,
Henning
[1] http://doxygen.postgresql.org/libpq-fe_8h-source.html
Index: modules/postgres/dbase.c
===================================================================
--- modules/postgres/dbase.c (revision 4448)
+++ modules/postgres/dbase.c (working copy)
@@ -350,12 +350,19 @@
return -2;
}
break;
+ case PGRES_FATAL_ERROR:
+ LM_ERR("%p - invalid query, execution aborted\n", _con);
+ LM_ERR("%p - PQresultStatus(%s)\n", _con, PQresStatus(pqresult));
+ if (*_res)
+ pg_free_result(*_res);
+ *_res = 0;
+ return -3;
+
case PGRES_EMPTY_QUERY:
case PGRES_COPY_OUT:
case PGRES_COPY_IN:
case PGRES_BAD_RESPONSE:
case PGRES_NONFATAL_ERROR:
- case PGRES_FATAL_ERROR:
LM_WARN("%p - probable invalid query\n", _con);
default:
LM_WARN("%p - PQresultStatus(%s)\n",
@@ -768,12 +775,19 @@
}
rc = 0;
break;
+ case PGRES_FATAL_ERROR:
+ LM_ERR("%p - invalid query, execution aborted\n", _con);
+ LM_ERR("%p: %s\n", _con, PQresStatus(pqresult));
+ LM_ERR("%p: %s\n", _con, PQresultErrorMessage(CON_RESULT(_con)));
+ if (*_r) pg_free_result(*_r);
+ *_r = 0;
+ rc = -3;
+ break;
case PGRES_EMPTY_QUERY:
case PGRES_COPY_OUT:
case PGRES_COPY_IN:
case PGRES_BAD_RESPONSE:
case PGRES_NONFATAL_ERROR:
- case PGRES_FATAL_ERROR:
LM_WARN("%p Probable invalid query\n", _con);
default:
LM_WARN("%p: %s\n", _con, PQresStatus(pqresult));
_______________________________________________
Devel mailing list
Devel@lists.openser.org
http://lists.openser.org/cgi-bin/mailman/listinfo/devel
