diff options
| author | Andres Freund <andres@anarazel.de> | 2023-01-23 18:04:02 -0800 |
|---|---|---|
| committer | Andres Freund <andres@anarazel.de> | 2023-01-23 18:27:45 -0800 |
| commit | 704a330a9ee882bebbe4abe44c9f174ceaaf2f69 (patch) | |
| tree | a59f04f52e1fce6e99d778d7f419b802214d630a | |
| parent | 5dc582da6b9a281321e687ae2b52f96b929d8d0e (diff) | |
| download | postgresql-704a330a9ee882bebbe4abe44c9f174ceaaf2f69.tar.gz postgresql-704a330a9ee882bebbe4abe44c9f174ceaaf2f69.zip | |
Fix error handling in libpqrcv_connect()
When libpqrcv_connect (also known as walrcv_connect()) failed, it leaked the
libpq connection. In most paths that's fairly harmless, as the calling process
will exit soon after. But e.g. CREATE SUBSCRIPTION could lead to a somewhat
longer lived leak.
Fix by releasing resources, including the libpq connection, on error.
Add a test exercising the error code path. To make it reliable and safe, the
test tries to connect to port=-1, which happens to fail during connection
establishment, rather than during connection string parsing.
Reviewed-by: Noah Misch <noah@leadboat.com>
Discussion: https://postgr.es/m/20230121011237.q52apbvlarfv6jm6@awork3.anarazel.de
Backpatch: 11-
| -rw-r--r-- | src/backend/replication/libpqwalreceiver/libpqwalreceiver.c | 26 | ||||
| -rw-r--r-- | src/test/regress/expected/subscription.out | 10 | ||||
| -rw-r--r-- | src/test/regress/sql/subscription.sql | 9 |
3 files changed, 32 insertions, 13 deletions
diff --git a/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c b/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c index 0d89db4e6a6..096a08eea6f 100644 --- a/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c +++ b/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c @@ -177,10 +177,7 @@ libpqrcv_connect(const char *conninfo, bool logical, const char *appname, conn->streamConn = PQconnectStartParams(keys, vals, /* expand_dbname = */ true); if (PQstatus(conn->streamConn) == CONNECTION_BAD) - { - *err = pchomp(PQerrorMessage(conn->streamConn)); - return NULL; - } + goto bad_connection_errmsg; /* * Poll connection until we have OK or FAILED status. @@ -222,10 +219,7 @@ libpqrcv_connect(const char *conninfo, bool logical, const char *appname, } while (status != PGRES_POLLING_OK && status != PGRES_POLLING_FAILED); if (PQstatus(conn->streamConn) != CONNECTION_OK) - { - *err = pchomp(PQerrorMessage(conn->streamConn)); - return NULL; - } + goto bad_connection_errmsg; if (logical) { @@ -236,9 +230,9 @@ libpqrcv_connect(const char *conninfo, bool logical, const char *appname, if (PQresultStatus(res) != PGRES_TUPLES_OK) { PQclear(res); - ereport(ERROR, - (errmsg("could not clear search path: %s", - pchomp(PQerrorMessage(conn->streamConn))))); + *err = psprintf(_("could not clear search path: %s"), + pchomp(PQerrorMessage(conn->streamConn))); + goto bad_connection; } PQclear(res); } @@ -246,6 +240,16 @@ libpqrcv_connect(const char *conninfo, bool logical, const char *appname, conn->logical = logical; return conn; + + /* error path, using libpq's error message */ +bad_connection_errmsg: + *err = pchomp(PQerrorMessage(conn->streamConn)); + + /* error path, error already set */ +bad_connection: + PQfinish(conn->streamConn); + pfree(conn); + return NULL; } /* diff --git a/src/test/regress/expected/subscription.out b/src/test/regress/expected/subscription.out index 5db7146e061..ab587354755 100644 --- a/src/test/regress/expected/subscription.out +++ b/src/test/regress/expected/subscription.out @@ -71,7 +71,15 @@ ERROR: cannot enable subscription that does not have a slot name ALTER SUBSCRIPTION regress_testsub3 REFRESH PUBLICATION; ERROR: ALTER SUBSCRIPTION ... REFRESH is not allowed for disabled subscriptions DROP SUBSCRIPTION regress_testsub3; --- fail - invalid connection string +-- fail, connection string does not parse +CREATE SUBSCRIPTION regress_testsub5 CONNECTION 'i_dont_exist=param' PUBLICATION testpub; +ERROR: invalid connection string syntax: invalid connection option "i_dont_exist" + +-- fail, connection string parses, but doesn't work (and does so without +-- connecting, so this is reliable and safe) +CREATE SUBSCRIPTION regress_testsub5 CONNECTION 'port=-1' PUBLICATION testpub; +ERROR: could not connect to the publisher: invalid port number: "-1" +-- fail - invalid connection string during ALTER ALTER SUBSCRIPTION regress_testsub CONNECTION 'foobar'; ERROR: invalid connection string syntax: missing "=" after "foobar" in connection info string diff --git a/src/test/regress/sql/subscription.sql b/src/test/regress/sql/subscription.sql index 74c38ead5d6..7c5e7487bc7 100644 --- a/src/test/regress/sql/subscription.sql +++ b/src/test/regress/sql/subscription.sql @@ -56,7 +56,14 @@ ALTER SUBSCRIPTION regress_testsub3 REFRESH PUBLICATION; DROP SUBSCRIPTION regress_testsub3; --- fail - invalid connection string +-- fail, connection string does not parse +CREATE SUBSCRIPTION regress_testsub5 CONNECTION 'i_dont_exist=param' PUBLICATION testpub; + +-- fail, connection string parses, but doesn't work (and does so without +-- connecting, so this is reliable and safe) +CREATE SUBSCRIPTION regress_testsub5 CONNECTION 'port=-1' PUBLICATION testpub; + +-- fail - invalid connection string during ALTER ALTER SUBSCRIPTION regress_testsub CONNECTION 'foobar'; \dRs+ |