diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2017-03-26 17:35:35 -0400 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2017-03-26 17:35:35 -0400 |
| commit | 24fc43d40aad5f888f22af9a543113a168a08307 (patch) | |
| tree | 91254bc862b3141dd39db78d902b2571ec8cbfe7 /src/backend/libpq/auth.c | |
| parent | 42a60aa7f2074d1e1cd48f278a00c7d1423f2fb6 (diff) | |
| download | postgresql-24fc43d40aad5f888f22af9a543113a168a08307.tar.gz postgresql-24fc43d40aad5f888f22af9a543113a168a08307.zip | |
Fix unportable disregard of alignment requirements in RADIUS code.
The compiler is entitled to store a char[] local variable with no
particular alignment requirement. Our RADIUS code cavalierly took such
a local variable and cast its address to a struct type that does have
alignment requirements. On an alignment-picky machine this would lead
to bus errors. To fix, declare the local variable honestly, and then
cast its address to char * for use in the I/O calls.
Given the lack of field complaints, there must be very few if any
people affected; but nonetheless this is a clear portability issue,
so back-patch to all supported branches.
Noted while looking at a Coverity complaint in the same code.
Diffstat (limited to 'src/backend/libpq/auth.c')
| -rw-r--r-- | src/backend/libpq/auth.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 936a7ccae57..5b63d297606 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -2168,13 +2168,15 @@ CheckCertAuth(Port *port) */ /* - * RADIUS authentication is described in RFC2865 (and several - * others). + * RADIUS authentication is described in RFC2865 (and several others). */ #define RADIUS_VECTOR_LENGTH 16 #define RADIUS_HEADER_LENGTH 20 +/* Maximum size of a RADIUS packet we will create or accept */ +#define RADIUS_BUFFER_SIZE 1024 + typedef struct { uint8 attribute; @@ -2188,6 +2190,8 @@ typedef struct uint8 id; uint16 length; uint8 vector[RADIUS_VECTOR_LENGTH]; + /* this is a bit longer than strictly necessary: */ + char pad[RADIUS_BUFFER_SIZE - RADIUS_VECTOR_LENGTH]; } radius_packet; /* RADIUS packet types */ @@ -2204,9 +2208,6 @@ typedef struct /* RADIUS service types */ #define RADIUS_AUTHENTICATE_ONLY 8 -/* Maximum size of a RADIUS packet we will create or accept */ -#define RADIUS_BUFFER_SIZE 1024 - /* Seconds to wait - XXX: should be in a config variable! */ #define RADIUS_TIMEOUT 3 @@ -2241,10 +2242,12 @@ CheckRADIUSAuth(Port *port) { char *passwd; char *identifier = "postgresql"; - char radius_buffer[RADIUS_BUFFER_SIZE]; - char receive_buffer[RADIUS_BUFFER_SIZE]; - radius_packet *packet = (radius_packet *) radius_buffer; - radius_packet *receivepacket = (radius_packet *) receive_buffer; + radius_packet radius_send_pack; + radius_packet radius_recv_pack; + radius_packet *packet = &radius_send_pack; + radius_packet *receivepacket = &radius_recv_pack; + char *radius_buffer = (char *) &radius_send_pack; + char *receive_buffer = (char *) &radius_recv_pack; int32 service = htonl(RADIUS_AUTHENTICATE_ONLY); uint8 *cryptvector; uint8 encryptedpassword[RADIUS_VECTOR_LENGTH]; |