diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2022-01-17 13:30:04 -0500 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2022-01-17 13:30:04 -0500 |
| commit | 6d1a854c157eb4a139e06f19a8cd1b53bdec7e6f (patch) | |
| tree | e48b264e59699d302efa2cddd88359e81d7f0d33 /src/bin/scripts/common.c | |
| parent | 38f099ef935b34388af2ae52c1098d2c9773465a (diff) | |
| download | postgresql-6d1a854c157eb4a139e06f19a8cd1b53bdec7e6f.tar.gz postgresql-6d1a854c157eb4a139e06f19a8cd1b53bdec7e6f.zip | |
Avoid calling gettext() in signal handlers.
It seems highly unlikely that gettext() can be relied on to be
async-signal-safe. psql used to understand that, but someone got
it wrong long ago in the src/bin/scripts/ version of handle_sigint,
and then the bad idea was perpetuated when those two versions were
unified into src/fe_utils/cancel.c.
I'm unsure why there have not been field complaints about this
... maybe gettext() is signal-safe once it's translated at least
one message? But we have no business assuming any such thing.
In cancel.c (v13 and up), I preserved our ability to localize
"Cancel request sent" messages by invoking gettext() before
the signal handler is set up. In earlier branches I just made
src/bin/scripts/ not localize those messages, as psql did then.
(Just for extra unsafety, the src/bin/scripts/ version was
invoking fprintf() from a signal handler. Sigh.)
Noted while fixing signal-safety issues in PQcancel() itself.
Back-patch to all supported branches.
Discussion: https://postgr.es/m/2937814.1641960929@sss.pgh.pa.us
Diffstat (limited to 'src/bin/scripts/common.c')
| -rw-r--r-- | src/bin/scripts/common.c | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/src/bin/scripts/common.c b/src/bin/scripts/common.c index bb52e6b9ffe..2de696c19ef 100644 --- a/src/bin/scripts/common.c +++ b/src/bin/scripts/common.c @@ -23,6 +23,19 @@ #include "fe_utils/string_utils.h" +/* + * Write a simple string to stderr --- must be safe in a signal handler. + * We ignore the write() result since there's not much we could do about it. + * Certain compilers make that harder than it ought to be. + */ +#define write_stderr(str) \ + do { \ + const char *str_ = (str); \ + int rc_; \ + rc_ = write(fileno(stderr), str_, strlen(str_)); \ + (void) rc_; \ + } while (0) + #define PQmblenBounded(s, e) strnlen(s, PQmblen(s, e)) static PGcancel *volatile cancelConn = NULL; @@ -485,10 +498,13 @@ handle_sigint(SIGNAL_ARGS) if (PQcancel(cancelConn, errbuf, sizeof(errbuf))) { CancelRequested = true; - fprintf(stderr, _("Cancel request sent\n")); + write_stderr("Cancel request sent\n"); } else - fprintf(stderr, _("Could not send cancel request: %s"), errbuf); + { + write_stderr("Could not send cancel request: "); + write_stderr(errbuf); + } } else CancelRequested = true; @@ -522,11 +538,14 @@ consoleHandler(DWORD dwCtrlType) { if (PQcancel(cancelConn, errbuf, sizeof(errbuf))) { - fprintf(stderr, _("Cancel request sent\n")); CancelRequested = true; + write_stderr("Cancel request sent\n"); } else - fprintf(stderr, _("Could not send cancel request: %s"), errbuf); + { + write_stderr("Could not send cancel request: "); + write_stderr(errbuf); + } } else CancelRequested = true; |