From 8ac0365c22f20dcd2a6b6752b95b665ada83e858 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Thu, 2 Feb 2017 19:49:15 -0500 Subject: [PATCH] Avoid improbable null pointer dereference in pgpassfileWarning(). Coverity complained that we might pass a null pointer to strcmp() if PQresultErrorField were to return NULL. That shouldn't be possible, since the server is supposed to always provide some SQLSTATE or other in an error message. But we usually defend against such hazards, and it only takes a little more code to do so here. There's no good reason to think this is a live bug, so no back-patch. --- src/interfaces/libpq/fe-connect.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index 0dda1804a5..b83af64e09 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -6312,22 +6312,23 @@ passwordFromFile(char *hostname, char *port, char *dbname, /* - * If the connection failed, we should mention if - * we got the password from the pgpassfile in case that - * password is wrong. + * If the connection failed due to bad password, we should mention + * if we got the password from the pgpassfile. */ static void pgpassfileWarning(PGconn *conn) { /* If it was 'invalid authorization', add pgpassfile mention */ /* only works with >= 9.0 servers */ - if (conn->pgpassfile_used && conn->password_needed && conn->result && - strcmp(PQresultErrorField(conn->result, PG_DIAG_SQLSTATE), - ERRCODE_INVALID_PASSWORD) == 0) + if (conn->pgpassfile_used && conn->password_needed && conn->result) { - appendPQExpBuffer(&conn->errorMessage, + const char *sqlstate = PQresultErrorField(conn->result, + PG_DIAG_SQLSTATE); + + if (sqlstate && strcmp(sqlstate, ERRCODE_INVALID_PASSWORD) == 0) + appendPQExpBuffer(&conn->errorMessage, libpq_gettext("password retrieved from file \"%s\"\n"), - conn->pgpassfile); + conn->pgpassfile); } }