The attached patch implements the password packet length sanity check

(using an elog(LOG) ), as well as includes a few more comment fixes.

Neil Conway

src/backend/libpq/auth.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.84 2002/08/27 15:15:22 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.85 2002/08/27 16:21:50 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -808,6 +808,17 @@ recv_and_check_password_packet(Port *port)
 		pfree(buf.data);
 		return STATUS_EOF;
 	}
+	/*
+	 * We don't actually use the password packet length the frontend
+	 * sent us; however, it's a reasonable sanity check to ensure that
+	 * we actually read as much data as we expected to.
+	 *
+	 * The password packet size is the length of the buffer, plus the
+	 * size field itself (4 bytes), plus a 1-byte terminator.
+	 */
+	if (len != (buf.len + 4 + 1))
+		elog(LOG, "unexpected password packet size: read %d, expected %d",
+			 buf.len + 4 + 1, len);
 
 	/* Do not echo password to logs, for security. */
 	elog(DEBUG5, "received password packet");

src/include/libpq/pqcomm.h

@@ -9,7 +9,7 @@
  * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $Id: pqcomm.h,v 1.67 2002/08/27 15:15:23 momjian Exp $
+ * $Id: pqcomm.h,v 1.68 2002/08/27 16:21:51 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -111,16 +111,13 @@ typedef uint32 PacketLen;
  */
 
 /*
- * FIXME: remove the fixed size limitations on database & user name, use
- * variable length fields instead. The actual values will still be
- * limited by NAMEDATALEN, but this will at least allow changing
- * NAMEDATALEN to increase database & user name limits without changing
- * the protocol. -neilc, 2002/08/27
+ * FIXME: remove the fixed size limitations on the database name, user
+ * name, and options fields and use a variable length field instead. The
+ * actual limits on database & user name will then be NAMEDATALEN, which
+ * can be changed without changing the FE/BE protocol. -neilc,2002/08/27
  */
  
-/* These should all be of near-unlimited length, perhap 10k */
 #define SM_DATABASE		64
-/* SM_USER should be the same size as the others.  bjm 2002-06-02 */
 #define SM_USER			32
 /* We append database name if db_user_namespace true. */
 #define SM_DATABASE_USER (SM_DATABASE+SM_USER+1) /* +1 for @ */

src/interfaces/libpq/fe-connect.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.196 2002/08/27 15:02:50 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.197 2002/08/27 16:21:51 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -1132,7 +1132,7 @@ connectDBComplete(PGconn *conn)
 		/*
 		 * If connecting timeout is set, calculate remain time.
 		 */
-		if (NULL != rp)
+		if (rp != NULL)
 		{
 			if (gettimeofday(&finish_time, NULL) == -1)
 			{
@@ -1152,8 +1152,8 @@ connectDBComplete(PGconn *conn)
 			remains.tv_sec -= finish_time.tv_sec - start_time.tv_sec;
 		}
 	}
-      conn->status = CONNECTION_BAD;
-      return 0;
+	conn->status = CONNECTION_BAD;
+	return 0;
 }
 
 /* ----------------
@@ -1162,7 +1162,8 @@ connectDBComplete(PGconn *conn)
  * Poll an asynchronous connection.
  *
  * Returns a PostgresPollingStatusType.
- * Before calling this function, use select(2) to determine when data arrive.
+ * Before calling this function, use select(2) to determine when data
+ * has arrived..
  *
  * You must call PQfinish whether or not this fails.
  *
@@ -1356,7 +1357,7 @@ keep_going:						/* We will come back to here until there
 				{
 					if (pqGets(&conn->errorMessage, conn))
 					{
-						/* We'll come back when there are more data */
+						/* We'll come back when there is more data */
 						return PGRES_POLLING_READING;
 					}
 					/* OK, we read the message; mark data consumed */