Re: thread-safety: getpwuid_r()
Heikki Linnakangas <hlinnaka@iki.fi>
From: Heikki Linnakangas <hlinnaka@iki.fi>
To: Peter Eisentraut <peter@eisentraut.org>,
pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2024-08-24T13:55:06Z
Lists: pgsql-hackers
On 24/08/2024 11:42, Peter Eisentraut wrote: > Here is a patch to replace a getpwuid() call in the backend, for > thread-safety. > > This is AFAICT the only call in the getpw*() family that needs to be > dealt with. > > (There is also a getgrnam() call, but that is called very early in the > postmaster, before multiprocessing, so we can leave that as is.) > > The solution here is actually quite attractive: We can replace the > getpwuid() call by the existing wrapper function pg_get_user_name(), > which internally uses getpwuid_r(). This also makes the code a bit > simpler. The same function is already used in libpq for a purpose that > mirrors the backend use, so it's also nicer to use the same function for > consistency. Makes sense. The temporary buffers are a bit funky. pg_get_user_name() internally uses a BUFSIZE-sized area to hold the result of getpwuid_r(). If the pg_get_user_name() caller passes a buffer smaller than BUFSIZE, the user id might get truncated. I don't think that's a concern on any real-world system, and the callers do pass a large-enough buffer so truncation can't happen. At a minimum, it would be good to add a comment to pg_get_user_name() along the lines of "if 'buflen' is smaller than BUFSIZE, the result might be truncated". Come to think of it, the pg_get_user_name() function is just a thin wrapper around getpwuid_r(). It doesn't provide a lot of value. Perhaps we should remove pg_get_user_name() and pg_get_user_home_dir() altogether and call getpwuid_r() directly. But no objection to committing this as it is, either. -- Heikki Linnakangas Neon (https://neon.tech)
Commits
-
More use of getpwuid_r() directly
- 4d5111b3f1a1 18.0 landed