Re: The Axe list
От | D'Arcy J.M. Cain |
---|---|
Тема | Re: The Axe list |
Дата | |
Msg-id | 20081012104121.dc106ca8.darcy@druid.net обсуждение исходный текст |
Ответ на | Re: The Axe list ("Marko Kreen" <markokr@gmail.com>) |
Ответы |
Re: The Axe list
(Martijn van Oosterhout <kleptog@svana.org>)
Re: The Axe list (Tom Lane <tgl@sss.pgh.pa.us>) Re: The Axe list (Magnus Hagander <magnus@hagander.net>) |
Список | pgsql-hackers |
On Sun, 12 Oct 2008 12:57:58 +0300 "Marko Kreen" <markokr@gmail.com> wrote: > On 10/11/08, D'Arcy J.M. Cain <darcy@druid.net> wrote: > > + if (!random_initialized) > > + { > > + srandom((unsigned int) time(NULL)); > > + random_initialized = true; > > + } > > This is bad idea, postgres already does srandom() Is that new? I added that to my local version at one time because I was getting the same salt every time I ran it. > > - * but I like to play safe */ > > + mysalt[2] = 0; /* technically the terminator is not > > + * necessary but I like to play safe */ > > strcpy(result->password, crypt(str, mysalt)); > > PG_RETURN_POINTER(result); > > } > > Comment change only? Ok. If that turns out to be the only change I won't bother. > > + if ((result = (char *) palloc(16)) != NULL) > > + { > > + result[0] = ':'; > > + strcpy(result + 1, password->password); > > + } > > AFAIK palloc() cannot return NULL? Really? My program will simply come crashing down if there is a memory problem without giving me a chance to clean up? > > + if (!a1 || !a2) > > + PG_RETURN_BOOL(0); > > + > > text_to_cstring_buffer(a2, str, sizeof(str)); > > PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) == 0); > > } > > @@ -154,6 +166,9 @@ chkpass_ne(PG_FUNCTION_ARGS) > > text *a2 = PG_GETARG_TEXT_PP(1); > > char str[9]; > > > > + if (!a1 || !a2) > > + PG_RETURN_BOOL(0); > > + > > text_to_cstring_buffer(a2, str, sizeof(str)); > > PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) != 0); > > > > } > > The functions are already defined as STRICT, so unnecessary. > Also returning non-NULL on NULL input seems to go against SQL style. I'm a belt and suspenders guy. However, I agree that this is unneccessary. So, I guess I just need to know, how long has PG been doing srandom(). -- D'Arcy J.M. Cain <darcy@druid.net> | Democracy is three wolves http://www.druid.net/darcy/ | and a sheep voting on +1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner.
В списке pgsql-hackers по дате отправления:
Предыдущее
От: "Robert Haas"Дата:
Сообщение: Re: SELECT TOP %d PERCENT, or SELECT ... LIMIT %d PERCENT ?