Magnus Hagander wrote:
> Alex Hunsaker wrote:
>> On Sat, Dec 27, 2008 at 11:50, Andrew Chernow <ac@esilo.com> wrote:
>>> Why does pqGetHomeDirectory have to succeed to use conn->sslrootcert. Maybe
>>> this should be an OR of the two since sslrootcert is not dependent on
>>> homedir?
>>>
>>> around line 970 src/interfaces/libpq/fe-secure.c
>>>
>>> if (conn->sslrootcert || pqGetHomeDirectory(homedir, sizeof(homedir)))>>
>> Certainly, did we miss anywhere else?
>>
Yes, the homedir variable is used again later in the function. homedir could be
invalid since pqGetHomeDirectory might not get called. Maybe something like
below would do the trick:
/* when used, it can't be an empty string. */
*homedir = 0;
/* If either are NULL, homedir is needed */
if (!conn->sslrootcert || !conn->sslcrl) pqGetHomeDirectory(homedir, sizeof(homedir));
/* one of them must be valid */
if (conn->sslrootcert || *homedir)
> I agree it looks strange.
>
> That said, have you actually seen a case where pqGetHomeDirectory()
> fails? Or did you just notice the code?
>
It can fail. For non-windows systems, it can fail on pqGetpwuid; which equates
to getpwuid or getpwuid_r failing. On windows, it can fail on SHGetFolderPath. I really have no idea how likely
eitherfailure case is.
--
Andrew Chernow
eSilo, LLC
every bit counts
http://www.esilo.com/