Re: thread-safety: getpwuid_r()

On 24/08/2024 11:42, Peter Eisentraut wrote:
> Here is a patch to replace a getpwuid() call in the backend, for
> thread-safety.
> 
> This is AFAICT the only call in the getpw*() family that needs to be
> dealt with.
> 
> (There is also a getgrnam() call, but that is called very early in the
> postmaster, before multiprocessing, so we can leave that as is.)
> 
> The solution here is actually quite attractive: We can replace the
> getpwuid() call by the existing wrapper function pg_get_user_name(),
> which internally uses getpwuid_r().  This also makes the code a bit
> simpler.  The same function is already used in libpq for a purpose that
> mirrors the backend use, so it's also nicer to use the same function for
> consistency.

Makes sense.

The temporary buffers are a bit funky. pg_get_user_name() internally 
uses a BUFSIZE-sized area to hold the result of getpwuid_r(). If the 
pg_get_user_name() caller passes a buffer smaller than BUFSIZE, the user 
id might get truncated. I don't think that's a concern on any real-world 
system, and the callers do pass a large-enough buffer so truncation 
can't happen. At a minimum, it would be good to add a comment to 
pg_get_user_name() along the lines of "if 'buflen' is smaller than 
BUFSIZE, the result might be truncated".

Come to think of it, the pg_get_user_name() function is just a thin 
wrapper around getpwuid_r(). It doesn't provide a lot of value. Perhaps 
we should remove pg_get_user_name() and pg_get_user_home_dir() 
altogether and call getpwuid_r() directly.

But no objection to committing this as it is, either.

-- 
Heikki Linnakangas
Neon (https://neon.tech)