| Summary: | apr_dbd_pgsql does not check column number | ||
|---|---|---|---|
| Product: | APR | Reporter: | Michiel van Loon <michiel> |
| Component: | APR-util | Assignee: | Apache Portable Runtime bugs mailinglist <bugs> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | michiel |
| Priority: | P2 | Keywords: | FixedInTrunk, PatchAvailable |
| Version: | HEAD | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Attachments: | Patch to suppress column number out of range message with pgsql | ||
Is PQnfields() a trivial-cost function call, or could it be better to look it up once and store it? PQnfields just returns res->numAttributes if res is valid. I don't think it is needed to store the result.
from fe-exec.c of libpq:
int
PQnfields(const PGresult *res)
{
if (!res)
return 0;
return res->numAttributes;
}
I've committed the patch to trunk in r704986. Thanks for the report. Backported to 1.3.x now. 1.4.x already has this. Thanks for the patch! |
Created attachment 22733 [details] Patch to suppress column number out of range message with pgsql In apr_dbd_pgsql.c calls are made to PQfname. When the column number 'n' is too big libpq issues an error message that appears in the apache error log like 'column number 3 is out of range 0..2'. As this function is called at every password check, my logfiles consists for 99% of these messages now. The patch attachedto this bug report removes the error message by first validating the column number.