There are only a few (not necessarily thread-safe) strerror() calls in
the backend; most other potential users use %m in a format string.
In two cases, the reason for using strerror() was that we needed to
print the error message twice, and so errno has to be reset for the
second time. And/or some of this code is from before snprintf() gained
%m support. This can easily be simplified now.
The other is a workaround for OpenSSL that we have already handled in an
equivalent way in libpq.
(And there is one in postmaster.c, but that one is before forking.)
I think we can apply these patches now to check this off the list of
not-thread-safe functions to check.From c2ce542d61d5e86ab138b72e2e0d74fdac589f04 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <pe...@eisentraut.org>
Date: Mon, 2 Sep 2024 11:02:22 +0200
Subject: [PATCH 1/2] Remove a couple of strerror() calls
Change to using %m in the error message string. We need to be a bit
careful here to preserve errno until we need to print it.
This change avoids the use of not-thread-safe strerror() and unifies
some error message strings, and maybe makes the code appear more
consistent.
---
src/backend/libpq/hba.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c
index 75d588e36a1..2fd96a71294 100644
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@@ -624,8 +624,11 @@ open_auth_file(const char *filename, int elevel, int depth,
errmsg("could not open file \"%s\": %m",
filename)));
if (err_msg)
- *err_msg = psprintf("could not open file \"%s\": %s",
- filename,
strerror(save_errno));
+ {
+ errno = save_errno;
+ *err_msg = psprintf("could not open file \"%s\": %m",
+ filename);
+ }
/* the caller may care about some specific errno */
errno = save_errno;
return NULL;
@@ -762,8 +765,9 @@ tokenize_auth_file(const char *filename, FILE *file, List
**tok_lines,
ereport(elevel,
(errcode_for_file_access(),
errmsg("could not read file \"%s\":
%m", filename)));
- err_msg = psprintf("could not read file \"%s\": %s",
- filename,
strerror(save_errno));
+ errno = save_errno;
+ err_msg = psprintf("could not read file \"%s\": %m",
+ filename);
break;
}
--
2.46.0
From a2ad11452ac8c8036981bcfa5777ad7c5068aa4a Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <pe...@eisentraut.org>
Date: Mon, 2 Sep 2024 11:08:13 +0200
Subject: [PATCH 2/2] Avoid strerror()
Replace one strerror() with strerror_r(), mirroring the equivalent
code in frontend libpq.
---
src/backend/libpq/be-secure-openssl.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/backend/libpq/be-secure-openssl.c
b/src/backend/libpq/be-secure-openssl.c
index 60cf5d16e74..a04a514bff9 100644
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -1456,7 +1456,7 @@ static const char *
SSLerrmessage(unsigned long ecode)
{
const char *errreason;
- static char errbuf[36];
+ static char errbuf[128];
if (ecode == 0)
return _("no SSL error reported");
@@ -1473,7 +1473,10 @@ SSLerrmessage(unsigned long ecode)
*/
#ifdef ERR_SYSTEM_ERROR
if (ERR_SYSTEM_ERROR(ecode))
- return strerror(ERR_GET_REASON(ecode));
+ {
+ strerror_r(ERR_GET_REASON(ecode), errbuf, sizeof(errbuf));
+ return errbuf;
+ }
#endif
/* No choice but to report the numeric ecode */
--
2.46.0
