Re: Bug Report with Postgres 7.4 on AIX 5.3

Dear Support,

We try to install Postgres 7.4 on AIX 5.3 (IBM,9111-520).
The compilation is good and we are able to start the postmaster.
When we try to start the psql we got the following error :
FATAL: unsupported frontend protocol 0.0: server supports 1.0 to 3.0

We run the psql under the AIX debugger dbx and our conclusions are the
following :

In the file fe-connect.c we try to copy a area of 1025 in the
conn->raddr.addr area but the size of that area is only 144.
The result is a corruption of the pg_conn structure

+1175 /* Remember current address
for possible error msg */
+1176 memcpy(&conn->raddr.addr,
addr_cur->ai_addr,
+1177
addr_cur->ai_addrlen);

The addr_cur->ai_addrlen is set with the sizeof(struct sockaddr_un) in the
file ip.c.

In the file libpq-int.h the structure pg_conn contains 2 fields SockAddr
* PGconn stores all the state data associated with a single connection
* to a backend.
*/
struct pg_conn
{
...
SockAddr laddr; /* Local address */
SockAddr raddr;
...
}

The structure SockAddr is defined in the file pqcomm.h

typedef struct
{
struct sockaddr_storage addr;
ACCEPT_TYPE_ARG3 salen;
} SockAddr;

On Our AIX 5.3 the sockaddr_un is defined in the file /usr/include/sys/un.h

#if defined(COMPAT_43) && !defined(_KERNEL)
struct sockaddr_un {
ushort_t sun_family; /* AF_UNIX */
char sun_path[PATH_MAX]; /* changed from 104 to PATH_MAX to
support long user names */
};
#else
struct sockaddr_un {
uchar_t sun_len; /* sockaddr len including null */
sa_family_t sun_family; /* AF_UNIX */
char sun_path[PATH_MAX]; /* changed from 104 to PATH_MAX to
support long user names */
};
#endif /* COMPAT_43 && !_KERNEL */

PATH_MAX is defined in the file /usr/include/sys/limits.h

#if _POSIX_C_SOURCE >= 200112L && !(defined _ALL_SOURCE) ||
defined(_PATHMAX_HAS_NULL)
#define PATH_MAX 1024 /* max number of bytes in a
pathname.
includes a terminating null */
#else
#define PATH_MAX 1023
#endif

In our platform the sizeof of struct sockaddr_un is 1025 and the sizeof of
SockAddr is 144.
In conclusion the instructions done in the function PQconnectPoll cause a
memory overflow !!!

+1175 /* Remember current address
for possible error msg */
+1176 memcpy(&conn->raddr.addr,
addr_cur->ai_addr,
+1177
addr_cur->ai_addrlen);

Are you aware about this problem ?
Could you give us a way to solve the problem ?

Kind Regards,
Vincent Vanwynsberghe

Vincent Vanwynsberghe <vvanwynsberghe(at)ccncsi(dot)net> writes:
> In our platform the sizeof of struct sockaddr_un is 1025 and the sizeof of
> SockAddr is 144.

Doesn't AIX provide struct sockaddr_storage? That struct has to be at
least as large as any of the other platform-specific sockaddr structs.

regards, tom lane

The AIX 5.3 provide the structure sockaddr_storage :

struct sockaddr_storage {
ushort_t __ss_family; /* address family */
char __ss_pad1[_SS_PAD1SIZE]; /* pad up to alignment
field */
#if defined(__64BIT__) || (defined(_ALL_SOURCE) && defined(_LONG_LONG))
int64_t __ss_align; /* field to force desired structure
*/
/* storage alignment */
#else
int __ss_align[2];
#endif
char __ss_pad2[_SS_PAD2SIZE];
/* pad to achieve desired size */
};

In Postgres the structure SockAddr is the following :
typedef struct
{
struct sockaddr_storage addr;
ACCEPT_TYPE_ARG3 salen;
} SockAddr

In Postgress this structure sockaddr_storage is filled with the structure
sockaddr_un but the size of sockaddr_storage
is less then the size of sockaddr_un and cause a memory overflow !

Do you have any idea how to find a workaround ?

Vincent Vanwynsberghe

> -----Original Message-----
> From: Tom Lane [mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us]
> Sent: mardi 10 mai 2005 18:46
> To: vvanwynsberghe(at)ccncsi(dot)net
> Cc: pgsql-ports(at)postgresql(dot)org; pgsql-bugs(at)postgresql(dot)org
> Subject: Re: [BUGS] Bug Report with Postgres 7.4 on AIX 5.3
>
>
> Vincent Vanwynsberghe <vvanwynsberghe(at)ccncsi(dot)net> writes:
> > In our platform the sizeof of struct sockaddr_un is 1025 and
> the sizeof of
> > SockAddr is 144.
>
> Doesn't AIX provide struct sockaddr_storage? That struct has to be at
> least as large as any of the other platform-specific sockaddr structs.
>
> regards, tom lane

Vincent Vanwynsberghe <vvanwynsberghe(at)ccncsi(dot)net> writes:
> The AIX 5.3 provide the structure sockaddr_storage :
> ...
> In Postgress this structure sockaddr_storage is filled with the structure
> sockaddr_un but the size of sockaddr_storage
> is less then the size of sockaddr_un and cause a memory overflow !

> Do you have any idea how to find a workaround ?

Report this bug to IBM: the AIX headers are defining the structs wrong.
You can quote RFC 3493 - Basic Socket Interface Extensions for IPv6
section 3.10:

One simple addition to the sockets API that can help application
writers is the "struct sockaddr_storage". This data structure can
simplify writing code that is portable across multiple address
families and platforms. This data structure is designed with the
following goals.

- Large enough to accommodate all supported protocol-specific address
structures.

regards, tom lane

On 2005-05-11, Vincent Vanwynsberghe <vvanwynsberghe(at)ccncsi(dot)net> wrote:
> The AIX 5.3 provide the structure sockaddr_storage :
>
> struct sockaddr_storage {
> ushort_t __ss_family; /* address family */
> char __ss_pad1[_SS_PAD1SIZE]; /* pad up to alignment
> field */
> #if defined(__64BIT__) || (defined(_ALL_SOURCE) && defined(_LONG_LONG))
> int64_t __ss_align; /* field to force desired structure
> */
> /* storage alignment */
> #else
> int __ss_align[2];
> #endif
> char __ss_pad2[_SS_PAD2SIZE];
> /* pad to achieve desired size */
> };

If the size of sockaddr_storage is less than the size of sockaddr_un
(or any sockaddr_* structure) then this is a bug in AIX, because the
Unix standards clearly specify that sockaddr_storage must be both sized
and aligned such that a sockaddr_* struct for any supported protocol
can be stored there.

See the entry for <sys/socket.h> in the Headers chapter of the
Base Definitions volume of the SUSv3.

--
Andrew, Supernews
http://www.supernews.com - individual and corporate NNTP services