libpq: Use strerror_r instead of strerror

Commit 453c4687377 introduced a use of strerror() into libpq, but that
is not thread-safe.  Fix by using strerror_r() instead.

In passing, update some of the code comments added by 453c4687377, as
we have learned more about the reason for the change in OpenSSL that
started this.

Reviewed-by: Daniel Gustafsson <[email protected]>
Discussion: Discussion: https://postgr.es/m/b6fb018b-f05c-4afd-abd3-318c649faf18@highgo.ca

diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 378e06b4d6e1f2911a78e38a46ed51e84bb7fdf9..685537268de18fd8c4b858098cb58242499dffaf 100644 (file)
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -1125,10 +1125,11 @@ SSLerrmessage(unsigned long ecode)
        return errreason;
 
    /*
-    * In OpenSSL 3.0.0 and later, ERR_reason_error_string randomly refuses to
-    * map system errno values.  We can cover that shortcoming with this bit
-    * of code.  Older OpenSSL versions don't have the ERR_SYSTEM_ERROR macro,
-    * but that's okay because they don't have the shortcoming either.
+    * In OpenSSL 3.0.0 and later, ERR_reason_error_string does not map system
+    * errno values anymore.  (See OpenSSL source code for the explanation.)
+    * We can cover that shortcoming with this bit of code.  Older OpenSSL
+    * versions don't have the ERR_SYSTEM_ERROR macro, but that's okay because
+    * they don't have the shortcoming either.
     */
 #ifdef ERR_SYSTEM_ERROR
    if (ERR_SYSTEM_ERROR(ecode))

diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
index f80e09d0e8b2f666c5fae29d250ef9c9c0c34970..6ed3412c6438afdff48d1b87de14f421ab41645b 100644 (file)
--- a/src/interfaces/libpq/fe-secure-openssl.c
+++ b/src/interfaces/libpq/fe-secure-openssl.c
@@ -1387,15 +1387,16 @@ SSLerrmessage(unsigned long ecode)
    }
 
    /*
-    * In OpenSSL 3.0.0 and later, ERR_reason_error_string randomly refuses to
-    * map system errno values.  We can cover that shortcoming with this bit
-    * of code.  Older OpenSSL versions don't have the ERR_SYSTEM_ERROR macro,
-    * but that's okay because they don't have the shortcoming either.
+    * In OpenSSL 3.0.0 and later, ERR_reason_error_string does not map system
+    * errno values anymore.  (See OpenSSL source code for the explanation.)
+    * We can cover that shortcoming with this bit of code.  Older OpenSSL
+    * versions don't have the ERR_SYSTEM_ERROR macro, but that's okay because
+    * they don't have the shortcoming either.
     */
 #ifdef ERR_SYSTEM_ERROR
    if (ERR_SYSTEM_ERROR(ecode))
    {
-       strlcpy(errbuf, strerror(ERR_GET_REASON(ecode)), SSL_ERR_LEN);
+       strerror_r(ERR_GET_REASON(ecode), errbuf, SSL_ERR_LEN);
        return errbuf;
    }
 #endif