libpq: Use strerror_r instead of strerror

Commit 453c4687377 introduced a use of strerror() into libpq, but that
is not thread-safe.  Fix by using strerror_r() instead.

In passing, update some of the code comments added by 453c4687377, as
we have learned more about the reason for the change in OpenSSL that
started this.

Reviewed-by: Daniel Gustafsson <[email protected]>
Discussion: Discussion: https://postgr.es/m/b6fb018b-f05c-4afd-abd3-318c649faf18@highgo.ca

diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 503132d010dabc0d8f6a84801d897bfda4b73a89..92edd6d5c638c12f21f4d788a59dcf2173b9eb64 100644 (file)
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -1175,10 +1175,11 @@ SSLerrmessage(unsigned long ecode)
        return errreason;
 
    /*
-    * In OpenSSL 3.0.0 and later, ERR_reason_error_string randomly refuses to
-    * map system errno values.  We can cover that shortcoming with this bit
-    * of code.  Older OpenSSL versions don't have the ERR_SYSTEM_ERROR macro,
-    * but that's okay because they don't have the shortcoming either.
+    * In OpenSSL 3.0.0 and later, ERR_reason_error_string does not map system
+    * errno values anymore.  (See OpenSSL source code for the explanation.)
+    * We can cover that shortcoming with this bit of code.  Older OpenSSL
+    * versions don't have the ERR_SYSTEM_ERROR macro, but that's okay because
+    * they don't have the shortcoming either.
     */
 #ifdef ERR_SYSTEM_ERROR
    if (ERR_SYSTEM_ERROR(ecode))

diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
index 66c9ea6cb701f22cbb38d9b9036569c7c702e306..cdb47ba479fd1f6ddb4526fac34621ccf4372cbc 100644 (file)
--- a/src/interfaces/libpq/fe-secure-openssl.c
+++ b/src/interfaces/libpq/fe-secure-openssl.c
@@ -1498,15 +1498,16 @@ SSLerrmessage(unsigned long ecode)
    }
 
    /*
-    * In OpenSSL 3.0.0 and later, ERR_reason_error_string randomly refuses to
-    * map system errno values.  We can cover that shortcoming with this bit
-    * of code.  Older OpenSSL versions don't have the ERR_SYSTEM_ERROR macro,
-    * but that's okay because they don't have the shortcoming either.
+    * In OpenSSL 3.0.0 and later, ERR_reason_error_string does not map system
+    * errno values anymore.  (See OpenSSL source code for the explanation.)
+    * We can cover that shortcoming with this bit of code.  Older OpenSSL
+    * versions don't have the ERR_SYSTEM_ERROR macro, but that's okay because
+    * they don't have the shortcoming either.
     */
 #ifdef ERR_SYSTEM_ERROR
    if (ERR_SYSTEM_ERROR(ecode))
    {
-       strlcpy(errbuf, strerror(ERR_GET_REASON(ecode)), SSL_ERR_LEN);
+       strerror_r(ERR_GET_REASON(ecode), errbuf, SSL_ERR_LEN);
        return errbuf;
    }
 #endif