libpq: Use strerror_r instead of strerror

Commit 453c4687377 introduced a use of strerror() into libpq, but that
is not thread-safe.  Fix by using strerror_r() instead.

In passing, update some of the code comments added by 453c4687377, as
we have learned more about the reason for the change in OpenSSL that
started this.

Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Discussion: Discussion: https://postgr.es/m/b6fb018b-f05c-4afd-abd3-318c649faf18@highgo.ca

diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index eed7ec7ce56a75c4ad10c17fb99f8a17e92dd4ef..7e056abd5a2f804242837b4ce4956e17f4d5c815 100644 (file)
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -1466,10 +1466,11 @@ SSLerrmessage(unsigned long ecode)
        return errreason;
 
    /*
-    * In OpenSSL 3.0.0 and later, ERR_reason_error_string randomly refuses to
-    * map system errno values.  We can cover that shortcoming with this bit
-    * of code.  Older OpenSSL versions don't have the ERR_SYSTEM_ERROR macro,
-    * but that's okay because they don't have the shortcoming either.
+    * In OpenSSL 3.0.0 and later, ERR_reason_error_string does not map system
+    * errno values anymore.  (See OpenSSL source code for the explanation.)
+    * We can cover that shortcoming with this bit of code.  Older OpenSSL
+    * versions don't have the ERR_SYSTEM_ERROR macro, but that's okay because
+    * they don't have the shortcoming either.
     */
 #ifdef ERR_SYSTEM_ERROR
    if (ERR_SYSTEM_ERROR(ecode))

diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
index 5c867106fb0d2200760c83cf41308ce1662da7db..b6fffd7b9b066f3d9ec2fc7472660e6969522ff5 100644 (file)
--- a/src/interfaces/libpq/fe-secure-openssl.c
+++ b/src/interfaces/libpq/fe-secure-openssl.c
@@ -1759,15 +1759,16 @@ SSLerrmessage(unsigned long ecode)
 #endif
 
    /*
-    * In OpenSSL 3.0.0 and later, ERR_reason_error_string randomly refuses to
-    * map system errno values.  We can cover that shortcoming with this bit
-    * of code.  Older OpenSSL versions don't have the ERR_SYSTEM_ERROR macro,
-    * but that's okay because they don't have the shortcoming either.
+    * In OpenSSL 3.0.0 and later, ERR_reason_error_string does not map system
+    * errno values anymore.  (See OpenSSL source code for the explanation.)
+    * We can cover that shortcoming with this bit of code.  Older OpenSSL
+    * versions don't have the ERR_SYSTEM_ERROR macro, but that's okay because
+    * they don't have the shortcoming either.
     */
 #ifdef ERR_SYSTEM_ERROR
    if (ERR_SYSTEM_ERROR(ecode))
    {
-       strlcpy(errbuf, strerror(ERR_GET_REASON(ecode)), SSL_ERR_LEN);
+       strerror_r(ERR_GET_REASON(ecode), errbuf, SSL_ERR_LEN);
        return errbuf;
    }
 #endif