pgjdbc/pgjdbc GitHub issues and pull requests (mirror)
help / color / mirror / Atom feedFrom: sehrope (@sehrope) <[email protected]>
To: pgjdbc/pgjdbc <[email protected]>
Subject: Re: [pgjdbc/pgjdbc] PR #4016: feat: harden protocol reader against desynced streams (#4015)
Date: Sat, 23 May 2026 13:49:21 +0000
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
I'm planning on reviewing this in the next few days.
My initial take is that protocol validation and hardening is a great idea. It's arguably less of an issue for a language like Java vs something memory unsafe (e.g., reading past buffer length in C), but still a great addition and would catch all kinds of odd server bugs too.
However, I think if such a violation is discovered it should just abort the connection. No options to disable or turn it into a warning. If the protocol is broken we should not try to continue as we've likely violated our own assumptions and invariants.
I get the desire to have incremental additions and not risk breaking people, but this should not break anyone if things work like they're supposed to. And anything it catches would be undefined behavior.
Anyway, I'll have more thoughts when I actually step through the details.
view thread (21+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: github://pgjdbc/pgjdbc
Cc: [email protected], [email protected]
Subject: Re: [pgjdbc/pgjdbc] PR #4016: feat: harden protocol reader against desynced streams (#4015)
In-Reply-To: <<[email protected]>>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox