Message-ID: From: "sehrope (@sehrope)" To: "pgjdbc/pgjdbc" Date: Sat, 23 May 2026 13:49:21 +0000 Subject: Re: [pgjdbc/pgjdbc] PR #4016: feat: harden protocol reader against desynced streams (#4015) In-Reply-To: References: List-Id: X-GitHub-Author-Login: sehrope X-GitHub-Comment-Id: 4525547575 X-GitHub-Comment-Type: issue_comment X-GitHub-Issue: 4016 X-GitHub-Repo: pgjdbc/pgjdbc X-GitHub-Type: comment X-GitHub-Url: https://github.com/pgjdbc/pgjdbc/pull/4016#issuecomment-4525547575 Content-Type: text/plain; charset=utf-8 I'm planning on reviewing this in the next few days. My initial take is that protocol validation and hardening is a great idea. It's arguably less of an issue for a language like Java vs something memory unsafe (e.g., reading past buffer length in C), but still a great addition and would catch all kinds of odd server bugs too. However, I think if such a violation is discovered it should just abort the connection. No options to disable or turn it into a warning. If the protocol is broken we should not try to continue as we've likely violated our own assumptions and invariants. I get the desire to have incremental additions and not risk breaking people, but this should not break anyone if things work like they're supposed to. And anything it catches would be undefined behavior. Anyway, I'll have more thoughts when I actually step through the details.