Fix race condition in gettext() initialization in libpq and ecpglib.

In libpq and ecpglib, multiple threads can concurrently enter the
initialization logic for message localization.  Since we set the
its-done flag before actually doing the work, it'd be possible
for some threads to reach gettext() before anyone has called
bindtextdomain().  Barring bugs in libintl itself, this would not
result in anything worse than failure to localize some early
messages.  Nonetheless, it's a bug, and an easy one to fix.

Noted while investigating bug #17299 from Clemens Zeidler
(much thanks to Liam Bowen for followup investigation on that).
It currently appears that that actually *is* a bug in libintl itself,
but that doesn't let us off the hook for this bit.

Back-patch to all supported versions.

Discussion: https://postgr.es/m/17299-7270741958c0b1ab@postgresql.org
Discussion: https://postgr.es/m/CAE7q7Eit4Eq2=bxce=Fm8HAStECjaXUE=WBQc-sDDcgJQ7s7eg@mail.gmail.com

diff --git a/src/interfaces/ecpg/ecpglib/misc.c b/src/interfaces/ecpg/ecpglib/misc.c
index 25094e43969721a77c6758cfa380f76d0a51adc6..1ccf73f0bbdbe825353c76305d064b63d7a81d58 100644 (file)
--- a/src/interfaces/ecpg/ecpglib/misc.c
+++ b/src/interfaces/ecpg/ecpglib/misc.c
@@ -489,7 +489,14 @@ win32_pthread_once(volatile pthread_once_t *once, void (*fn) (void))
 char *
 ecpg_gettext(const char *msgid)
 {
-   static bool already_bound = false;
+   /*
+    * If multiple threads come through here at about the same time, it's okay
+    * for more than one of them to call bindtextdomain().  But it's not okay
+    * for any of them to reach dgettext() before bindtextdomain() is
+    * complete, so don't set the flag till that's done.  Use "volatile" just
+    * to be sure the compiler doesn't try to get cute.
+    */
+   static volatile bool already_bound = false;
 
    if (!already_bound)
    {
@@ -501,12 +508,12 @@ ecpg_gettext(const char *msgid)
 #endif
        const char *ldir;
 
-       already_bound = true;
        /* No relocatable lookup here because the binary could be anywhere */
        ldir = getenv("PGLOCALEDIR");
        if (!ldir)
            ldir = LOCALEDIR;
        bindtextdomain(PG_TEXTDOMAIN("ecpglib"), ldir);
+       already_bound = true;
 #ifdef WIN32
        SetLastError(save_errno);
 #else

diff --git a/src/interfaces/libpq/fe-misc.c b/src/interfaces/libpq/fe-misc.c
index 864e8853aeb1df36d0ba44d0b7657971d0e8b11e..6391a4109bf5030a0a834a45513180199f11fb1f 100644 (file)
--- a/src/interfaces/libpq/fe-misc.c
+++ b/src/interfaces/libpq/fe-misc.c
@@ -1219,7 +1219,14 @@ PQenv2encoding(void)
 static void
 libpq_binddomain()
 {
-   static bool already_bound = false;
+   /*
+    * If multiple threads come through here at about the same time, it's okay
+    * for more than one of them to call bindtextdomain().  But it's not okay
+    * for any of them to return to caller before bindtextdomain() is
+    * complete, so don't set the flag till that's done.  Use "volatile" just
+    * to be sure the compiler doesn't try to get cute.
+    */
+   static volatile bool already_bound = false;
 
    if (!already_bound)
    {
@@ -1231,12 +1238,12 @@ libpq_binddomain()
 #endif
        const char *ldir;
 
-       already_bound = true;
        /* No relocatable lookup here because the binary could be anywhere */
        ldir = getenv("PGLOCALEDIR");
        if (!ldir)
            ldir = LOCALEDIR;
        bindtextdomain(PG_TEXTDOMAIN("libpq"), ldir);
+       already_bound = true;
 #ifdef WIN32
        SetLastError(save_errno);
 #else