Fix Windows-only postmaster code to reject a connection request and continue,

rather than elog(FATAL), when there is no more room in ShmemBackendArray.
This is a security issue since too many connection requests arriving close
together could cause the postmaster to shut down, resulting in denial of
service.  Reported by Yoshiyuki Asaba, fixed by Magnus Hagander.

diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c
index 5cfacd173d7f88893f20ec47cd2af519abaeba2a..afd861b5ca30163d9d6478df2cc0774e1aa157d6 100644 (file)
--- a/src/backend/postmaster/postmaster.c
+++ b/src/backend/postmaster/postmaster.c
@@ -144,7 +144,11 @@ typedef struct bkend
 static Dllist *BackendList;
 
 #ifdef EXEC_BACKEND
-#define NUM_BACKENDARRAY_ELEMS (2*MaxBackends)
+/* 
+ * Number of entries in the backend table. Twice the number of backends,
+ * plus four other subprocesses (stats, bgwriter, autovac, logger). 
+ */
+#define NUM_BACKENDARRAY_ELEMS (2*MaxBackends + 4)
 static Backend *ShmemBackendArray;
 #endif
 
@@ -3018,6 +3022,15 @@ internal_forkexec(int argc, char *argv[], Port *port)
        Assert(strncmp(argv[1], "-fork", 5) == 0);
        Assert(argv[2] == NULL);
 
+       /* Verify that there is room in the child list */
+       if (win32_numChildren >= NUM_BACKENDARRAY_ELEMS)
+       {
+               elog(LOG, "no room for child entry in backend list");
+               /* Report same error as for a fork failure on Unix */
+               errno = EAGAIN;
+               return -1;
+       }
+
        /* Set up shared memory for parameter passing */
        ZeroMemory(&sa,sizeof(sa));
        sa.nLength = sizeof(sa);