Thread: Issue in Postgres Client 14.9 with OpenSSL 3.2.0

Hi,

We are facing issue while trying to connect securely(ssl) from postgres c client(libpq) with postgresql server.

We have compiled postgreClient 14.9(postgresql-14.9.tar.gz) using OpenSSL version 3.2.0.

Backtrace of the issue is mentioned below :

              #0  0x00000000009a71f8 in _shi_removeFromFreeList ()

              #1  0x00000000009a7be8 in _shi_freeVar ()

              #2  0x00000000009a913c in MemFreePtr ()

              #3  0x00007f407b378f21 in freePGconn () from /opt/mediation/CXC1742082_R27D//lib/libs/libpq.so.5

              #4  0x00007f407b3c9144 in PostgreSQLClient::connect  at PostgreSQLClient.cc:170

              #5  0x00007f407b3d9089 in PostgreSQLClient::beginTransaction

We also facing same issue when running from commandline using psql:

              ./psql "dbname=drrf_db_emtdrrf sslmode=require host=X.X.X.X user=XYZABC port=5434 sslcert=tls.crt sslkey=tls.key"

              psql: error: connection to server at "X.X.X.X”, port 5434 failed: FATAL:  no PostgreSQL user name specified in startup packet

              free(): double free detected in tcache 2

              Aborted (core dumped)

We also find similar type of issues on internet and one link from postgres website as well.

https://www.postgresql.org/message-id/CX9SU44GH3P4.17X6ZZUJ5D40N@neon.tech

NOTE: When compiles postgreClient with openSSL version ???????, then secure connection working properly.

Kindly suggest on which release and on what version (14.x/16.x) we will get this fix. Also is there any workaround or formal patch which can be applied on 14.9 to fix this issue.

Thanks,

Tarkeshwar