Re: SQLGetInfo buffer overflow?

Поиск
Список
Период
Сортировка
От Ludek Finstrle
Тема Re: SQLGetInfo buffer overflow?
Дата
Msg-id 20060125171622.GA6210@soptik.pzkagis.cz
обсуждение исходный текст
Ответ на SQLGetInfo buffer overflow?  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: SQLGetInfo buffer overflow?
Список pgsql-odbc
Дерево обсуждения 
Wed, Jan 25, 2006 at 11:52:13AM -0500, Tom Lane napsal(a):
> Anyone have a comment on
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178925

I see no problem without Unicode support. I'm not sure with unicode version.

RETCODE SQL_API PGAPI_GetInfo(
  HDBC hdbc,
  UWORD fInfoType,             // 18
  PTR rgbInfoValue,            // output buffer
  SWORD cbInfoValueMax,        // size of output buffer
  SWORD FAR * pcbInfoValue)    // returned length
{
  char  *p = NULL,
        tmp[MAX_INFO_STRING];
  int   len = 0;

...

  switch (fInfoType)
    case SQL_DBMS_VER:
      snprintf(tmp, sizeof(tmp) - 1, "%s %s", POSTGRESDRIVERVERSION, conn->pg_version);
      tmp[sizeof(tmp) - 1] = '\0';
      p = tmp;
      break;

...

  result = SQL_SUCCESS;

  if (p) {
    len = strlen(p);
#ifdef  UNICODE_SUPPORT
    if (conn->unicode)
      len = len * WCLEN;
#endif
    if (rgbInfoValue) {
#ifdef  UNICODE_SUPPORT
      if (conn->unicode)
        len = utf8_to_ucs2(p, len, (SQLWCHAR *) rgbInfoValue, cbInfoValueMax / 2);
      else
#endif
        strncpy_null((char *) rgbInfoValue, p, (size_t) cbInfoValueMax);

      if (len >= cbInfoValueMax) {
        result = SQL_SUCCESS_WITH_INFO;
        CC_set_error(conn, CONN_TRUNCATED, "The buffer was too small for the InfoValue.");
      }
    }
  }

...

  if (pcbInfoValue)
    *pcbInfoValue = len;

  mylog("%s: p='%s', len=%d, value=%d, cbMax=%d\n", func, p ? p : "<NULL>", len, value, cbInfoValueMax);

  return result;
}

I have no time for this issue until next week. The code is located
in info.c.

Regards,

Luf

В списке pgsql-odbc по дате отправления: