Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit771240f

Browse files
committed
ecpg: Fix zero-termination of string generated by intoasc()
intoasc(), a wrapper for PGTYPESinterval_to_asc that converts aninterval to its textual representation, used a plain memcpy() whencopying its result. This could miss a zero-termination in the resultstring, leading to an incorrect result.The routines in informix.c do not provide the length of their resultbuffer, which would allow a replacement of strcpy() to safer strlcpy()calls, but this requires an ABI breakage and that cannot happen inback-branches.Author: Oleg TselebrovskiyReviewed-by: Ashutosh BapatDiscussion:https://postgr.es/m/bf47888585149f83b276861a1662f7e4@postgrespro.ruBackpatch-through: 12
1 parent88cbdca commit771240f

File tree

8 files changed

+69
-2
lines changed

8 files changed

+69
-2
lines changed

‎src/interfaces/ecpg/compatlib/informix.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -674,7 +674,7 @@ intoasc(interval * i, char *str)
674674
if (!tmp)
675675
return-errno;
676676

677-
memcpy(str,tmp,strlen(tmp));
677+
strcpy(str,tmp);
678678
free(tmp);
679679
return0;
680680
}

‎src/interfaces/ecpg/test/compat_informix/.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@
44
/dec_test.c
55
/describe
66
/describe.c
7+
/intoasc
8+
/intoasc.c
79
/rfmtdate
810
/rfmtdate.c
911
/rfmtlong

‎src/interfaces/ecpg/test/compat_informix/Makefile

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,8 @@ TESTS = test_informix test_informix.c \
1616
rnull rnull.c\
1717
sqlda sqlda.c\
1818
describe describe.c\
19-
charfuncs charfuncs.c
19+
charfuncs charfuncs.c\
20+
intoasc intoasc.c
2021

2122
all:$(TESTS)
2223

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
#include <stdio.h>
2+
#include <stdlib.h>
3+
4+
#include "pgtypes_interval.h"
5+
6+
EXEC SQL BEGIN DECLARE SECTION;
7+
char dirty_str[100] = "aaaaaaaaa_bbbbbbbb_ccccccccc_ddddddddd_";
8+
interval *interval_ptr;
9+
EXEC SQL END DECLARE SECTION;
10+
11+
int main()
12+
{
13+
interval_ptr = (interval *) malloc(sizeof(interval));
14+
interval_ptr->time = 100000000;
15+
interval_ptr->month = 240;
16+
17+
printf("dirty_str contents before intoasc: %s\n", dirty_str);
18+
intoasc(interval_ptr, dirty_str);
19+
printf("dirty_str contents after intoasc: %s\n", dirty_str);
20+
return 0;
21+
}

‎src/interfaces/ecpg/test/ecpg_schedule

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ test: compat_informix/sqlda
77
test: compat_informix/describe
88
test: compat_informix/test_informix
99
test: compat_informix/test_informix2
10+
test: compat_informix/intoasc
1011
test: compat_oracle/char_array
1112
test: connect/test2
1213
test: connect/test3
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
/* Processed by ecpg (regression mode) */
2+
/* These include files are added by the preprocessor */
3+
#include<ecpglib.h>
4+
#include<ecpgerrno.h>
5+
#include<sqlca.h>
6+
/* Needed for informix compatibility */
7+
#include<ecpg_informix.h>
8+
/* End of automatic include section */
9+
#defineECPGdebug(X,Y) ECPGdebug((X)+100,(Y))
10+
11+
#line 1 "intoasc.pgc"
12+
#include<stdio.h>
13+
#include<stdlib.h>
14+
15+
#include"pgtypes_interval.h"
16+
17+
/* exec sql begin declare section */
18+
19+
20+
21+
#line 7 "intoasc.pgc"
22+
chardirty_str [100 ]="aaaaaaaaa_bbbbbbbb_ccccccccc_ddddddddd_" ;
23+
24+
#line 8 "intoasc.pgc"
25+
interval*interval_ptr ;
26+
/* exec sql end declare section */
27+
#line 9 "intoasc.pgc"
28+
29+
30+
intmain()
31+
{
32+
interval_ptr= (interval*)malloc(sizeof(interval));
33+
interval_ptr->time=100000000;
34+
interval_ptr->month=240;
35+
36+
printf("dirty_str contents before intoasc: %s\n",dirty_str);
37+
intoasc(interval_ptr,dirty_str);
38+
printf("dirty_str contents after intoasc: %s\n",dirty_str);
39+
return0;
40+
}

‎src/interfaces/ecpg/test/expected/compat_informix-intoasc.stderr

Whitespace-only changes.
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
dirty_str contents before intoasc: aaaaaaaaa_bbbbbbbb_ccccccccc_ddddddddd_
2+
dirty_str contents after intoasc: @ 20 years 1 min 40 secs

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp