Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit8aad28d

Browse files
author
Byron Nikolaidis
committed
Mini Update#2 -- final fixes for buffer lengths, null buffers, truncation
1 parent1bbe55c commit8aad28d

File tree

5 files changed

+207
-150
lines changed

5 files changed

+207
-150
lines changed

‎src/interfaces/odbc/connection.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,8 @@ typedef enum {
6565
#defineCONN_OPTION_VALUE_CHANGED 213
6666
#defineCONN_VALUE_OUT_OF_RANGE 214
6767

68+
#defineCONN_TRUNCATED 215
69+
6870
/* Conn_status defines */
6971
#defineCONN_IN_AUTOCOMMIT 0x01
7072
#defineCONN_IN_TRANSACTION 0x02

‎src/interfaces/odbc/drvconn.c

Lines changed: 38 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -79,12 +79,14 @@ static char *func = "SQLDriverConnect";
7979
ConnectionClass*conn= (ConnectionClass*)hdbc;
8080
ConnInfo*ci;
8181
#ifdefWIN32
82-
RETCODEdialog_result;
82+
RETCODEdialog_result,result;
8383
#endif
8484
charconnStrIn[MAX_CONNECT_STRING];
8585
charconnStrOut[MAX_CONNECT_STRING];
8686
intretval;
8787
charpassword_required= FALSE;
88+
intlen=0;
89+
8890

8991
mylog("%s: entering...\n",func);
9092

@@ -166,22 +168,6 @@ char password_required = FALSE;
166168
returnSQL_NO_DATA_FOUND;
167169
}
168170

169-
if(szConnStrOut) {
170-
171-
/*Return the completed string to the caller.
172-
Only construct the connect string if a dialog was put up,
173-
otherwise, just copy the connection input string to the output.
174-
*/
175-
makeConnectString(connStrOut,ci);
176-
177-
if(pcbConnStrOut) {
178-
*pcbConnStrOut=strlen(connStrOut);
179-
}
180-
strncpy_null(szConnStrOut,connStrOut,cbConnStrOutMax);
181-
}
182-
183-
mylog("szConnStrOut = '%s'\n",szConnStrOut);
184-
qlog("conn=%u, SQLDriverConnect(out)='%s'\n",conn,szConnStrOut);
185171

186172
// do the actual connect
187173
retval=CC_connect(conn,password_required);
@@ -205,8 +191,41 @@ char password_required = FALSE;
205191
returnSQL_ERROR;
206192
}
207193

208-
mylog("SQLDRiverConnect: returning success\n");
209-
returnSQL_SUCCESS;
194+
/*********************************************/
195+
/* Create the Output Connection String */
196+
/*********************************************/
197+
result=SQL_SUCCESS;
198+
199+
makeConnectString(connStrOut,ci);
200+
len=strlen(connStrOut);
201+
202+
if(szConnStrOut) {
203+
204+
/*Return the completed string to the caller. The correct method is to
205+
only construct the connect string if a dialog was put up, otherwise,
206+
it should just copy the connection input string to the output.
207+
However, it seems ok to just alwaysconstruct an output string. There
208+
are possible bad side effects on working applications (Access) by
209+
implementing the correct behavior, anyway.
210+
*/
211+
strncpy_null(szConnStrOut,connStrOut,cbConnStrOutMax);
212+
213+
if (len >=cbConnStrOutMax) {
214+
result=SQL_SUCCESS_WITH_INFO;
215+
conn->errornumber=CONN_TRUNCATED;
216+
conn->errormsg="The buffer was too small for the result.";
217+
}
218+
}
219+
220+
if(pcbConnStrOut)
221+
*pcbConnStrOut=len;
222+
223+
mylog("szConnStrOut = '%s'\n",szConnStrOut);
224+
qlog("conn=%u, SQLDriverConnect(out)='%s'\n",conn,szConnStrOut);
225+
226+
227+
mylog("SQLDRiverConnect: returning %d\n",result);
228+
returnresult;
210229
}
211230

212231
#ifdefWIN32

‎src/interfaces/odbc/environ.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -242,6 +242,7 @@ int status;
242242
strcpy(szSqlState,"01S02");
243243
break;
244244
caseSTMT_TRUNCATED:
245+
caseCONN_TRUNCATED:
245246
strcpy(szSqlState,"01004");
246247
// data truncated
247248
break;

‎src/interfaces/odbc/execute.c

Lines changed: 33 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -431,7 +431,8 @@ FARPROC addr;
431431
// - - - - - - - - -
432432

433433
// Returns the SQL string as modified by the driver.
434-
434+
//Currently, just copy the input string without modification
435+
//observing buffer limits and truncation.
435436
RETCODESQL_APISQLNativeSql(
436437
HDBChdbc,
437438
UCHARFAR*szSqlStrIn,
@@ -441,12 +442,40 @@ RETCODE SQL_API SQLNativeSql(
441442
SDWORDFAR*pcbSqlStr)
442443
{
443444
staticchar*func="SQLNativeSql";
445+
intlen=0;
446+
char*ptr;
447+
ConnectionClass*conn= (ConnectionClass*)hdbc;
448+
RETCODEresult;
444449

445-
mylog("%s: entering...\n",func);
450+
mylog("%s: entering...cbSqlStrIn=%d\n",func,cbSqlStrIn);
451+
452+
ptr= (cbSqlStrIn==0) ?"" :make_string(szSqlStrIn,cbSqlStrIn,NULL);
453+
if ( !ptr) {
454+
conn->errornumber=CONN_NO_MEMORY_ERROR;
455+
conn->errormsg="No memory available to store native sql string";
456+
CC_log_error(func,"",conn);
457+
returnSQL_ERROR;
458+
}
459+
460+
result=SQL_SUCCESS;
461+
len=strlen(ptr);
462+
463+
if (szSqlStr) {
464+
strncpy_null(szSqlStr,ptr,cbSqlStrMax);
465+
466+
if (len >=cbSqlStrMax) {
467+
result=SQL_SUCCESS_WITH_INFO;
468+
conn->errornumber=STMT_TRUNCATED;
469+
conn->errormsg="The buffer was too small for the result.";
470+
}
471+
}
472+
473+
if (pcbSqlStr)
474+
*pcbSqlStr=len;
446475

447-
strncpy_null(szSqlStr,szSqlStrIn,cbSqlStrMax);
476+
free(ptr);
448477

449-
returnSQL_SUCCESS;
478+
returnresult;
450479
}
451480

452481
// - - - - - - - - -

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp