Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commite77a1c5

Browse files
committed
ecpg: Fix zero-termination of string generated by intoasc()
intoasc(), a wrapper for PGTYPESinterval_to_asc that converts aninterval to its textual representation, used a plain memcpy() whencopying its result. This could miss a zero-termination in the resultstring, leading to an incorrect result.The routines in informix.c do not provide the length of their resultbuffer, which would allow a replacement of strcpy() to safer strlcpy()calls, but this requires an ABI breakage and that cannot happen inback-branches.Author: Oleg TselebrovskiyReviewed-by: Ashutosh BapatDiscussion:https://postgr.es/m/bf47888585149f83b276861a1662f7e4@postgrespro.ruBackpatch-through: 12
1 parent0a9118c commite77a1c5

File tree

9 files changed

+70
-2
lines changed

9 files changed

+70
-2
lines changed

‎src/interfaces/ecpg/compatlib/informix.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -654,7 +654,7 @@ intoasc(interval * i, char *str)
654654
if (!tmp)
655655
return-errno;
656656

657-
memcpy(str,tmp,strlen(tmp));
657+
strcpy(str,tmp);
658658
free(tmp);
659659
return0;
660660
}

‎src/interfaces/ecpg/test/compat_informix/.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@
44
/dec_test.c
55
/describe
66
/describe.c
7+
/intoasc
8+
/intoasc.c
79
/rfmtdate
810
/rfmtdate.c
911
/rfmtlong

‎src/interfaces/ecpg/test/compat_informix/Makefile

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,8 @@ TESTS = test_informix test_informix.c \
1616
rnull rnull.c\
1717
sqlda sqlda.c\
1818
describe describe.c\
19-
charfuncs charfuncs.c
19+
charfuncs charfuncs.c\
20+
intoasc intoasc.c
2021

2122
all:$(TESTS)
2223

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
#include <stdio.h>
2+
#include <stdlib.h>
3+
4+
#include "pgtypes_interval.h"
5+
6+
EXEC SQL BEGIN DECLARE SECTION;
7+
char dirty_str[100] = "aaaaaaaaa_bbbbbbbb_ccccccccc_ddddddddd_";
8+
interval *interval_ptr;
9+
EXEC SQL END DECLARE SECTION;
10+
11+
int main()
12+
{
13+
interval_ptr = (interval *) malloc(sizeof(interval));
14+
interval_ptr->time = 100000000;
15+
interval_ptr->month = 240;
16+
17+
printf("dirty_str contents before intoasc: %s\n", dirty_str);
18+
intoasc(interval_ptr, dirty_str);
19+
printf("dirty_str contents after intoasc: %s\n", dirty_str);
20+
return 0;
21+
}

‎src/interfaces/ecpg/test/compat_informix/meson.build

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ pgc_files = [
44
'charfuncs',
55
'dec_test',
66
'describe',
7+
'intoasc',
78
'rfmtdate',
89
'rfmtlong',
910
'rnull',

‎src/interfaces/ecpg/test/ecpg_schedule

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ test: compat_informix/sqlda
77
test: compat_informix/describe
88
test: compat_informix/test_informix
99
test: compat_informix/test_informix2
10+
test: compat_informix/intoasc
1011
test: compat_oracle/char_array
1112
test: connect/test2
1213
test: connect/test3
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
/* Processed by ecpg (regression mode) */
2+
/* These include files are added by the preprocessor */
3+
#include<ecpglib.h>
4+
#include<ecpgerrno.h>
5+
#include<sqlca.h>
6+
/* Needed for informix compatibility */
7+
#include<ecpg_informix.h>
8+
/* End of automatic include section */
9+
#defineECPGdebug(X,Y) ECPGdebug((X)+100,(Y))
10+
11+
#line 1 "intoasc.pgc"
12+
#include<stdio.h>
13+
#include<stdlib.h>
14+
15+
#include"pgtypes_interval.h"
16+
17+
/* exec sql begin declare section */
18+
19+
20+
21+
#line 7 "intoasc.pgc"
22+
chardirty_str [100 ]="aaaaaaaaa_bbbbbbbb_ccccccccc_ddddddddd_" ;
23+
24+
#line 8 "intoasc.pgc"
25+
interval*interval_ptr ;
26+
/* exec sql end declare section */
27+
#line 9 "intoasc.pgc"
28+
29+
30+
intmain()
31+
{
32+
interval_ptr= (interval*)malloc(sizeof(interval));
33+
interval_ptr->time=100000000;
34+
interval_ptr->month=240;
35+
36+
printf("dirty_str contents before intoasc: %s\n",dirty_str);
37+
intoasc(interval_ptr,dirty_str);
38+
printf("dirty_str contents after intoasc: %s\n",dirty_str);
39+
return0;
40+
}

‎src/interfaces/ecpg/test/expected/compat_informix-intoasc.stderr

Whitespace-only changes.
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
dirty_str contents before intoasc: aaaaaaaaa_bbbbbbbb_ccccccccc_ddddddddd_
2+
dirty_str contents after intoasc: @ 20 years 1 min 40 secs

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp