Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit46d61eb

Browse files
author
Michael Meskes
committed
Fixed a buffer overrun that was masked on Linux systems.
1 parent121dd1c commit46d61eb

File tree

4 files changed

+40
-36
lines changed

4 files changed

+40
-36
lines changed

‎src/interfaces/ecpg/ChangeLog

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2095,11 +2095,13 @@ Mo Aug 14 10:39:59 CEST 2006
20952095
- Fixed broken newline on Windows.
20962096
- Fixed a nasty buffer underrun that only occured when using Informix
20972097
no_indicator NULL setting on timestamps and intervals.
2098+
<<<<<<< ChangeLog
20982099

20992100
Fr 18. Aug 17:32:54 CEST 2006
21002101

21012102
- Changed lexer to no longer use the default rule.
21022103
- Synced parser and keyword list.
21032104
- Fixed parsing of CONNECT statement so it accepts a C string again.
2105+
- Fixed a buffer overrun that was masked on Linux systems.
21042106
- Set ecpg library version to 5.2.
21052107
- Set ecpg version to 4.2.1.

‎src/interfaces/ecpg/ecpglib/execute.c

Lines changed: 33 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
/* $PostgreSQL: pgsql/src/interfaces/ecpg/ecpglib/execute.c,v 1.58 2006/08/09 09:08:31 meskes Exp $ */
1+
/* $PostgreSQL: pgsql/src/interfaces/ecpg/ecpglib/execute.c,v 1.59 2006/08/18 16:30:53 meskes Exp $ */
22

33
/*
44
* The aim is to get a simpler inteface to the database routines.
@@ -572,19 +572,21 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
572572
}
573573
if (**tobeinserted_p=='\0')
574574
{
575+
intasize=var->arrsize?var->arrsize :1;
576+
575577
switch (var->type)
576578
{
577579
intelement;
578580

579581
caseECPGt_short:
580-
if (!(mallocedval=ECPGalloc(var->arrsize*20,lineno)))
582+
if (!(mallocedval=ECPGalloc(asize*20,lineno)))
581583
return false;
582584

583-
if (var->arrsize>1)
585+
if (asize>1)
584586
{
585587
strcpy(mallocedval,"array [");
586588

587-
for (element=0;element<var->arrsize;element++)
589+
for (element=0;element<asize;element++)
588590
sprintf(mallocedval+strlen(mallocedval),"%hd,", ((short*)var->value)[element]);
589591

590592
strcpy(mallocedval+strlen(mallocedval)-1,"]");
@@ -597,14 +599,14 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
597599
break;
598600

599601
caseECPGt_int:
600-
if (!(mallocedval=ECPGalloc(var->arrsize*20,lineno)))
602+
if (!(mallocedval=ECPGalloc(asize*20,lineno)))
601603
return false;
602604

603-
if (var->arrsize>1)
605+
if (asize>1)
604606
{
605607
strcpy(mallocedval,"array [");
606608

607-
for (element=0;element<var->arrsize;element++)
609+
for (element=0;element<asize;element++)
608610
sprintf(mallocedval+strlen(mallocedval),"%d,", ((int*)var->value)[element]);
609611

610612
strcpy(mallocedval+strlen(mallocedval)-1,"]");
@@ -617,14 +619,14 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
617619
break;
618620

619621
caseECPGt_unsigned_short:
620-
if (!(mallocedval=ECPGalloc(var->arrsize*20,lineno)))
622+
if (!(mallocedval=ECPGalloc(asize*20,lineno)))
621623
return false;
622624

623-
if (var->arrsize>1)
625+
if (asize>1)
624626
{
625627
strcpy(mallocedval,"array [");
626628

627-
for (element=0;element<var->arrsize;element++)
629+
for (element=0;element<asize;element++)
628630
sprintf(mallocedval+strlen(mallocedval),"%hu,", ((unsigned short*)var->value)[element]);
629631

630632
strcpy(mallocedval+strlen(mallocedval)-1,"]");
@@ -637,14 +639,14 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
637639
break;
638640

639641
caseECPGt_unsigned_int:
640-
if (!(mallocedval=ECPGalloc(var->arrsize*20,lineno)))
642+
if (!(mallocedval=ECPGalloc(asize*20,lineno)))
641643
return false;
642644

643-
if (var->arrsize>1)
645+
if (asize>1)
644646
{
645647
strcpy(mallocedval,"array [");
646648

647-
for (element=0;element<var->arrsize;element++)
649+
for (element=0;element<asize;element++)
648650
sprintf(mallocedval+strlen(mallocedval),"%u,", ((unsignedint*)var->value)[element]);
649651

650652
strcpy(mallocedval+strlen(mallocedval)-1,"]");
@@ -657,14 +659,14 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
657659
break;
658660

659661
caseECPGt_long:
660-
if (!(mallocedval=ECPGalloc(var->arrsize*20,lineno)))
662+
if (!(mallocedval=ECPGalloc(asize*20,lineno)))
661663
return false;
662664

663-
if (var->arrsize>1)
665+
if (asize>1)
664666
{
665667
strcpy(mallocedval,"array [");
666668

667-
for (element=0;element<var->arrsize;element++)
669+
for (element=0;element<asize;element++)
668670
sprintf(mallocedval+strlen(mallocedval),"%ld,", ((long*)var->value)[element]);
669671

670672
strcpy(mallocedval+strlen(mallocedval)-1,"]");
@@ -677,14 +679,14 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
677679
break;
678680

679681
caseECPGt_unsigned_long:
680-
if (!(mallocedval=ECPGalloc(var->arrsize*20,lineno)))
682+
if (!(mallocedval=ECPGalloc(asize*20,lineno)))
681683
return false;
682684

683-
if (var->arrsize>1)
685+
if (asize>1)
684686
{
685687
strcpy(mallocedval,"array [");
686688

687-
for (element=0;element<var->arrsize;element++)
689+
for (element=0;element<asize;element++)
688690
sprintf(mallocedval+strlen(mallocedval),"%lu,", ((unsigned long*)var->value)[element]);
689691

690692
strcpy(mallocedval+strlen(mallocedval)-1,"]");
@@ -697,14 +699,14 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
697699
break;
698700
#ifdefHAVE_LONG_LONG_INT_64
699701
caseECPGt_long_long:
700-
if (!(mallocedval=ECPGalloc(var->arrsize*30,lineno)))
702+
if (!(mallocedval=ECPGalloc(asize*30,lineno)))
701703
return false;
702704

703-
if (var->arrsize>1)
705+
if (asize>1)
704706
{
705707
strcpy(mallocedval,"array [");
706708

707-
for (element=0;element<var->arrsize;element++)
709+
for (element=0;element<asize;element++)
708710
sprintf(mallocedval+strlen(mallocedval),"%lld,", ((long long*)var->value)[element]);
709711

710712
strcpy(mallocedval+strlen(mallocedval)-1,"]");
@@ -717,14 +719,14 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
717719
break;
718720

719721
caseECPGt_unsigned_long_long:
720-
if (!(mallocedval=ECPGalloc(var->arrsize*30,lineno)))
722+
if (!(mallocedval=ECPGalloc(asize*30,lineno)))
721723
return false;
722724

723-
if (var->arrsize>1)
725+
if (asize>1)
724726
{
725727
strcpy(mallocedval,"array [");
726728

727-
for (element=0;element<var->arrsize;element++)
729+
for (element=0;element<asize;element++)
728730
sprintf(mallocedval+strlen(mallocedval),"%llu,", ((unsigned long long*)var->value)[element]);
729731

730732
strcpy(mallocedval+strlen(mallocedval)-1,"]");
@@ -737,14 +739,14 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
737739
break;
738740
#endif/* HAVE_LONG_LONG_INT_64 */
739741
caseECPGt_float:
740-
if (!(mallocedval=ECPGalloc(var->arrsize*25,lineno)))
742+
if (!(mallocedval=ECPGalloc(asize*25,lineno)))
741743
return false;
742744

743-
if (var->arrsize>1)
745+
if (asize>1)
744746
{
745747
strcpy(mallocedval,"array [");
746748

747-
for (element=0;element<var->arrsize;element++)
749+
for (element=0;element<asize;element++)
748750
sprintf(mallocedval+strlen(mallocedval),"%.14g,", ((float*)var->value)[element]);
749751

750752
strcpy(mallocedval+strlen(mallocedval)-1,"]");
@@ -757,14 +759,14 @@ ECPGstore_input(const int lineno, const bool force_indicator, const struct varia
757759
break;
758760

759761
caseECPGt_double:
760-
if (!(mallocedval=ECPGalloc(var->arrsize*25,lineno)))
762+
if (!(mallocedval=ECPGalloc(asize*25,lineno)))
761763
return false;
762764

763-
if (var->arrsize>1)
765+
if (asize>1)
764766
{
765767
strcpy(mallocedval,"array [");
766768

767-
for (element=0;element<var->arrsize;element++)
769+
for (element=0;element<asize;element++)
768770
sprintf(mallocedval+strlen(mallocedval),"%.14g,", ((double*)var->value)[element]);
769771

770772
strcpy(mallocedval+strlen(mallocedval)-1,"]");

‎src/interfaces/ecpg/test/complex/test4.pgc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ EXEC SQL BEGIN DECLARE SECTION;
2727
int *did = &i;
2828
int a[10] = {9,8,7,6,5,4,3,2,1,0};
2929
char text[25] = "klmnopqrst";
30-
char *t = (char *)malloc(10);
30+
char *t = (char *)malloc(11);
3131
double f;
3232
bool b = true;
3333
EXEC SQL END DECLARE SECTION;

‎src/interfaces/ecpg/test/expected/complex-test4.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -140,7 +140,7 @@ main (void)
140140
chartext [25 ]="klmnopqrst" ;
141141

142142
#line 30 "test4.pgc"
143-
char*t= (char* )malloc (10 ) ;
143+
char*t= (char* )malloc (11 ) ;
144144

145145
#line 31 "test4.pgc"
146146
doublef ;
@@ -184,14 +184,14 @@ if (sqlca.sqlcode < 0) sqlprint();}
184184
#line 46 "test4.pgc"
185185

186186

187-
{ECPGdo(__LINE__,0,1,NULL,"insert into test ( f , i , a , text , b , t , err ) values( 404.90 , 3 , '{0,1,2,3,4,5,6,7,8,9}' , 'abcdefghij' , 'f' , 0 , 0 )",ECPGt_EOIT,ECPGt_EORT);
187+
{ECPGdo(__LINE__,0,1,NULL,"insert into test ( f , i , a , text , b , t , err ) values( 404.90 , 3 , '{0,1,2,3,4,5,6,7,8,9}' , 'abcdefghij' , 'f' , 0 , 0 )",ECPGt_EOIT,ECPGt_EORT);
188188
#line 48 "test4.pgc"
189189

190190
if (sqlca.sqlcode<0)sqlprint();}
191191
#line 48 "test4.pgc"
192192

193193

194-
{ECPGdo(__LINE__,0,1,NULL,"insert into test ( f , i , a , text , b , t , err ) values( 140787.0 , 2 , ? , ? , 't' , 2 , 14 )",
194+
{ECPGdo(__LINE__,0,1,NULL,"insert into test ( f , i , a , text , b , t , err ) values( 140787.0 , 2 , ? , ? , 't' , 2 , 14 )",
195195
ECPGt_int,(a),(long)1,(long)10,sizeof(int),
196196
ECPGt_NO_INDICATOR,NULL ,0L,0L,0L,
197197
ECPGt_char,(text),(long)25,(long)1,(25)*sizeof(char),
@@ -205,7 +205,7 @@ if (sqlca.sqlcode < 0) sqlprint();}
205205

206206

207207

208-
{ECPGdo(__LINE__,0,1,NULL,"insert into test ( f , i , a , text , b , t , err ) values( 14.07 , ? , ? , ? , ? , 1 , 147 )",
208+
{ECPGdo(__LINE__,0,1,NULL,"insert into test ( f , i , a , text , b , t , err ) values( 14.07 , ? , ? , ? , ? , 1 , 147 )",
209209
ECPGt_int,&(did),(long)1,(long)0,sizeof(int),
210210
ECPGt_NO_INDICATOR,NULL ,0L,0L,0L,
211211
ECPGt_int,(a),(long)1,(long)10,sizeof(int),

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp