Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commite72ca17

Browse files
committed
fixes for several potential null pointer dereferences
submitted by: Paul "Shag" Walmsley <ccshag@cclabs.missouri.edu>
1 parent950b6ab commite72ca17

File tree

2 files changed

+140
-15
lines changed

2 files changed

+140
-15
lines changed

‎src/interfaces/libpq/fe-connect.c‎

Lines changed: 53 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.1.1.1 1996/07/09 06:22:17 scrappy Exp $
10+
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.2 1996/07/12 04:53:57 scrappy Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -70,7 +70,12 @@ PQsetdb(char *pghost, char* pgport, char* pgoptions, char* pgtty, char* dbName)
7070
char*tmp;
7171

7272
conn= (PGconn*)malloc(sizeof(PGconn));
73-
73+
74+
if (!conn) {
75+
fprintf(stderr,"FATAL: pqsetdb() -- unable to allocate memory for a PGconn");
76+
return (PGconn*)NULL;
77+
}
78+
7479
conn->Pfout=NULL;
7580
conn->Pfin=NULL;
7681
conn->Pfdebug=NULL;
@@ -307,9 +312,13 @@ closePGconn(PGconn *conn)
307312
void
308313
PQfinish(PGconn*conn)
309314
{
310-
if (conn->status==CONNECTION_OK)
311-
closePGconn(conn);
312-
freePGconn(conn);
315+
if (!conn) {
316+
fprintf(stderr,"PQfinish() -- pointer to PGconn is null");
317+
}else {
318+
if (conn->status==CONNECTION_OK)
319+
closePGconn(conn);
320+
freePGconn(conn);
321+
}
313322
}
314323

315324
/* PQreset :
@@ -319,8 +328,12 @@ PQfinish(PGconn *conn)
319328
void
320329
PQreset(PGconn*conn)
321330
{
331+
if (!conn) {
332+
fprintf(stderr,"PQreset() -- pointer to PGconn is null");
333+
}else {
322334
closePGconn(conn);
323335
conn->status=connectDB(conn);
336+
}
324337
}
325338

326339
/*
@@ -395,42 +408,77 @@ startup2PacketBuf(StartupInfo* s, PacketBuf* res)
395408
char*
396409
PQdb(PGconn*conn)
397410
{
411+
if (!conn) {
412+
fprintf(stderr,"PQdb() -- pointer to PGconn is null");
413+
return (char*)NULL;
414+
}
415+
398416
returnconn->dbName;
399417
}
400418

401419
char*
402420
PQhost(PGconn*conn)
403421
{
422+
if (!conn) {
423+
fprintf(stderr,"PQhost() -- pointer to PGconn is null");
424+
return (char*)NULL;
425+
}
426+
404427
returnconn->pghost;
405428
}
406429

407430
char*
408431
PQoptions(PGconn*conn)
409432
{
433+
if (!conn) {
434+
fprintf(stderr,"PQoptions() -- pointer to PGconn is null");
435+
return (char*)NULL;
436+
}
437+
410438
returnconn->pgoptions;
411439
}
412440

413441
char*
414442
PQtty(PGconn*conn)
415443
{
444+
if (!conn) {
445+
fprintf(stderr,"PQtty() -- pointer to PGconn is null");
446+
return (char*)NULL;
447+
}
448+
416449
returnconn->pgtty;
417450
}
418451

419452
char*
420453
PQport(PGconn*conn)
421454
{
455+
if (!conn) {
456+
fprintf(stderr,"PQport() -- pointer to PGconn is null");
457+
return (char*)NULL;
458+
}
459+
422460
returnconn->pgport;
423461
}
424462

425463
ConnStatusType
426464
PQstatus(PGconn*conn)
427465
{
466+
if (!conn) {
467+
fprintf(stderr,"PQstatus() -- pointer to PGconn is null");
468+
returnCONNECTION_BAD;
469+
}
470+
428471
returnconn->status;
429472
}
430473

431474
char*
432475
PQerrorMessage(PGconn*conn)
433476
{
477+
if (!conn) {
478+
fprintf(stderr,"PQerrorMessage() -- pointer to PGconn is null");
479+
return (char*)NULL;
480+
}
481+
434482
returnconn->errorMessage;
435483
}
436484

‎src/interfaces/libpq/fe-exec.c‎

Lines changed: 87 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-exec.c,v 1.1.1.1 1996/07/09 06:22:17 scrappy Exp $
10+
* $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-exec.c,v 1.2 1996/07/12 04:53:59 scrappy Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -358,12 +358,20 @@ PQexec(PGconn* conn, char* query)
358358
charcmdStatus[MAX_MESSAGE_LEN];
359359
charpname[MAX_MESSAGE_LEN];/* portal name */
360360
PGnotify*newNotify;
361-
FILE*Pfin=conn->Pfin;
362-
FILE*Pfout=conn->Pfout;
363-
FILE*Pfdebug=conn->Pfdebug;
361+
FILE*Pfin,*Pfout,*Pfdebug;
364362

365363
pname[0]='\0';
366364

365+
if (!conn)returnNULL;
366+
if (!query) {
367+
sprintf(conn->errorMessage,"PQexec() -- query pointer is null.");
368+
returnNULL;
369+
}
370+
371+
Pfin=conn->Pfin;
372+
Pfout=conn->Pfout;
373+
Pfdebug=conn->Pfdebug;
374+
367375
/*clear the error string */
368376
conn->errorMessage[0]='\0';
369377

@@ -500,6 +508,9 @@ PGnotify*
500508
PQnotifies(PGconn*conn)
501509
{
502510
Dlelem*e;
511+
512+
if (!conn)returnNULL;
513+
503514
if (conn->status!=CONNECTION_OK)
504515
returnNULL;
505516
/* RemHead returns NULL if list is empy */
@@ -531,6 +542,8 @@ int
531542
PQgetline(PGconn*conn,char*s,intmaxlen)
532543
{
533544
intc='\0';
545+
546+
if (!conn)returnEOF;
534547

535548
if (!conn->Pfin|| !s||maxlen <=1)
536549
return(EOF);
@@ -561,7 +574,7 @@ PQgetline(PGconn *conn, char *s, int maxlen)
561574
void
562575
PQputline(PGconn*conn,char*s)
563576
{
564-
if (conn->Pfout) {
577+
if (conn&& (conn->Pfout)) {
565578
(void)fputs(s,conn->Pfout);
566579
fflush(conn->Pfout);
567580
}
@@ -580,8 +593,12 @@ int
580593
PQendcopy(PGconn*conn)
581594
{
582595
charid;
583-
FILE*Pfin=conn->Pfin;
584-
FILE*Pfdebug=conn->Pfdebug;
596+
FILE*Pfin,*Pfdebug;
597+
598+
if (!conn)return (int)NULL;
599+
600+
Pfin=conn->Pfin;
601+
Pfdebug=conn->Pfdebug;
585602

586603
if ( (id=pqGetc(Pfin,Pfdebug))>0)
587604
return(0);
@@ -836,12 +853,16 @@ PQfn(PGconn *conn,
836853
PQArgBlock*args,
837854
intnargs)
838855
{
839-
FILE*Pfin=conn->Pfin;
840-
FILE*Pfout=conn->Pfout;
841-
FILE*Pfdebug=conn->Pfdebug;
856+
FILE*Pfin,*Pfout,*Pfdebug;
842857
intid;
843858
inti;
844859

860+
if (!conn)returnNULL;
861+
862+
Pfin=conn->Pfin;
863+
Pfout=conn->Pfout;
864+
Pfdebug=conn->Pfdebug;
865+
845866
/* clear the error string */
846867
conn->errorMessage[0]='\0';
847868

@@ -916,18 +937,33 @@ PQfn(PGconn *conn,
916937
ExecStatusType
917938
PQresultStatus(PGresult*res)
918939
{
940+
if (!res) {
941+
fprintf(stderr,"PQresultStatus() -- pointer to PQresult is null");
942+
returnPGRES_NONFATAL_ERROR;
943+
}
944+
919945
returnres->resultStatus;
920946
}
921947

922948
int
923949
PQntuples(PGresult*res)
924950
{
951+
if (!res) {
952+
fprintf(stderr,"PQntuples() -- pointer to PQresult is null");
953+
return (int)NULL;
954+
}
955+
925956
returnres->ntups;
926957
}
927958

928959
int
929960
PQnfields(PGresult*res)
930961
{
962+
if (!res) {
963+
fprintf(stderr,"PQnfields() -- pointer to PQresult is null");
964+
return (int)NULL;
965+
}
966+
931967
returnres->numAttributes;
932968
}
933969

@@ -937,6 +973,12 @@ PQnfields(PGresult *res)
937973
char*
938974
PQfname(PGresult*res,intfield_num)
939975
{
976+
977+
if (!res) {
978+
fprintf(stderr,"PQfname() -- pointer to PQresult is null");
979+
returnNULL;
980+
}
981+
940982
if (field_num> (res->numAttributes-1)) {
941983
fprintf(stderr,
942984
"PQfname: ERROR! name of field %d(of %d) is not available",
@@ -957,6 +999,11 @@ PQfnumber(PGresult *res, char* field_name)
957999
{
9581000
inti;
9591001

1002+
if (!res) {
1003+
fprintf(stderr,"PQfnumber() -- pointer to PQresult is null");
1004+
return-1;
1005+
}
1006+
9601007
if (field_name==NULL||
9611008
field_name[0]=='\0'||
9621009
res->attDescs==NULL)
@@ -973,6 +1020,11 @@ PQfnumber(PGresult *res, char* field_name)
9731020
Oid
9741021
PQftype(PGresult*res,intfield_num)
9751022
{
1023+
if (!res) {
1024+
fprintf(stderr,"PQftype() -- pointer to PQresult is null");
1025+
returnInvalidOid;
1026+
}
1027+
9761028
if (field_num> (res->numAttributes-1)) {
9771029
fprintf(stderr,
9781030
"PQftype: ERROR! type of field %d(of %d) is not available",
@@ -987,6 +1039,11 @@ PQftype(PGresult *res, int field_num)
9871039
int2
9881040
PQfsize(PGresult*res,intfield_num)
9891041
{
1042+
if (!res) {
1043+
fprintf(stderr,"PQfsize() -- pointer to PQresult is null");
1044+
return (int2)NULL;
1045+
}
1046+
9901047
if (field_num> (res->numAttributes-1)) {
9911048
fprintf(stderr,
9921049
"PQfsize: ERROR! size of field %d(of %d) is not available",
@@ -999,6 +1056,11 @@ PQfsize(PGresult *res, int field_num)
9991056
}
10001057

10011058
char*PQcmdStatus(PGresult*res) {
1059+
if (!res) {
1060+
fprintf(stderr,"PQcmdStatus() -- pointer to PQresult is null");
1061+
returnNULL;
1062+
}
1063+
10021064
returnres->cmdStatus;
10031065
}
10041066

@@ -1008,6 +1070,11 @@ char* PQcmdStatus(PGresult *res) {
10081070
if not, return ""
10091071
*/
10101072
char*PQoidStatus(PGresult*res) {
1073+
if (!res) {
1074+
fprintf(stderr,"PQoidStatus() -- pointer to PQresult is null");
1075+
returnNULL;
1076+
}
1077+
10111078
if (!res->cmdStatus)
10121079
return"";
10131080

@@ -1031,6 +1098,11 @@ char* PQoidStatus(PGresult *res) {
10311098
char*
10321099
PQgetvalue(PGresult*res,inttup_num,intfield_num)
10331100
{
1101+
if (!res) {
1102+
fprintf(stderr,"PQgetvalue() -- pointer to PQresult is null");
1103+
returnNULL;
1104+
}
1105+
10341106
if (tup_num> (res->ntups-1)||
10351107
field_num> (res->numAttributes-1)) {
10361108
fprintf(stderr,
@@ -1050,6 +1122,11 @@ PQgetvalue(PGresult *res, int tup_num, int field_num)
10501122
int
10511123
PQgetlength(PGresult*res,inttup_num,intfield_num)
10521124
{
1125+
if (!res) {
1126+
fprintf(stderr,"PQgetlength() -- pointer to PQresult is null");
1127+
return (int)NULL;
1128+
}
1129+
10531130
if (tup_num> (res->ntups-1 )||
10541131
field_num> (res->numAttributes-1)) {
10551132
fprintf(stderr,

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp