From: | Ludek Finstrle <luf(at)pzkagis(dot)cz> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | pgsql-odbc(at)postgresql(dot)org |
Subject: | Re: SQLGetInfo buffer overflow? |
Date: | 2006-01-25 17:16:22 |
Message-ID: | 20060125171622.GA6210@soptik.pzkagis.cz |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-odbc |
Wed, Jan 25, 2006 at 11:52:13AM -0500, Tom Lane napsal(a):
> Anyone have a comment on
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178925
I see no problem without Unicode support. I'm not sure with unicode version.
RETCODE SQL_API PGAPI_GetInfo(
HDBC hdbc,
UWORD fInfoType, // 18
PTR rgbInfoValue, // output buffer
SWORD cbInfoValueMax, // size of output buffer
SWORD FAR * pcbInfoValue) // returned length
{
char *p = NULL,
tmp[MAX_INFO_STRING];
int len = 0;
...
switch (fInfoType)
case SQL_DBMS_VER:
snprintf(tmp, sizeof(tmp) - 1, "%s %s", POSTGRESDRIVERVERSION, conn->pg_version);
tmp[sizeof(tmp) - 1] = '\0';
p = tmp;
break;
...
result = SQL_SUCCESS;
if (p) {
len = strlen(p);
#ifdef UNICODE_SUPPORT
if (conn->unicode)
len = len * WCLEN;
#endif
if (rgbInfoValue) {
#ifdef UNICODE_SUPPORT
if (conn->unicode)
len = utf8_to_ucs2(p, len, (SQLWCHAR *) rgbInfoValue, cbInfoValueMax / 2);
else
#endif
strncpy_null((char *) rgbInfoValue, p, (size_t) cbInfoValueMax);
if (len >= cbInfoValueMax) {
result = SQL_SUCCESS_WITH_INFO;
CC_set_error(conn, CONN_TRUNCATED, "The buffer was too small for the InfoValue.");
}
}
}
...
if (pcbInfoValue)
*pcbInfoValue = len;
mylog("%s: p='%s', len=%d, value=%d, cbMax=%d\n", func, p ? p : "<NULL>", len, value, cbInfoValueMax);
return result;
}
I have no time for this issue until next week. The code is located
in info.c.
Regards,
Luf
From | Date | Subject | |
---|---|---|---|
Next Message | Alex Aylward | 2006-01-25 19:00:59 | installation |
Previous Message | Tom Lane | 2006-01-25 16:52:13 | SQLGetInfo buffer overflow? |