Skip site navigation (1) Skip section navigation (2)

ECPG segfault

From: Jürgen Cappel <email(at)juergen-cappel(dot)de>
To: "pgsql-interfaces" <pgsql-interfaces(at)postgresql(dot)org>
Subject: ECPG segfault
Date: 2004-03-26 12:26:28
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-interfaces
The code in ecpg/preproc/type.c has a problem when allocating
memory. I'm referring to the function ECPGdump_a_simple() where
one of the first actions is allocating memory and assigning it
to variable "offset". The amount of memory requested depends on
the size of the variable's name and the length of a fixed string.
The function has a parameter called "varcharsize" (array size string)
which is later used in the "case ECPGt_char:" where it is included
in an sprintf() to fill the allocated memory area. This leads to
a subsequent segmentation fault if "varcharsize" is not a simple
integer but maybe a cpp macro of some length, say, 20 bytes. At
least it *can* lead to a segfault, because you never know how and
when memory corruption strikes back on you ...

Using my example, things work well when allocating a few bytes more,
but i would suggest adding a strlen(varcharsize) instead of 1 byte
for allocation of "offset".

Comments are welcome !  Best regards, Jürgen Cappel

Oh, and btw thanks to valgrind for pointing me to that place :-)


pgsql-interfaces by date

Next:From: Kris JurkaDate: 2004-03-26 21:31:34
Subject: Re: receiving user defined types from a function?
Previous:From: Peter EisentrautDate: 2004-03-26 10:22:43
Subject: Re: Portable interfaces ...

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group