open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ecpg: Fix off-by-one error in memory copying

Browse Source 
In a rare case, one byte past the end of memory belonging to the
sqlca_t structure would be written to.

found by Coverity
REL9_1_STABLE
Peter Eisentraut 14 years ago
parent 6f59d42b94
commit 3043608cf7
1 changed files with 1 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      src/interfaces/ecpg/ecpglib/misc.c

2
src/interfaces/ecpg/ecpglib/misc.c
Unescape View File

@ -530,7 +530,7 @@ ECPGset_var(int number, void *pointer, int lineno)
struct sqlca_t *sqlca = ECPGget_sqlca(); struct sqlca_t *sqlca = ECPGget_sqlca();
sqlca->sqlcode = ECPG_OUT_OF_MEMORY; sqlca->sqlcode = ECPG_OUT_OF_MEMORY;
strncpy(sqlca->sqlstate, "YE001", sizeof("YE001")); strncpy(sqlca->sqlstate, "YE001", sizeof(sqlca->sqlstate));
snprintf(sqlca->sqlerrm.sqlerrmc, sizeof(sqlca->sqlerrm.sqlerrmc), "out of memory on line %d", lineno); snprintf(sqlca->sqlerrm.sqlerrmc, sizeof(sqlca->sqlerrm.sqlerrmc), "out of memory on line %d", lineno);
sqlca->sqlerrm.sqlerrml = strlen(sqlca->sqlerrm.sqlerrmc); sqlca->sqlerrm.sqlerrml = strlen(sqlca->sqlerrm.sqlerrmc);
/* free all memory we have allocated for the user */ /* free all memory we have allocated for the user */

Write Preview
Loading…
Cancel
Save