Re: [SDO C++] AccessViolation in XMLHelperImpl
Thanks for that. I'll fix it right away. On 02/11/2007, Caroline Maynard [EMAIL PROTECTED] wrote: A user has found a vulnerability in XMLHelperImpl::createDocument, the one with the const char * parameters. The problem being that the root element name is initialized with the parameter before the code which checks for the parameter being null. I'll add a guard for this in the PHP code, but really it should be fixed in Tuscany. Could someone apply this patch, please: Index: C:/dev/tuscany_sdo_pre2.1/sdo-cpp-pre2.1/runtime/core/src/commonj/sdo/XMLHelperImpl.cpp === --- C:/dev/tuscany_sdo_pre2.1/sdo-cpp-pre2.1/runtime/core/src/commonj/sdo/XMLHelperImpl.cpp (revision 568508) +++ C:/dev/tuscany_sdo_pre2.1/sdo-cpp-pre2.1/runtime/core/src/commonj/sdo/XMLHelperImpl.cpp (working copy) @@ -172,7 +172,7 @@ const char* rootElementName) { SDOString uri; - SDOString name = rootElementName; + SDOString name; if (0 == rootElementURI) uri = ; else The patch was created against the branch, but the same code exists in the trunk. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Pete - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [SDO C++] AccessViolation in XMLHelperImpl
Pete Robbins wrote: Thanks for that. I'll fix it right away. Thanks, Pete - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[SDO C++] AccessViolation in XMLHelperImpl
A user has found a vulnerability in XMLHelperImpl::createDocument, the one with the const char * parameters. The problem being that the root element name is initialized with the parameter before the code which checks for the parameter being null. I'll add a guard for this in the PHP code, but really it should be fixed in Tuscany. Could someone apply this patch, please: Index: C:/dev/tuscany_sdo_pre2.1/sdo-cpp-pre2.1/runtime/core/src/commonj/sdo/XMLHelperImpl.cpp === --- C:/dev/tuscany_sdo_pre2.1/sdo-cpp-pre2.1/runtime/core/src/commonj/sdo/XMLHelperImpl.cpp (revision 568508) +++ C:/dev/tuscany_sdo_pre2.1/sdo-cpp-pre2.1/runtime/core/src/commonj/sdo/XMLHelperImpl.cpp (working copy) @@ -172,7 +172,7 @@ const char* rootElementName) { SDOString uri; - SDOString name = rootElementName; + SDOString name; if (0 == rootElementURI) uri = ; else The patch was created against the branch, but the same code exists in the trunk. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]