Hello again, Currently the code in odbc_standard_use_type_backend::pre_use() can overflow the buffer for x_stdstring type variables as it's allocated to the size of the string in prepare_for_bind() but the string value can change afterwards, e.g. if you do this:
std::string str;
statement st(session);
st.alloc();
st.prepare(query);
st.exchange(use(str));
st.define_and_bind();
str = "Hello world!";
st.execute(true);
Granted, this is not a normal use case but it still seems wrong to corrupt
the buffer in this situation. The patch below ensures that the buffer is of
correct size by uncommenting the code that allocated it in pre_use(), it
really must be done there. In fact the allocation in prepare_for_bind() is
almost certainly unnecessary and could probably be just removed but I'm not
sure to understand the code in all details so for now I didn't change this.
Please let me know if you see any problems with this patch and if it can
be applied to the official version otherwise (or if you prefer to receive
patch submissions in some other way, e.g. via git pull requests).
Thanks,
VZ
--- a/src/backends/odbc/standard-use-type.cpp
+++ b/src/backends/odbc/standard-use-type.cpp
@@ -189,14 +189,9 @@ void odbc_standard_use_type_backend::pre_use(indicator
const *ind)
{
std::string *s = static_cast<std::string *>(data_);
std::size_t const bufSize = s->size() + 1;
- // TODO: this is a hack (for buffer re-size? --mloskot)
- //delete [] buf_;
- //buf_ = new char[bufSize];
-
- std::size_t const sSize = s->size();
- std::size_t const toCopy = sSize < bufSize -1 ? sSize + 1 : bufSize -
1;
- strncpy(buf_, s->c_str(), toCopy);
- buf_[toCopy] = '\0';
+ delete [] buf_;
+ buf_ = new char[bufSize];
+ strcpy(buf_, s->c_str());
}
else if (type_ == x_stdtm)
{
pgpu4WAYUqZmf.pgp
Description: PGP signature
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Soci-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/soci-users
