Possible buffer overflow in client library
------------------------------------------
Key: CORE-6432
URL: http://tracker.firebirdsql.org/browse/CORE-6432
Project: Firebird Core
Issue Type: Bug
Components: API / Client Library
Affects Versions: 3.0.7, 3.0.6, 4.0 Beta 2, 3.0.5, 2.5.9, 4.0 Beta 1,
3.0.4, 3.0.3, 4.0 Alpha 1, 3.0.2, 3.0.1, 3.0.0, 4.0 Initial
Reporter: Alexander Peshkov
The loop in merge.cpp:72 expects the `in` buffer to eventually contain either
isc_info_end, isc_info_truncated or isc_info_implementation, and will otherwise
read out of buffer bounds with good chance for access violation.
With correctly working providers chances to get that error are very low, but it
can happen in case of bug in provider (on server) or malware server replacement
(on client).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
