Holger Freyther writes:
> Good Morning,
>
> at OpenBSC/NITB we are using libdbi to access a sqlite3 database. We
> have changed the schema and I write some database code but I am plagued
> with crashes and memory corruption. I'm more plagued when I issue
> a "BEGIN TRANSACTION" during the migration.
>
> Long story short:
>
> if ((temp = malloc(from_length*2)) == NULL) {
> return 0;
> }
>
> a.) from_length == 0, then a valid piece of memory that can hold 0 bytes
> will be returned. But there is no place to writhe the two quotes and the
> NUL.
>
> b.) orig="\353\260\v", from_length=3. Apparently this string requires
> full escaping/encoding too. It will write 6 bytes and the last quote
> and NUL will be written out of bounds.
>
> This applies to libdbi 0.8 and the latest git. A calculation like in
> the MySQL driver should be used instead:
>
> /* we allocate what mysql_real_escape_string needs, plus an extra
> two escape chars and a terminating zero*/
> temp = malloc(2*from_length+1+2);
>
> Can this be fixed? Can you make new 0.8/0.9 releases with that? Or
> can you provide a work-around?
>
Hi,
thanks for reporting and analyzing the problem. I've fixed this in
git. The only workaround at this time is to build from git. I won't
make any promises but once your current problems are fixed I'll look
into making new releases.
regards,
Markus
--
Markus Hoenicka
http://www.mhoenicka.de
AQ score 38
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
Libdbi-drivers-devel mailing list
Libdbi-drivers-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/libdbi-drivers-devel
