On Mon, Jan 29, 2024 at 2:17 PM <o.tselebrovs...@postgrespro.ru> wrote: > > Greetings, everyone! > > While analyzing output of Svace static analyzer [1] I've found a bug. > > In function intoasc(interval * i, char *str) from file > src/interfaces/ecpg/compatlib/informix.c > we return a non-terminated string since we use memcpy on tmp which is > itself NULL-teminated but > last zero byte is not copied. > > The proposed solution is to use strcpy instead, since it is used in all > other functions in informix.c. > > The patch is attached. > > [1] - https://svace.pages.ispras.ru/svace-website/en/ >
Can you please add a test case showcasing the bug? I see dttoasc() uses strcpy(). So there's already a precedence. -- Best Wishes, Ashutosh Bapat