> On 14 Jun 2024, at 09:38, Winter Loo <winter...@126.com> wrote: > I find the definition of `sqlca->sqlstate` and it has only 5 bytes. When the > statement > > ```c > strncpy(sqlca->sqlstate, "YE001", sizeof(sqlca->sqlstate)); > ``` > > get executed, `sqlca->sqlstate` will have no '\0' byte which makes me anxious > when someone prints that as a string.
sqlstate is defined as not being unterminated fixed-length, leaving the callers to handle termination. > Indeed, I found the code(in src/interfaces/ecpg/ecpglib/misc.c) does that, > > fprintf(debugstream, "[NO_PID]: sqlca: code: %ld, state: %s\n", > sqlca->sqlcode, sqlca->sqlstate); This is indeed buggy and need to take the length into account, as per the attached. This only happens when in the undocumented regression test debug mode which may be why it's gone unnoticed. -- Daniel Gustafsson
ecgp_sqlstate.diff
Description: Binary data
