Re: [Firebird-devel] Sanity checks for methods' parameters in Y-valve
Alex Peshkoff via Firebird-devel wrote 15.09.2022 18:08: I do not want to say segfault is good thing and will not provide as a sample trivial things like strcpy() - but almost any function in C library will segfault when passed wrong address of some data. strcpy() is a quite bad example because it is even more ancient than Firebird API. Modern functions that are supposed to return an error code get used to returns EFAULT or EINVAL. -- WBR, SD. Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] Sanity checks for methods' parameters in Y-valve
On 9/15/22 18:56, Dimitry Sibiryakov wrote: Hello All. If someone by mistake calls IStatement::execute() providing metadata but no data buffer, it will pass the values as is to a provider and overall result will be segfault. Shouldn't some sanity checks to be performed there? Not sure. Check for nullptr is really simple but what if user sends garbage instead data buffer address? Luckily that segfault will never disturb remote server - only client or embedded which can suffer same way from any segfault in user process. I do not want to say segfault is good thing and will not provide as a sample trivial things like strcpy() - but almost any function in C library will segfault when passed wrong address of some data. Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
[Firebird-devel] Sanity checks for methods' parameters in Y-valve
Hello All. If someone by mistake calls IStatement::execute() providing metadata but no data buffer, it will pass the values as is to a provider and overall result will be segfault. Shouldn't some sanity checks to be performed there? -- WBR, SD. Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
