This is an automated email from the git hooks/post-receive script. dmn pushed a commit to branch master in repository libdbd-firebird-perl.
commit 63ba70750f8be99765e09fe5d032042eeea19807 Author: Damyan Ivanov <d...@debian.org> Date: Sun Mar 29 13:20:18 2015 +0000 add patch from upstream Git replacing all sprintf usage with snprintf --- debian/patches/series | 1 + debian/patches/snprintf-everywhere.patch | 147 +++++++++++++++++++++++++++++++ 2 files changed, 148 insertions(+) diff --git a/debian/patches/series b/debian/patches/series index 80f51d1..4df7295 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ dbdimp-780925-buf-overflow.patch +snprintf-everywhere.patch diff --git a/debian/patches/snprintf-everywhere.patch b/debian/patches/snprintf-everywhere.patch new file mode 100644 index 0000000..7cac9e4 --- /dev/null +++ b/debian/patches/snprintf-everywhere.patch @@ -0,0 +1,147 @@ +commit 43b9cfac3f09dead772ece59b2d3d5bf8d73d360 +Author: Damyan Ivanov <d...@debian.org> +Commit: Damyan Ivanov <d...@debian.org> + + use snprintf instead of sprintf everywhere + + this way even if the buffer can't hold all the content, we never + overflow it + +diff --git a/Firebird.xs b/Firebird.xs +index 08d17d8..c1c2361 100644 +--- a/Firebird.xs ++++ b/Firebird.xs +@@ -1646,7 +1646,7 @@ ib_plan(sth) + if (plan_buffer[0] == isc_info_sql_get_plan) { + short l = (short) isc_vax_integer((char *)plan_buffer + 1, 2); + Newx(RETVAL, l + 2, char); +- sprintf(RETVAL, "%.*s%s", l, plan_buffer + 3, "\n"); ++ snprintf(RETVAL, l+2, "%.*s%s", l, plan_buffer + 3, "\n"); + //PerlIO_printf(PerlIO_stderr(), "Len: %d, orig len: %d\n", strlen(imp_sth->plan), l); + } + } +diff --git a/dbdimp.c b/dbdimp.c +index dbdf8e3..a7574b3 100644 +--- a/dbdimp.c ++++ b/dbdimp.c +@@ -72,9 +72,10 @@ bool is_ascii_string(const U8 *s, STRLEN len) { + int create_cursor_name(SV *sth, imp_sth_t *imp_sth) + { + ISC_STATUS status[ISC_STATUS_LENGTH]; ++#define CURSOR_NAME_LEN 22 + +- Newxz(imp_sth->cursor_name, 22, char); +- sprintf(imp_sth->cursor_name, "perl%16.16X", (uint32_t)imp_sth->stmt); ++ Newxz(imp_sth->cursor_name, CURSOR_NAME_LEN, char); ++ snprintf(imp_sth->cursor_name, CURSOR_NAME_LEN, "perl%16.16X", (uint32_t)imp_sth->stmt); + isc_dsql_set_cursor_name(status, &(imp_sth->stmt), imp_sth->cursor_name, 0); + if (ib_error_check(sth, status)) + return FALSE; +@@ -1494,7 +1495,7 @@ AV *dbd_st_fetch(SV *sth, imp_sth_t *imp_sth) + switch (dtype) + { + case SQL_TIMESTAMP: +- sprintf(buf, "%04d-%02d-%02d %02d:%02d:%02d.%04ld", ++ snprintf(buf, sizeof(buf), "%04d-%02d-%02d %02d:%02d:%02d.%04ld", + times.tm_year + 1900, + times.tm_mon + 1, + times.tm_mday, +@@ -1504,14 +1505,14 @@ AV *dbd_st_fetch(SV *sth, imp_sth_t *imp_sth) + fpsec); + break; + case SQL_TYPE_DATE: +- sprintf(buf, "%04d-%02d-%02d", ++ snprintf(buf, sizeof(buf), "%04d-%02d-%02d", + times.tm_year + 1900, + times.tm_mon + 1, + times.tm_mday); + break; + + case SQL_TYPE_TIME: +- sprintf(buf, "%02d:%02d:%02d.%04ld", ++ snprintf(buf, sizeof(buf), "%02d:%02d:%02d.%04ld", + times.tm_hour, + times.tm_min, + times.tm_sec, +@@ -1762,7 +1763,7 @@ AV *dbd_st_fetch(SV *sth, imp_sth_t *imp_sth) + else + { + char s[20]; +- sprintf(s, "COLUMN%d", i); ++ snprintf(s, sizeof(s), "COLUMN%d", i); + sv_setpvn(sv, s, strlen(s)); + } + */ +@@ -2015,7 +2016,7 @@ SV* dbd_st_FETCH_attrib(SV *sth, imp_sth_t *imp_sth, SV *keysv) + else + { + char s[20]; +- sprintf(s, "COLUMN%d", i); ++ snprintf(s, sizeof(s), "COLUMN%d", i); + av_store(av, i, newSVpvn(s, strlen(s))); + } + } +@@ -2350,7 +2351,7 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value, + char *tmp; + char *neg; + +- sprintf(format, "%%ld.%%%dld%%1ld", -ivar->sqlscale); ++ snprintf(format, sizeof(format), "%%ld.%%%dld%%1ld", -ivar->sqlscale); + + /* negative -0.x hack */ + neg = strchr(svalue, '-'); +@@ -2363,7 +2364,7 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value, + if (!sscanf(svalue, format, &p, &q, &r)) + { + /* here we handle values such as .78 passed as string */ +- sprintf(format, ".%%%dld%%1ld", -ivar->sqlscale); ++ snprintf(format, sizeof(format), ".%%%dld%%1ld", -ivar->sqlscale); + if (!sscanf(svalue, format, &q, &r) && DBIc_WARN(imp_sth)) + warn("problem parsing SQL_LONG type"); + } +@@ -2389,11 +2390,11 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value, + { + /* numeric(?,0): scan for one decimal and do rounding*/ + +- sprintf(format, "%%ld.%%1ld"); ++ snprintf(format, sizeof(format), "%%ld.%%1ld"); + + if (!sscanf(svalue, format, &p, &r)) + { +- sprintf(format, ".%%1ld"); ++ snprintf(format, sizeof(format), ".%%1ld"); + if (!sscanf(svalue, format, &r) && DBIc_WARN(imp_sth)) + warn("problem parsing SQL_LONG type"); + } +@@ -2481,7 +2482,7 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value, + char *tmp; + char *neg; + +- sprintf(format, S_INT64_FULL, -ivar->sqlscale); ++ snprintf(format, sizeof(format), S_INT64_FULL, -ivar->sqlscale); + + /* negative -0.x hack */ + neg = strchr(svalue, '-'); +@@ -2494,7 +2495,7 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value, + if (!sscanf(svalue, format, &p, &q, &r)) + { + /* here we handle values such as .78 passed as string */ +- sprintf(format, S_INT64_DEC_FULL, -ivar->sqlscale); ++ snprintf(format, sizeof(format), S_INT64_DEC_FULL, -ivar->sqlscale); + if (!sscanf(svalue, format, &q, &r) && DBIc_WARN(imp_sth)) + warn("problem parsing SQL_INT64 type"); + } +@@ -2520,11 +2521,11 @@ static int ib_fill_isqlda(SV *sth, imp_sth_t *imp_sth, SV *param, SV *value, + { + /* numeric(?,0): scan for one decimal and do rounding*/ + +- sprintf(format, S_INT64_NOSCALE); ++ snprintf(format, sizeof(format), S_INT64_NOSCALE); + + if (!sscanf(svalue, format, &p, &r)) + { +- sprintf(format, S_INT64_DEC_NOSCALE); ++ snprintf(format, sizeof(format), S_INT64_DEC_NOSCALE); + if (!sscanf(svalue, format, &r) && DBIc_WARN(imp_sth)) + warn("problem parsing SQL_INT64 type"); + } -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libdbd-firebird-perl.git _______________________________________________ Pkg-perl-cvs-commits mailing list Pkg-perl-cvs-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-perl-cvs-commits