| From: | cobainpluto <pluto_cbin(at)outlook(dot)com> |
|---|---|
| To: | "pgsql-odbc(at)postgresql(dot)org" <pgsql-odbc(at)postgresql(dot)org> |
| Subject: | Some problem about malloc |
| Date: | 2014-07-09 13:59:58 |
| Message-ID: | BAY180-W444AFAF9204DD99275D9C0F70F0@phx.gbl |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-odbc |
Dear all,
According to Fortify analysis,I found that some other malloc results could not be judged. It is also likely to produce a Null Dereference.
Details are as follows :
---------------------------------------------------------------
psqlodbc.h:433: in STRN_TO_NAME()
432 (the_name).name = malloc((n) + 1); \
433 memcpy((the_name).name, str, (n)); \
---------------------------------------------------------------
Here,if malloc failed,the returned name should be NULL.The subsequent memcpy operation had the potential to produce Null Dereference.
There are two similar situations:
---------------------------------------------------------------
dlg_specific.c:1577: in decode()
1572 outs = (char *) malloc(ilen + 1);
1577 outs[o++] = ' ';
---------------------------------------------------------------
---------------------------------------------------------------
multibyte.c:186: in check_client_encoding()
185 rptr = malloc(len + 1);
186 memcpy(rptr, sptr, len);
---------------------------------------------------------------
I think it might be a bug.
Could you please check and revive it?
The attachments are related codes.
Thank you very much.
Best wishes~
Sincerely yours,
pluto.cobain
| Attachment | Content-Type | Size |
|---|---|---|
| psqlodbc.zip | application/zip | 19.6 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | cobainpluto | 2014-07-09 14:03:19 | Re: Ask for two questions on psqlodbc |
| Previous Message | Craig Ringer | 2014-07-09 04:23:10 | Re: Impossible to use MSDTC/XA with SSPI |