Ask for two questions on psqlodbc

From: cobainpluto <pluto_cbin(at)outlook(dot)com>
To: "pgsql-odbc(at)postgresql(dot)org" <pgsql-odbc(at)postgresql(dot)org>
Subject: Ask for two questions on psqlodbc
Date: 2014-07-02 09:09:36
Message-ID: BAY180-W45E9535E65938A2FEAFCDBF7060@phx.gbl
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-odbc

Dear all,
Recently, I used Static Code Analyzer(Fortify) to analyze psqlodbc-09.03.0300 codes, and found two potential Memory Leak
problems in qresult.c file.

Details are as follows :
1.Potential Memory Leak problem
qresult.c:962: in QR_next_tuple()
962 mres = CC_send_query(conn, movecmd, NULL, 0, stmt);
There is a dynamically allocated memory in CC_send_query_append(...).
If follow the below path, from here to RETURN (-1), the applied memory space is not free, so it is possiblehas to generate Memory
Leak.
---------------------------------------------------------------
qresult.c:963 - BranchNotTaken : Branch not taken: (mres != 0)
qresult.c:971 - BranchTaken : Branch taken: (sscanf(mres->command, "MOVE %lu", (&moved)) > 0)
qresult.c:974 - BranchTaken : Branch taken: (moved < movement)
qresult.c:993 - BranchTaken : Branch taken: (2 == self->move_direction)
qresult.c:998 - BranchTaken : Branch taken: (getNthValid(self, (<inline expression> - 1), 4, self->move_offset, (&backpt)) < 0)
qresult.c:1004 - EndScope : RETURN(-1)
---------------------------------------------------------------

2、Potential Null Dereference problem
qresult.c:1691: in QR_read_a_tuple_from_db()
1691 &this_keyset->blocknum, &this_keyset->offset);
qresult.c:1693: in QR_read_a_tuple_from_db()
1693 this_keyset->oid = strtoul(buffer, NULL, 10);
Here reference to the this_keyset.
If follow the below path,value of this_keyset is always NULL before referring to this_keyset, so it is possiblehas to generate Null
Dereference possible.
---------------------------------------------------------------
qresult.c:1571 - Assigned null : KeySet *this_keyset = NULL;
qresult.c:1590 - BranchNotTaken : Branch not taken: (0 == (self->flags & 1))
qresult.c:1624 - BranchTaken : Branch taken: (field_lf < ci_num_fields)
qresult.c:1668 - BranchNotTaken : Branch not taken: (isnull == 0)
qresult.c:1676 - BranchTaken : Branch taken: (field_lf >= effective_cols)
qresult.c:1687 - BranchTaken : Branch taken: (field_lf >= effective_cols)
---------------------------------------------------------------

I'am not sure if they are really bugs, because i'am not so familiar with psqlodbc's code.
Could someone give your point of view.
The attachments is detail analysis reports and the related codes.
Thank you very much.

Best wishes~
Sincerely yours,
pluto.cobain

Attachment Content-Type Size
qresult.zip application/x-zip-compressed 15.7 KB

Responses

Browse pgsql-odbc by date

  From Date Subject
Next Message Craig Ringer 2014-07-02 15:31:30 Re: installer\Make.bat bitrotted
Previous Message Craig Ringer 2014-07-01 10:15:14 installer\Make.bat bitrotted