Bug#396218: marked as done (bind.c: bad handling of SQL_LEN_DATA_AT_EXEC breaks passing char buffer length at SQLExec time)

Fri, 09 May 2008 02:38:03 -0700 

Your message dated Fri, 09 May 2008 09:02:12 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#396218: fixed in psqlodbc 1:08.03.0200-1
has caused the Debian Bug report #396218,
regarding bind.c: bad handling of SQL_LEN_DATA_AT_EXEC breaks passing char 
buffer length at SQLExec time
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
396218: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396218
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message --- 
Package: odbc-postgresql
Version: 1:08.01.0200-2
Severity: normal
Tags: patch

Hello,

thanks for maintaining odbc-postgresql.

In my package dballe (apt-get source dballe) I optimize some frequent
query by preparing the ODBC statement for them and binding the input
parameters, so that when I need the results I can just set some of the
bound variables and call SQLExecute.

This is an example of such variable bind code:

    SQLBindParameter(res->istm, 3, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_CHAR, 0, 0, 
&(res->value), 0, &(res->value_ind));

Note that I'm passing a pointer to the variable that will hold the
string length as the last parameter, instead of using SQL_NTS.

Now, this call eventually ends up in this code, found at bind.c:118:

    /* Data at exec macro only valid for C char/binary data */
    if (pcbValue && (*pcbValue == SQL_DATA_AT_EXEC ||
                                     *pcbValue <= SQL_LEN_DATA_AT_EXEC_OFFSET))
        apdopts->parameters[ipar].data_at_exec = TRUE;
    else
        apdopts->parameters[ipar].data_at_exec = FALSE;

This code tries to dereferenciate the (still uninitialised) pointer I
pass it ( that &(res->value_ind) ) and fails.  The test should be like
this instead:

    /* Data at exec macro only valid for C char/binary data */
    if (pcbValue && (pcbValue == SQL_DATA_AT_EXEC ||
                                     pcbValue <= SQL_LEN_DATA_AT_EXEC_OFFSET))
        apdopts->parameters[ipar].data_at_exec = TRUE;
    else
        apdopts->parameters[ipar].data_at_exec = FALSE;

ODBC has this dirty habit of passing negative integers as special values
for pointers, and SQL_DATA_AT_EXEC is one of those:

from /usr/include/sql.h:29:

#define SQL_NULL_DATA             (-1)
#define SQL_DATA_AT_EXEC          (-2)

same goes for the handling of SQL_LEN_DATA_AT_EXEC_OFFSET.

I regret I can't test the patch with code that uses SQL_DATA_AT_EXEC,
because that is an ODBC feature that I do not use.  However, with the
patch my SQLBindParameter above works fine.


Ciao,

Enrico


-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)

Versions of packages odbc-postgresql depends on:
ii  libc6                        2.3.6.ds1-7 GNU C Library: Shared libraries
ii  libpq4                       8.1.5-1     PostgreSQL C client library
ii  odbcinst1debian1             2.2.11-13   Support library and helper program

odbc-postgresql recommends no packages.

-- no debconf information

diff -Naur psqlodbc-08.01.0200/bind.c psqlodbc-08.01.0200.enrico/bind.c
--- psqlodbc-08.01.0200/bind.c	2005-11-25 11:43:25.000000000 +0100
+++ psqlodbc-08.01.0200.enrico/bind.c	2006-10-30 16:44:45.644656335 +0100
@@ -116,8 +116,8 @@
 	if (pcbValue && apdopts->param_offset_ptr)
 		pcbValue += (*apdopts->param_offset_ptr >> 2);
 	/* Data at exec macro only valid for C char/binary data */
-	if (pcbValue && (*pcbValue == SQL_DATA_AT_EXEC ||
-					 *pcbValue <= SQL_LEN_DATA_AT_EXEC_OFFSET))
+	if (pcbValue && (pcbValue == SQL_DATA_AT_EXEC ||
+					 pcbValue <= SQL_LEN_DATA_AT_EXEC_OFFSET))
 		apdopts->parameters[ipar].data_at_exec = TRUE;
 	else
 		apdopts->parameters[ipar].data_at_exec = FALSE;

--- End Message ---
--- Begin Message --- 
Source: psqlodbc
Source-Version: 1:08.03.0200-1

We believe that the bug you reported is fixed in the latest version of
psqlodbc, which is due to be installed in the Debian FTP archive:

odbc-postgresql_08.03.0200-1_i386.deb
  to pool/main/p/psqlodbc/odbc-postgresql_08.03.0200-1_i386.deb
psqlodbc_08.03.0200-1.diff.gz
  to pool/main/p/psqlodbc/psqlodbc_08.03.0200-1.diff.gz
psqlodbc_08.03.0200-1.dsc
  to pool/main/p/psqlodbc/psqlodbc_08.03.0200-1.dsc
psqlodbc_08.03.0200.orig.tar.gz
  to pool/main/p/psqlodbc/psqlodbc_08.03.0200.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Peter Eisentraut <[EMAIL PROTECTED]> (supplier of updated psqlodbc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 09 May 2008 10:40:32 +0200
Source: psqlodbc
Binary: odbc-postgresql
Architecture: source i386
Version: 1:08.03.0200-1
Distribution: unstable
Urgency: low
Maintainer: Peter Eisentraut <[EMAIL PROTECTED]>
Changed-By: Peter Eisentraut <[EMAIL PROTECTED]>
Description: 
 odbc-postgresql - ODBC driver for PostgreSQL
Closes: 396218
Changes: 
 psqlodbc (1:08.03.0200-1) unstable; urgency=low
 .
   * New upstream release
     - Disables some broken code (closes: #396218)
     - Obsoletes psqlodbc-413534.diff and most of psqlodbc-358949.diff
Checksums-Sha1: 
 35a9a2c8a1f4a50f8ac51cf315e91e52ff012ca6 1229 psqlodbc_08.03.0200-1.dsc
 e1981b543ae0cd0bb2b33ef3f78a590666104eb9 757833 psqlodbc_08.03.0200.orig.tar.gz
 1b86e60c921dd9e537063cb4b92367139bb0f385 5890 psqlodbc_08.03.0200-1.diff.gz
 d2505f5f4a83762aea496eb5c7796caed0e97909 482358 
odbc-postgresql_08.03.0200-1_i386.deb
Checksums-Sha256: 
 f15a97b1153661ced4d858413a7cf5338411c1f541effc385811a1221340ee89 1229 
psqlodbc_08.03.0200-1.dsc
 41f9cea3ce13d8959538e97318c9cc32722ebc7bc9ad6545f6a20ebdff830190 757833 
psqlodbc_08.03.0200.orig.tar.gz
 274ab2386c0570f28be4f411314232ebce7f77fa1241f7f2007b10478f06aa02 5890 
psqlodbc_08.03.0200-1.diff.gz
 e67b052b56bdebeb3a397eb20d2f1c307396d2106436093ad294ec638aad2933 482358 
odbc-postgresql_08.03.0200-1_i386.deb
Files: 
 6c2f9e4514abde8fbe0727f899dece40 1229 libs optional psqlodbc_08.03.0200-1.dsc
 4950e71c215764ff3beeb7a505c1321a 757833 libs optional 
psqlodbc_08.03.0200.orig.tar.gz
 77c300f3853cf8d7412371eacca8b3a0 5890 libs optional 
psqlodbc_08.03.0200-1.diff.gz
 b7c136fdcf90f69a9c10183879f1ef92 482358 libs optional 
odbc-postgresql_08.03.0200-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIJA8CTTx8oVVPtMYRAkQSAJ0V2U6jbm3Q3o8J26j43LNLD0sAAgCgnUag
9eOkyP7BAq83JAPF/2u0FJk=
=BCR1
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to