The DBD code assumes long == int in SQL_INTEGER parameter handling. Does
anybody know what is right, or if it matters? I can't work it out from
10 minutes of googling. GCC 12.1 is warning for the current code which
is clearly heap corruption for 64-bit builds:
dbd/apr_dbd_odbc.c: In function 'odbc_bind_param':
dbd/apr_dbd_odbc.c:572:17: warning: array subscript 'long int[0]' is partly
outside array bounds of 'unsigned char[4]' [-Warray-bounds]
572 | *(long *)ptr =
| ^~~~~~~~~~~~
e.g. this would fix it:
Index: dbd/apr_dbd_odbc.c
===================================================================
--- dbd/apr_dbd_odbc.c (revision 1903480)
+++ dbd/apr_dbd_odbc.c (working copy)
@@ -569,8 +569,8 @@
case SQL_INTEGER:
ptr = apr_palloc(pool, sizeof(int));
len = sizeof(int);
- *(long *)ptr =
- (textmode ? atol(args[*argp]) : *(long *)args[*argp]);
+ *(int *)ptr =
+ (textmode ? atoi(args[*argp]) : *(int *)args[*argp]);
break;
case SQL_FLOAT:
ptr = apr_palloc(pool, sizeof(float));
