Possible buffer overflow in client library ------------------------------------------
Key: CORE-6432 URL: http://tracker.firebirdsql.org/browse/CORE-6432 Project: Firebird Core Issue Type: Bug Components: API / Client Library Affects Versions: 3.0.7, 3.0.6, 4.0 Beta 2, 3.0.5, 2.5.9, 4.0 Beta 1, 3.0.4, 3.0.3, 4.0 Alpha 1, 3.0.2, 3.0.1, 3.0.0, 4.0 Initial Reporter: Alexander Peshkov The loop in merge.cpp:72 expects the `in` buffer to eventually contain either isc_info_end, isc_info_truncated or isc_info_implementation, and will otherwise read out of buffer bounds with good chance for access violation. With correctly working providers chances to get that error are very low, but it can happen in case of bug in provider (on server) or malware server replacement (on client). -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://tracker.firebirdsql.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel