jmestwa-coder opened a new pull request, #633:
URL: https://github.com/apache/logging-log4cxx/pull/633
## Summary
Bounds ODBC-reported parameter sizes before converting to `SQLINTEGER`.
## Problem
Parameter sizes are obtained as `SQLULEN` but later converted to
`SQLINTEGER`.
The previous computation performed arithmetic and narrowing without enforcing
the `SQLINTEGER` range, which could produce invalid (overflowed) sizes for
out-of-range metadata.
## Change
* Compute sizes in `size_t`
* Bound the character count using:
`max_chars = (INT_MAX - sizeof(CharT)) / sizeof(CharT)`
* Derive final byte size from the bounded value
* Cast to `SQLINTEGER` only after ensuring it is in range
* Apply the same logic consistently for both `char` and `wchar_t` paths
## Behavior
* **Valid inputs:** unchanged
* **Out-of-range inputs:** values are bounded to a safe maximum instead of
producing invalid sizes
## Notes
* Allocation pattern remains unchanged (`palloc(paramValueSize +
sizeof(CharT))`)
* No new control flow or error paths introduced
* Change is localized to size computation only
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
