Em ter., 15 de jun. de 2021 às 15:48, Andres Freund
escreveu:
> Hi,
>
> On 2021-06-15 13:53:08 -0400, Tom Lane wrote:
> > Andres Freund writes:
> > > On 2021-06-15 07:40:46 -0300, Ranier Vilela wrote:
> > >> memcpy would not suffer from it?
> >
> > > It'd not be correct for short sqlstates - you
Hi,
On 2021-06-15 13:53:08 -0400, Tom Lane wrote:
> Andres Freund writes:
> > On 2021-06-15 07:40:46 -0300, Ranier Vilela wrote:
> >> memcpy would not suffer from it?
>
> > It'd not be correct for short sqlstates - you'd read beyond the end of
> > the source buffer. There are cases of it in the
Andres Freund writes:
> On 2021-06-15 07:40:46 -0300, Ranier Vilela wrote:
>> memcpy would not suffer from it?
> It'd not be correct for short sqlstates - you'd read beyond the end of
> the source buffer. There are cases of it in the ecpg code.
What's a "short SQLSTATE"? They're all five charac
Hi,
On 2021-06-15 07:40:46 -0300, Ranier Vilela wrote:
> memcpy would not suffer from it?
It'd not be correct for short sqlstates - you'd read beyond the end of
the source buffer. There are cases of it in the ecpg code.
Greetings,
Andres Freund
Em sex., 11 de jun. de 2021 às 19:49, Andres Freund
escreveu:
> Hi,
>
> On 2020-04-23 14:36:15 +0900, Kyotaro Horiguchi wrote:
> > At Thu, 23 Apr 2020 01:21:21 -0300, Ranier Vilela
> wrote in
> > > Em qua., 22 de abr. de 2020 às 23:27, Kyotaro Horiguchi <
> > > horikyota@gmail.com> escreveu:
Andres Freund writes:
> On 2021-06-11 19:08:57 -0400, Tom Lane wrote:
>> Anyway, I agree that disabling that was a bit of a stopgap hack. This
>> 'nonstring' attribute seems like it would help for ECPG's usage, at
>> least.
> nonstring is supported since gcc 8, which also brought the warnings th
Hi,
On 2021-06-11 19:08:57 -0400, Tom Lane wrote:
> Andres Freund writes:
> > It might be worth doing something about this, for other reasons. We have
> > disabled -Wstringop-truncation in 716585235b1. But I've enabled it in my
> > debug build, because I find it useful.
>
> ITYM e71658523 ? I c
Andres Freund writes:
> It might be worth doing something about this, for other reasons. We have
> disabled -Wstringop-truncation in 716585235b1. But I've enabled it in my
> debug build, because I find it useful.
ITYM e71658523 ? I can't find that hash in my repo. Anyway, I agree
that disabling
Hi,
On 2020-04-23 14:36:15 +0900, Kyotaro Horiguchi wrote:
> At Thu, 23 Apr 2020 01:21:21 -0300, Ranier Vilela wrote
> in
> > Em qua., 22 de abr. de 2020 às 23:27, Kyotaro Horiguchi <
> > horikyota@gmail.com> escreveu:
> > >
> > > - strncpy(sqlca->sqlerrm.sqlerrmc, message,
> > > size
At Thu, 23 Apr 2020 01:21:21 -0300, Ranier Vilela wrote
in
> Em qua., 22 de abr. de 2020 às 23:27, Kyotaro Horiguchi <
> horikyota@gmail.com> escreveu:
> >
> > - strncpy(sqlca->sqlerrm.sqlerrmc, message,
> > sizeof(sqlca->sqlerrm.sqlerrmc));
> > - sqlca->sqlerrm.sqlerrmc[sizeof(s
Em qua., 22 de abr. de 2020 às 23:27, Kyotaro Horiguchi <
horikyota@gmail.com> escreveu:
> Hello.
>
> At Wed, 22 Apr 2020 19:48:07 -0300, Ranier Vilela
> wrote in
> > Hi,
> > strncpy, it is not a safe function and has the risk of corrupting memory.
> > On ecpg lib, two sources, make use of st
Hello.
At Wed, 22 Apr 2020 19:48:07 -0300, Ranier Vilela wrote
in
> Hi,
> strncpy, it is not a safe function and has the risk of corrupting memory.
> On ecpg lib, two sources, make use of strncpy risk, this patch tries to fix.
>
> 1. Make room for the last null-characte;
> 2. Copies Maximum nu
Hi,
strncpy, it is not a safe function and has the risk of corrupting memory.
On ecpg lib, two sources, make use of strncpy risk, this patch tries to fix.
1. Make room for the last null-characte;
2. Copies Maximum number of characters - 1.
per Coverity.
regards,
Ranier Vilela
fix_buffer_not_nu
13 matches
Mail list logo
