diff options
author | Jan Chochol <[email protected]> | 2018-12-19 08:02:03 +0100 |
---|---|---|
committer | Jan Chochol <[email protected]> | 2018-12-19 08:05:46 +0100 |
commit | 75ae8bc8efa94103d68cb203c1e81088f9c38d32 (patch) | |
tree | bd2591180b358d282c101a81e43d01f720cf4cd0 | |
parent | 7cb403e4aa044fd2cc7702dbe8e2d0eea68e81f3 (diff) | |
download | otp-75ae8bc8efa94103d68cb203c1e81088f9c38d32.tar.gz otp-75ae8bc8efa94103d68cb203c1e81088f9c38d32.tar.bz2 otp-75ae8bc8efa94103d68cb203c1e81088f9c38d32.zip |
odbc: Fix stack corruption in get_diagnos in odbcserver
SQLGetDiagRec can fill output buffer and return SQL_SUCCESS_WITH_INFO.
In that case we can not use strcat on diagnos.error_msg as it will write
outside allocated space.
Correctly set acc_errmsg_size in such case.
See also ERL-808 at bugs.erlang.org.
-rw-r--r-- | lib/odbc/c_src/odbcserver.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/odbc/c_src/odbcserver.c b/lib/odbc/c_src/odbcserver.c index 6e8ab5b0c8..fe881a211c 100644 --- a/lib/odbc/c_src/odbcserver.c +++ b/lib/odbc/c_src/odbcserver.c @@ -2749,6 +2749,11 @@ static diagnos get_diagnos(SQLSMALLINT handleType, SQLHANDLE handle, Boolean ext errmsg_buffer_size = errmsg_buffer_size - errmsg_size; acc_errmsg_size = acc_errmsg_size + errmsg_size; current_errmsg_pos = current_errmsg_pos + errmsg_size; + } else if(result == SQL_SUCCESS_WITH_INFO && errmsg_size >= errmsg_buffer_size) { + memcpy(diagnos.sqlState, current_sql_state, SQL_STATE_SIZE); + diagnos.nativeError = nativeError; + acc_errmsg_size = errmsg_buffer_size; + break; } else { break; } |