~ubuntu-branches/ubuntu/natty/psqlodbc/natty

Viewing changes to misc.c

Committer: Bazaar Package Importer
Author(s): Martin Pitt
Date: 2004-05-13 10:47:36 UTC
Revision ID: james.westby@ubuntu.com-20040513104736-doxck1rd6ng2msgn

Tags: 1:07.03.0200-3

http://bugs.debian.org/247306

* urgency high since this is a security related bug and no other changes
were made
* misc.c: added target buffer size parameter to make_string() to prevent
buffer overflows and corrected all calls to it (closes: #247306)

files added:
debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/odbc.ini.template

debian/odbcinst.ini.template

debian/rules

debian/unixodbc.HOWTO

files modified:
Makefile.am

Makefile.in

aclocal.m4

connection.c

descriptor.h

drvconn.c

execute.c

info.c

md5.c

misc.c

misc.h

odbc.sql

psqlodbc.h

Show diffs side-by-side

added added

removed removed

misc.c

259

/*------

260

* Create a null terminated string (handling the SQL_NTS thing):

261

* 1. If buf is supplied, place the string in there

262

* (assumes enough space) and return buf.

263

* 2. If buf is not supplied, malloc space and return this string

262

* (at most bufsize-1 bytes) and return buf.

263

* 2. If buf is not supplied, malloc space and return this string;

264

* (buflen is ignored in this case).

264

265

*------

265

266

267

char *

267

make_string(const char *s, int len, char *buf)

268

make_string(const char *s, int len, char *buf, int bufsize)

268

269

{

269

270

int length;

270

271

char *str;

275

276

277

if (buf)

277

278

{

279

if(length >= bufsize)

280

length = bufsize-1;

278

281

strncpy_null(buf, s, length + 1);

279

282

return buf;

280

283

}

Older »