Skip to content

Commit 7e3cc4d

Browse files
lurcherlurcher
committed
switch sprintf to snprintf in __info.c
1 parent d27c79e commit 7e3cc4d

2 files changed

Lines changed: 46 additions & 0 deletions

File tree

ChangeLog

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
* Fix some issues with 32 bit SQLWCHAR
44
* Add debug option to odbcinst.ini IgnoreWide to make the DM ignore the W functions
5+
* Fix __info.c to avoid sprint buffer overflows
56

67
7-Oct-20205
78
2.3.14

DriverManager/__info.c

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -662,8 +662,13 @@ int unicode_setup( DMHDBC connection )
662662

663663
if ( log_info.log_flag )
664664
{
665+
#ifdef HAVE_SNPRINTF
666+
snprintf( connection -> msg, sizeof( connection -> msg ), "\t\tUNICODE Using encoding ASCII '%s' and UNICODE '%s'",
667+
ascii, unicode );
668+
#else
665669
sprintf( connection -> msg, "\t\tUNICODE Using encoding ASCII '%s' and UNICODE '%s'",
666670
ascii, unicode );
671+
#endif
667672

668673
dm_log_write_diag( connection -> msg );
669674
}
@@ -4554,8 +4559,13 @@ void extract_diag_error( int htype,
45544559

45554560
if ( log_info.log_flag )
45564561
{
4562+
#ifdef HAVE_SNPRINTF
4563+
snprintf( connection -> msg, sizeof( connection -> msg), "\t\tDIAG [%s] %s",
4564+
sqlstate, msg1 );
4565+
#else
45574566
sprintf( connection -> msg, "\t\tDIAG [%s] %s",
45584567
sqlstate, msg1 );
4568+
#endif
45594569

45604570
dm_log_write_diag( connection -> msg );
45614571
}
@@ -4671,8 +4681,13 @@ void extract_sql_error( DRV_SQLHANDLE henv,
46714681

46724682
if ( log_info.log_flag )
46734683
{
4684+
#ifdef HAVE_SNPRINTF
4685+
snprintf( connection -> msg, sizeof( connection -> msg ), "\t\tDIAG [%s] %s",
4686+
sqlstate, msg1 );
4687+
#else
46744688
sprintf( connection -> msg, "\t\tDIAG [%s] %s",
46754689
sqlstate, msg1 );
4690+
#endif
46764691

46774692
dm_log_write_diag( connection -> msg );
46784693
}
@@ -4928,8 +4943,13 @@ void extract_diag_error_w( int htype,
49284943
as1 = (SQLCHAR*) unicode_to_ansi_alloc( sqlstate, SQL_NTS, connection, NULL );
49294944
as2 = (SQLCHAR*) unicode_to_ansi_alloc( msg1, SQL_NTS, connection, NULL );
49304945

4946+
#ifdef HAVE_SNPRINTF
4947+
snprintf( connection -> msg, sizeof( connection -> msg ), "\t\tDIAG [%s] %s",
4948+
as1 ? as1 : (SQLCHAR*)"NULL", as2 ? as2 : (SQLCHAR*)"NULL" );
4949+
#else
49314950
sprintf( connection -> msg, "\t\tDIAG [%s] %s",
49324951
as1 ? as1 : (SQLCHAR*)"NULL", as2 ? as2 : (SQLCHAR*)"NULL" );
4952+
#endif
49334953

49344954
if( as1 ) free( as1 );
49354955
if( as2 ) free( as2 );
@@ -5040,8 +5060,13 @@ void extract_sql_error_w( DRV_SQLHANDLE henv,
50405060
as1 = (SQLCHAR*) unicode_to_ansi_alloc( sqlstate, SQL_NTS, connection, NULL );
50415061
as2 = (SQLCHAR*) unicode_to_ansi_alloc( msg1, SQL_NTS, connection, NULL );
50425062

5063+
#ifdef HAVE_SNPRINTF
5064+
snprintf( connection -> msg, sizeof( connection -> msg ), "\t\tDIAG [%s] %s",
5065+
as1 ? as1 : (SQLCHAR*)"NULL", as2 ? as2 : (SQLCHAR*)"NULL");
5066+
#else
50435067
sprintf( connection -> msg, "\t\tDIAG [%s] %s",
50445068
as1 ? as1 : (SQLCHAR*)"NULL", as2 ? as2 : (SQLCHAR*)"NULL");
5069+
#endif
50455070

50465071
if( as1 ) free( as1 );
50475072
if( as2 ) free( as2 );
@@ -5840,7 +5865,11 @@ void dm_log_write( char *function_name, int line, int type, int severity,
58405865
}
58415866
else
58425867
{
5868+
#ifdef HAVE_SNPRINTF
5869+
snprintf( file_name, sizeof( file_name ), "%s/%s", log_info.log_file_name, __get_pid((SQLCHAR*) str ));
5870+
#else
58435871
sprintf( file_name, "%s/%s", log_info.log_file_name, __get_pid((SQLCHAR*) str ));
5872+
#endif
58445873
}
58455874
fp = uo_fopen( file_name, "a" );
58465875

@@ -5872,22 +5901,34 @@ void dm_log_write( char *function_name, int line, int type, int severity,
58725901

58735902
gettimeofday( &tv, tz );
58745903

5904+
#ifdef HAVE_SNPRINTF
5905+
snprintf( tstamp_str, sizeof( tstamp_str ), "[%ld.%06ld]", tv.tv_sec, tv.tv_usec );
5906+
#else
58755907
sprintf( tstamp_str, "[%ld.%06ld]", tv.tv_sec, tv.tv_usec );
5908+
#endif
58765909
}
58775910
#elif defined( HAVE_FTIME ) && defined( HAVE_SYS_TIMEB_H )
58785911
{
58795912
struct timeb tp;
58805913

58815914
ftime( &tp );
58825915

5916+
#ifdef HAVE_SNPRINTF
5917+
snprintf( tstamp_str, sizeof( tstamp_str ), "[%ld.%03d]", tp.time, tp.millitm );
5918+
#else
58835919
sprintf( tstamp_str, "[%ld.%03d]", tp.time, tp.millitm );
5920+
#endif
58845921
}
58855922
#elif defined( DHAVE_TIME ) && defined( HAVE_TIME_H )
58865923
{
58875924
time_t tv;
58885925

58895926
time( &tv );
5927+
#ifdef HAVE_SNPRINTF
5928+
snprintf( tstamp_str, sizeof( tstamp_str ), "[%ld]", tv );
5929+
#else
58905930
sprintf( tstamp_str, "[%ld]", tv );
5931+
#endif
58915932
}
58925933
#else
58935934
tstamp_str[ 0 ] = '\0';
@@ -5927,7 +5968,11 @@ void dm_log_write_diag( char *message )
59275968
}
59285969
else
59295970
{
5971+
#ifdef HAVE_SNPRINTF
5972+
snprintf( file_name, sizeof( file_name ), "%s/%s", log_info.log_file_name, __get_pid((SQLCHAR*) str ));
5973+
#else
59305974
sprintf( file_name, "%s/%s", log_info.log_file_name, __get_pid((SQLCHAR*) str ));
5975+
#endif
59315976
}
59325977
fp = uo_fopen( file_name, "a" );
59335978

0 commit comments

Comments
 (0)