Buffer overflow in error handler. #51

Closed
tokuhirom opened this Issue Feb 14, 2014 · 2 comments

Projects

None yet

2 participants

@tokuhirom
Contributor

https://github.com/CaptTofu/DBD-mysql/blob/master/dbdimp.c#L4681

Do not use sprintf() without length checking. It makes buffer overflow.

Following one liner cause segmentation fault.

> perl -MDBI -e 'DBI->connect("dbi:mysql:dbname=test", "root")->prepare("?")->bind_param(1, "2014-01-01 00:00", 4)'
@CaptTofu
Owner

Thank you!

On Feb 14, 2014, at 5:17 AM, Tokuhiro Matsuno notifications@github.com wrote:

https://github.com/CaptTofu/DBD-mysql/blob/master/dbdimp.c#L4681

Do not use sprintf() without length checking. It makes buffer overflow.

Following one liner cause segmentation fault.

perl -MDBI -e 'DBI->connect("dbi:mysql:dbname=test", "root")->prepare("?")->bind_param(1, "2014-01-01 00:00", 4)'

Reply to this email directly or view it on GitHub.

@tokuhirom tokuhirom closed this Dec 11, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment