Skip to content

Commit 247ebb1

Browse files
AlexPeshkoffAlexPeshkoff
committed
Fix for GHSA-mwf2-hq2m-jxmh: fb3 client library placed wrong data length into XSQLDA fields
1 parent 93a8023 commit 247ebb1

File tree

1 file changed

+11
-4
lines changed

1 file changed

+11
-4
lines changed

src/yvalve/why.cpp

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,7 @@ static void badHandle(ISC_STATUS code);
8484
static bool isNetworkError(const IStatus* status);
8585
static void nullCheck(const FB_API_HANDLE* ptr, ISC_STATUS code);
8686
static void badSqldaVersion(const short version);
87+
static int sqldaTruncateString(char* buffer, FB_SIZE_T size, const char* s);
8788
static void sqldaDescribeParameters(XSQLDA* sqlda, IMessageMetadata* parameters);
8889
static ISC_STATUS openOrCreateBlob(ISC_STATUS* userStatus, FB_API_HANDLE* dbHandle,
8990
FB_API_HANDLE* traHandle, FB_API_HANDLE* blobHandle, ISC_QUAD* blobId,
@@ -1361,6 +1362,12 @@ static void setTextType(XSQLVAR* var, unsigned charSet)
13611362
}
13621363
}
13631364

1365+
static int sqldaTruncateString(char* buffer, FB_SIZE_T size, const char* s)
1366+
{
1367+
int ret = fb_utils::snprintf(buffer, size, "%s", s);
1368+
return MIN(ret, size - 1);
1369+
}
1370+
13641371
// Describe parameters metadata in an sqlda.
13651372
static void sqldaDescribeParameters(XSQLDA* sqlda, IMessageMetadata* parameters)
13661373
{
@@ -1407,19 +1414,19 @@ static void sqldaDescribeParameters(XSQLDA* sqlda, IMessageMetadata* parameters)
14071414

14081415
s = parameters->getField(&statusWrapper, i);
14091416
status.check();
1410-
var->sqlname_length = fb_utils::snprintf(var->sqlname, sizeof(var->sqlname), "%s", s);
1417+
var->sqlname_length = sqldaTruncateString(var->sqlname, sizeof(var->sqlname), s);
14111418

14121419
s = parameters->getRelation(&statusWrapper, i);
14131420
status.check();
1414-
var->relname_length = fb_utils::snprintf(var->relname, sizeof(var->relname), "%s", s);
1421+
var->relname_length = sqldaTruncateString(var->relname, sizeof(var->relname), s);
14151422

14161423
s = parameters->getOwner(&statusWrapper, i);
14171424
status.check();
1418-
var->ownname_length = fb_utils::snprintf(var->ownname, sizeof(var->ownname), "%s", s);
1425+
var->ownname_length = sqldaTruncateString(var->ownname, sizeof(var->ownname), s);
14191426

14201427
s = parameters->getAlias(&statusWrapper, i);
14211428
status.check();
1422-
var->aliasname_length = fb_utils::snprintf(var->aliasname, sizeof(var->aliasname), "%s", s);
1429+
var->aliasname_length = sqldaTruncateString(var->aliasname, sizeof(var->aliasname), s);
14231430
}
14241431
}
14251432

0 commit comments

Comments
 (0)