Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Server may crash parsing wrong or truncated BLR [CORE2576] #2986

Closed
firebird-issue-importer opened this issue Jul 27, 2009 · 5 comments
Closed

Server may crash parsing wrong or truncated BLR [CORE2576] #2986

firebird-issue-importer opened this issue Jul 27, 2009 · 5 comments

Comments

@firebird-issue-importer

Submitted by: @asfernandes

BLR is read on a buffer and passed for parse without inform a length. The BLR is parsed until a blr_eoc is found.

If the buffer doesn't end with blr_eoc, the parser will continue reading unallocated memory. If it reads some byte in a not committed page memory, a read access violation will occur and the server will crash.

Commits: 4759973

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jul 27, 2009

Modified by: @asfernandes

Component: Engine [ 10000 ]

assignee: Adriano dos Santos Fernandes [ asfernandes ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 2, 2009

Modified by: @asfernandes

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 2.5 RC1 [ 10362 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 12, 2009

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 18, 2016

Modified by: @pavel-zotov

QA Status: No test

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 7, 2016

Modified by: @pavel-zotov

status: Closed [ 6 ] => Closed [ 6 ]

QA Status: No test => Cannot be tested

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment