From 0166c96321a104636e7dec67eb98b67e931ea84e Mon Sep 17 00:00:00 2001 From: Kenny Date: Thu, 11 Jan 2018 08:32:39 +0000 Subject: [PATCH 1/3] fix the bufoverrun Critical error checked by TScanCode --- core/conn/odb/src/odb.c | 12 ++--- .../conn/odbc/src/odbc/Common/ExpConvMxcs.cpp | 4 +- .../conn/odbc/src/odbc/Common/linux/sqmem.cpp | 2 +- .../odbc/src/odbc/nsksrvr/SrvrConnect.cpp | 6 +-- .../odbc/src/odbc/nsksrvrcore/srvrothers.cpp | 4 +- .../odbcclient/unixcli/cli/ctosqlconv.cpp | 2 +- .../odbcclient/unixcli/common/ExpConvMxcs.cpp | 4 +- core/sqf/src/stfs/common/stfs_msgbuff.cpp | 48 ++++++++++--------- core/sql/arkcmp/CompException.h | 4 +- core/sql/common/BaseTypes.h | 2 +- core/sql/common/csconvert.cpp | 2 +- core/sql/executor/ExExeUtilGetStats.cpp | 4 +- core/sql/exp/ExpConvMxcs.cpp | 4 +- core/sql/exp/exp_conv.cpp | 4 +- core/sql/optimizer/NATable.cpp | 12 ++--- core/sql/regress/tools/logsort_src/tokstr.c | 2 +- core/sql/sqlmsg/ComDiagsMsg.cpp | 2 +- win-odbc64/Common/ExpConvMxcs.cpp | 4 +- win-odbc64/odbcclient/drvr35/ctosqlconv.cpp | 2 +- .../odbcclient/drvr35/diagfunctions.cpp | 6 ++- win-odbc64/sql/common/csconvert.cpp | 2 +- 21 files changed, 66 insertions(+), 66 deletions(-) diff --git a/core/conn/odb/src/odb.c b/core/conn/odb/src/odb.c index c5242f71d7..d9da4b01d3 100755 --- a/core/conn/odb/src/odb.c +++ b/core/conn/odb/src/odb.c @@ -5313,7 +5313,7 @@ static void etabadd(char type, char *run, int id) } } if ( etab[no].type == 'e' ) { /* name & create output file */ - for ( i = j = 0; etab[no].tgt[i] && i < sizeof(buff); i++ ) { + for ( i = j = 0; i < sizeof(buff) && etab[no].tgt[i]; i++ ) { switch ( etab[no].tgt[i] ) { case '%': switch ( etab[no].tgt[++i] ) { @@ -5570,7 +5570,7 @@ static void etabadd(char type, char *run, int id) strmcat ( etab[no].src , (char *)Ostn[2] , ll , 0 ); etab[no].Ocso[2] = &Ostn[2][0]; /* update table name pointer with expanded tab name */ memset ( buff, 0, sizeof(buff)); - for ( i = j = 0; etab[no].tgt[i] && i < sizeof(buff); i++ ) { + for ( i = j = 0; i < sizeof(buff) && etab[no].tgt[i]; i++ ) { switch ( etab[no].tgt[i] ) { case '%': switch ( etab[no].tgt[++i] ) { @@ -6356,7 +6356,7 @@ static void Oload(int eid) len = 100; /* set it to 100 */ fg |= 0002; /* set nofile flag */ } else { - for ( i = j = 0; etab[eid].src[i] && i < etab[eid].buffsz; i++ ) { + for ( i = j = 0; i < etab[eid].buffsz && etab[eid].src[i]; i++ ) { switch ( etab[eid].src[i] ) { case '%': switch ( etab[eid].src[++i] ) { @@ -8045,7 +8045,7 @@ static void Oload2(int eid) if ( !strcmp ( etab[eid].src , "stdin" ) ) { fl = stdin ; } else { - for ( i = j = 0; etab[eid].src[i] && i < etab[eid].buffsz; i++ ) { + for ( i = j = 0; i < etab[eid].buffsz && etab[eid].src[i]; i++ ) { switch ( etab[eid].src[i] ) { case '%': switch ( etab[eid].src[++i] ) { @@ -8754,7 +8754,7 @@ static void OloadX(int eid) xdump = 1 ; /* Open input file */ - for ( i = j = 0; etab[eid].src[i] && i < sizeof(buff); i++ ) { + for ( i = j = 0; i < sizeof(buff) && etab[eid].src[i]; i++ ) { switch ( etab[eid].src[i] ) { case '%': switch ( etab[eid].src[++i] ) { @@ -9406,7 +9406,7 @@ static void OloadJson(int eid) } /* Open input file */ - for (i = j = 0; etab[eid].src[i] && i < sizeof(buff); i++) { + for (i = j = 0; i < sizeof(buff) && etab[eid].src[i]; i++) { switch (etab[eid].src[i]) { case '%': switch (etab[eid].src[++i]) { diff --git a/core/conn/odbc/src/odbc/Common/ExpConvMxcs.cpp b/core/conn/odbc/src/odbc/Common/ExpConvMxcs.cpp index 5e33fe0137..f423e6fb72 100644 --- a/core/conn/odbc/src/odbc/Common/ExpConvMxcs.cpp +++ b/core/conn/odbc/src/odbc/Common/ExpConvMxcs.cpp @@ -162,7 +162,7 @@ static short BigNumHelper_ConvBcdToBigNumHelper(long sourceLength, // Ignore leading zeros in BCD. If all zeros, return. long zeros = 0; - while (!sourceData[zeros] && zeros < sourceLength) + while (zeros < sourceLength && !sourceData[zeros]) zeros++; if (zeros == sourceLength) return 0; @@ -718,7 +718,7 @@ static short convAsciiToDecMxcs(char *target, }; // skip leading zeros - while((source[sourceStart] == '0') && (sourceStart < sourceLen)) + while((sourceStart < sourceLen) && (source[sourceStart] == '0')) sourceStart++; // only zeros found, target is 0 diff --git a/core/conn/odbc/src/odbc/Common/linux/sqmem.cpp b/core/conn/odbc/src/odbc/Common/linux/sqmem.cpp index 0ddb933ac1..85aff41f2f 100644 --- a/core/conn/odbc/src/odbc/Common/linux/sqmem.cpp +++ b/core/conn/odbc/src/odbc/Common/linux/sqmem.cpp @@ -400,7 +400,7 @@ void TestPool(void * membase, int length) long j, index; short error; long pass; - void * pool_ptrs[256]; + void * pool_ptrs[256 + 1]; PPOOL_HEADER pph; pass = 1; diff --git a/core/conn/odbc/src/odbc/nsksrvr/SrvrConnect.cpp b/core/conn/odbc/src/odbc/nsksrvr/SrvrConnect.cpp index a0aaf26cc2..41d68bef9a 100644 --- a/core/conn/odbc/src/odbc/nsksrvr/SrvrConnect.cpp +++ b/core/conn/odbc/src/odbc/nsksrvr/SrvrConnect.cpp @@ -5450,7 +5450,7 @@ bool InsertControls(char* sqlString, odbc_SQLSvc_ExecDirect_exc_ *exception_) SRVR_STMT_HDL *pSrvrStmt; char ControlType[32]; char StatementName[128 + 1]; - char RequestError[200]; + char RequestError[200 + 1]; // // skip white spaces and check first parameter // @@ -5743,7 +5743,7 @@ bool LoadControls(char* sqlString, bool genOrexc, char* genRequestError, odbc_SQ // // skip white spaces and check first parameter // - char VariableValue[200]; + char VariableValue[200 + 1]; char seps[] = " \t\n"; char *token; char *saveptr; @@ -6115,7 +6115,7 @@ bool GetHashInfo(char* sqlString, char* genRequestError, char* HashTableInfo) // // skip white spaces and check first parameter // - char VariableValue[200]; + char VariableValue[200 + 1]; char seps[] = " \t\n"; char seps2[] = " \t\n.;"; char *token; diff --git a/core/conn/odbc/src/odbc/nsksrvrcore/srvrothers.cpp b/core/conn/odbc/src/odbc/nsksrvrcore/srvrothers.cpp index ccbb689a88..3a30ced7d9 100644 --- a/core/conn/odbc/src/odbc/nsksrvrcore/srvrothers.cpp +++ b/core/conn/odbc/src/odbc/nsksrvrcore/srvrothers.cpp @@ -4121,7 +4121,7 @@ odbc_SQLSvc_GetSQLCatalogs_sme_( char *tableParam[20]; short retCode; - char RequestError[200]; + char RequestError[200 + 1]; char ConvertAPITypeToString[30]; Int32 curRowNo = 0; @@ -5153,7 +5153,7 @@ odbc_SQLSvc_GetSQLCatalogs_sme_( { ERROR_DESC_def *p_buffer = QryCatalogSrvrStmt->sqlError.errorList._buffer; strncpy(RequestError, p_buffer->errorText,sizeof(RequestError) -1); - RequestError[sizeof(RequestError)] = '\0'; + RequestError[sizeof(RequestError) - 1] = '\0'; SendEventMsg(MSG_SQL_ERROR, EVENTLOG_ERROR_TYPE, diff --git a/core/conn/unixodbc/odbc/odbcclient/unixcli/cli/ctosqlconv.cpp b/core/conn/unixodbc/odbc/odbcclient/unixcli/cli/ctosqlconv.cpp index bab28c53c6..c74207328e 100644 --- a/core/conn/unixodbc/odbc/odbcclient/unixcli/cli/ctosqlconv.cpp +++ b/core/conn/unixodbc/odbc/odbcclient/unixcli/cli/ctosqlconv.cpp @@ -4292,7 +4292,7 @@ unsigned long ODBC::CheckIntervalOverflow(char *intervalValue, SWORD ODBCDataTyp char *token; short i = 0; short j = 0; - char in_value[128]; + char in_value[128 + 1]; char delimiters[] = " :.-"; char sep[5]={0,0,0,0,0}; SQLINTEGER leadingPrecision; diff --git a/core/conn/unixodbc/odbc/odbcclient/unixcli/common/ExpConvMxcs.cpp b/core/conn/unixodbc/odbc/odbcclient/unixcli/common/ExpConvMxcs.cpp index 30fa36e128..29458e468f 100644 --- a/core/conn/unixodbc/odbc/odbcclient/unixcli/common/ExpConvMxcs.cpp +++ b/core/conn/unixodbc/odbc/odbcclient/unixcli/common/ExpConvMxcs.cpp @@ -169,7 +169,7 @@ static short BigNumHelper_ConvBcdToBigNumHelper(long sourceLength, // Ignore leading zeros in BCD. If all zeros, return. long zeros = 0; - while (!sourceData[zeros] && zeros < sourceLength) + while (zeros < sourceLength && !sourceData[zeros]) zeros++; if (zeros == sourceLength) return 0; @@ -725,7 +725,7 @@ static short convAsciiToDecMxcs(char *target, }; // skip leading zeros - while((source[sourceStart] == '0') && (sourceStart < sourceLen)) + while((sourceStart < sourceLen) && (source[sourceStart] == '0')) sourceStart++; // only zeros found, target is 0 diff --git a/core/sqf/src/stfs/common/stfs_msgbuff.cpp b/core/sqf/src/stfs/common/stfs_msgbuff.cpp index dd585c1bb7..d077c65fc1 100644 --- a/core/sqf/src/stfs/common/stfs_msgbuff.cpp +++ b/core/sqf/src/stfs/common/stfs_msgbuff.cpp @@ -3760,29 +3760,31 @@ namespace STFS { // Update this array when a class associated with // a new message type is added static size_t FixedMessageSizeTable[] = { - 0, //MT_Invalid - sizeof (STFSMsgBuf_CreateFileReq), - sizeof (STFSMsgBuf_CreateFileReply), - sizeof (STFSMsgBuf_CreateFragmentReq), - sizeof (STFSMsgBuf_CreateFragmentReply), - sizeof (STFSMsgBuf_OpenFileReq), - sizeof (STFSMsgBuf_OpenFileReply), - sizeof (STFSMsgBuf_CloseFileReq), - sizeof (STFSMsgBuf_CloseFileReply), - sizeof (STFSMsgBuf_UnlinkFileReq), - sizeof (STFSMsgBuf_UnlinkFileReply), - sizeof (STFSMsgBuf_ErrorReply), //MT_ErrorReply, - 0, //MT_GetFileMetadata, - 0, //MT_GetFileMetadataReply, - sizeof (STFSMsgBuf_OpenersReq), - sizeof (STFSMsgBuf_OpenersReply), - sizeof (STFSMsgBuf_FOpenersReq), - sizeof (STFSMsgBuf_FOpenersReply), - sizeof (STFSMsgBuf_StatReq), - sizeof (STFSMsgBuf_StatReply), - - /// new message types go immediately before this line - 0, //MT_Unknown + 0, // MT_Invalid + sizeof (STFSMsgBuf_CreateFileReq), // MT_CreateFile + sizeof (STFSMsgBuf_CreateFileReply), // MT_CreateFileReply + sizeof (STFSMsgBuf_CreateFragmentReq), // MT_CreateFragment + sizeof (STFSMsgBuf_CreateFragmentReply), // MT_CreateFragmentReply + sizeof (STFSMsgBuf_OpenFileReq), // MT_OpenFile + sizeof (STFSMsgBuf_OpenFileReply), // MT_OpenFileReply + sizeof (STFSMsgBuf_CloseFileReq), // MT_CloseFile + sizeof (STFSMsgBuf_CloseFileReply), // MT_CloseFileReply + sizeof (STFSMsgBuf_UnlinkFileReq), // MT_UnlinkFile + sizeof (STFSMsgBuf_UnlinkFileReply), // MT_UnlinkFileReply + sizeof (STFSMsgBuf_ErrorReply), // MT_ErrorReply, + 0, // MT_GetFileMetadata, + 0, // MT_GetFileMetadataReply, + sizeof (STFSMsgBuf_OpenersReq), // MT_Openers + sizeof (STFSMsgBuf_OpenersReply), // MT_OpenersReply + sizeof (STFSMsgBuf_FOpenersReq), // MT_FOpeners + sizeof (STFSMsgBuf_FOpenersReply), // MT_FOpenersReply + sizeof (STFSMsgBuf_StatReq), // MT_Stat + sizeof (STFSMsgBuf_StatReply), // MT_StatReply + 0, // MT_GetEFMReply + 0, // MT_GetEFM + + /// new message types go immediately before this line + 0, // MT_Unknown }; if ((pv_MessageType <= MT_Invalid) || diff --git a/core/sql/arkcmp/CompException.h b/core/sql/arkcmp/CompException.h index afafb7a9f0..f2cd872370 100644 --- a/core/sql/arkcmp/CompException.h +++ b/core/sql/arkcmp/CompException.h @@ -85,8 +85,8 @@ class FatalException : public BaseException{ const char * getStackTrace(); virtual void throwException(); private: - char msg_[EXCEPTION_MSG_SIZE]; - char stackTrace_[STACK_TRACE_SIZE]; + char msg_[EXCEPTION_MSG_SIZE + 1]; + char stackTrace_[STACK_TRACE_SIZE + 1]; }; // CmpInternalException is a replacement for EH_INTRNAL_EXCEPTION diff --git a/core/sql/common/BaseTypes.h b/core/sql/common/BaseTypes.h index 15703bb4a5..3547035840 100644 --- a/core/sql/common/BaseTypes.h +++ b/core/sql/common/BaseTypes.h @@ -181,7 +181,7 @@ typedef NAUnsigned SimpleHashValue; #define BLANK_SPACE " " #define BUMP_INDENT(X) \ - char newindent[MAX_INDENT_SIZE]; \ + char newindent[MAX_INDENT_SIZE + 1]; \ Int32 indentlen = strlen(X) + MIN_INDENT_SIZE;\ indentlen = (indentlen < MAX_INDENT_SIZE ? indentlen : MAX_INDENT_SIZE);\ for (Int32 fli = 0; fli < indentlen; fli++) \ diff --git a/core/sql/common/csconvert.cpp b/core/sql/common/csconvert.cpp index 5cdf9ca77d..35af9d5edf 100644 --- a/core/sql/common/csconvert.cpp +++ b/core/sql/common/csconvert.cpp @@ -1138,7 +1138,7 @@ int lightValidateUTF8Str(const char *bufr, { int blankPos = pos-1; // the previous character is already past the char. limit - while (bufr[blankPos] == ' ' && blankPos < in_len) + while (blankPos < in_len && bufr[blankPos] == ' ') blankPos++; if (blankPos >= in_len) diff --git a/core/sql/executor/ExExeUtilGetStats.cpp b/core/sql/executor/ExExeUtilGetStats.cpp index 363fd89e69..72bdd2b6fe 100644 --- a/core/sql/executor/ExExeUtilGetStats.cpp +++ b/core/sql/executor/ExExeUtilGetStats.cpp @@ -148,14 +148,14 @@ static short getSubstrInfo(char * str, // IN currPos = startPos; // terminate at space - while(str[currPos] != space && currPos < maxLen) + while(currPos < maxLen && str[currPos] != space) { // check for quote if(str[currPos] == quote) { currPos++; // find end quote - while(str[currPos] != quote && currPos < maxLen) + while(currPos < maxLen && str[currPos] != quote) currPos++; if (currPos < maxLen) currPos++; diff --git a/core/sql/exp/ExpConvMxcs.cpp b/core/sql/exp/ExpConvMxcs.cpp index 5a8b03e7c5..0f7d3eec8c 100644 --- a/core/sql/exp/ExpConvMxcs.cpp +++ b/core/sql/exp/ExpConvMxcs.cpp @@ -155,7 +155,7 @@ static short BigNumHelper_ConvBcdToBigNumHelper(Lng32 sourceLength, // Ignore leading zeros in BCD. If all zeros, return. Lng32 zeros = 0; - while (!sourceData[zeros] && zeros < sourceLength) + while (zeros < sourceLength && !sourceData[zeros]) zeros++; if (zeros == sourceLength) return 0; @@ -710,7 +710,7 @@ static short convAsciiToDecMxcs(char *target, }; // skip leading zeros - while((source[sourceStart] == '0') && (sourceStart < sourceLen)) + while((sourceStart < sourceLen) && (source[sourceStart] == '0')) sourceStart++; // only zeros found, target is 0 diff --git a/core/sql/exp/exp_conv.cpp b/core/sql/exp/exp_conv.cpp index 81e0db0999..41b0a675da 100644 --- a/core/sql/exp/exp_conv.cpp +++ b/core/sql/exp/exp_conv.cpp @@ -2231,7 +2231,7 @@ ex_expr::exp_return_type convAsciiToDec(char *target, }; // skip leading zeros - while((source[sourceStart] == '0') && (sourceStart < sourceLen)) + while((sourceStart < sourceLen) && (source[sourceStart] == '0')) sourceStart++; // only zeros found, target is 0 @@ -3409,7 +3409,7 @@ ex_expr::exp_return_type convDecToInt64(Int64 &target, // skip leading zeros only if first byte was zero if (!target) { - while ((source[currPos] == '0') && (currPos < sourceLen)) + while ((currPos < sourceLen) && (source[currPos] == '0')) currPos++; }; diff --git a/core/sql/optimizer/NATable.cpp b/core/sql/optimizer/NATable.cpp index 93b649a277..d657a4815c 100644 --- a/core/sql/optimizer/NATable.cpp +++ b/core/sql/optimizer/NATable.cpp @@ -5450,8 +5450,7 @@ NABoolean NATable::fetchObjectUIDForNativeTable(const CorrName& corrName, //Measure length of node name //skip over node name i.e. \MAYA, \AZTEC, etc //and get to volume name - while((nodeName[nodeNameLen]!='.')&& - (nodeNameLen < 8)){ + while((nodeNameLen < 8) && (nodeName[nodeNameLen]!='.')){ catStr++; nodeNameLen++; }; @@ -5462,8 +5461,7 @@ NABoolean NATable::fetchObjectUIDForNativeTable(const CorrName& corrName, //skip over the volume/catalog name //while measuring catalog name length - while((catStr[catStrLen]!='.')&& - (catStrLen < 8)) + while((catStrLen < 8) && (catStr[catStrLen]!='.')) { schemaStr++; catStrLen++; @@ -5475,8 +5473,7 @@ NABoolean NATable::fetchObjectUIDForNativeTable(const CorrName& corrName, //skip over the subvolume/schema name //while measuring schema name length - while((schemaStr[schemaStrLen]!='.')&& - (schemaStrLen < 8)) + while((schemaStrLen < 8) && (schemaStr[schemaStrLen]!='.')) { fileStr++; schemaStrLen++; @@ -5514,8 +5511,7 @@ NABoolean NATable::fetchObjectUIDForNativeTable(const CorrName& corrName, //Measure length of node name //skip over node name i.e. \MAYA, \AZTEC, etc //and get to volume name - while((nodeName[nodeNameLen]!='.')&& - (nodeNameLen < 8)){ + while((nodeNameLen < 8) && (nodeName[nodeNameLen]!='.')){ catStr++; nodeNameLen++; }; diff --git a/core/sql/regress/tools/logsort_src/tokstr.c b/core/sql/regress/tools/logsort_src/tokstr.c index 6eb00aa745..8703ffaaf9 100755 --- a/core/sql/regress/tools/logsort_src/tokstr.c +++ b/core/sql/regress/tools/logsort_src/tokstr.c @@ -360,7 +360,7 @@ else if ((*token == '"') || (*token == '\'')) } else if ((*token == '#') || (*token == '?')) { - char temp[12]; + char temp[13]; int j; for (j = 1; (j < 13) && (isalnum(token[j])); j++) diff --git a/core/sql/sqlmsg/ComDiagsMsg.cpp b/core/sql/sqlmsg/ComDiagsMsg.cpp index e9ecaa573b..0025b70288 100644 --- a/core/sql/sqlmsg/ComDiagsMsg.cpp +++ b/core/sql/sqlmsg/ComDiagsMsg.cpp @@ -751,7 +751,7 @@ Int32 displayWCHAR(NAWchar* wstr, NAWchar* wend = NULL) // for debugging unsigned char str[2000+1]; if (wend) *wend = '\0'; Int32 i=0; - for (; wstr[i] && i<2000; i++) + for (; i<2000 && wstr[i]; i++) str[i] = (unsigned char)wstr[i]; str[i] = '\0'; cerr << "{{{" << endl << str << "}}}" << endl; diff --git a/win-odbc64/Common/ExpConvMxcs.cpp b/win-odbc64/Common/ExpConvMxcs.cpp index 1d63a8c855..c4b21c5efc 100644 --- a/win-odbc64/Common/ExpConvMxcs.cpp +++ b/win-odbc64/Common/ExpConvMxcs.cpp @@ -162,7 +162,7 @@ static short BigNumHelper_ConvBcdToBigNumHelper(long sourceLength, // Ignore leading zeros in BCD. If all zeros, return. long zeros = 0; - while (!sourceData[zeros] && zeros < sourceLength) + while (zeros < sourceLength && !sourceData[zeros]) zeros++; if (zeros == sourceLength) return 0; @@ -718,7 +718,7 @@ static short convAsciiToDecMxcs(char *target, }; // skip leading zeros - while((source[sourceStart] == '0') && (sourceStart < sourceLen)) + while((sourceStart < sourceLen) && (source[sourceStart] == '0')) sourceStart++; // only zeros found, target is 0 diff --git a/win-odbc64/odbcclient/drvr35/ctosqlconv.cpp b/win-odbc64/odbcclient/drvr35/ctosqlconv.cpp index 2b1a39f096..dbb9868e31 100644 --- a/win-odbc64/odbcclient/drvr35/ctosqlconv.cpp +++ b/win-odbc64/odbcclient/drvr35/ctosqlconv.cpp @@ -4000,7 +4000,7 @@ unsigned long ODBC::CheckIntervalOverflow(char *intervalValue, SWORD ODBCDataTyp char *token; short i = 0; short j = 0; - char in_value[128]; + char in_value[128 + 1]; char delimiters[] = " :.-"; char sep[5]={0,0,0,0,0}; SQLINTEGER leadingPrecision; diff --git a/win-odbc64/odbcclient/drvr35/diagfunctions.cpp b/win-odbc64/odbcclient/drvr35/diagfunctions.cpp index eb898a03b4..e9633b9406 100644 --- a/win-odbc64/odbcclient/drvr35/diagfunctions.cpp +++ b/win-odbc64/odbcclient/drvr35/diagfunctions.cpp @@ -123,9 +123,11 @@ char *TraceOptionToString(long TraceOption) long index; if (TraceOption == 0) - index = 15; + index = sizeof(TraceOptionString) - 1; else - for (index = 0; (TraceOption & 1) == 0; TraceOption >>= 1, index++); + for (index = 0; + (TraceOption & 1) == 0 && index < sizeof(TraceOptionString); + TraceOption >>= 1, index++); return TraceOptionString[index]; } diff --git a/win-odbc64/sql/common/csconvert.cpp b/win-odbc64/sql/common/csconvert.cpp index b420340b6a..9b388b37ed 100644 --- a/win-odbc64/sql/common/csconvert.cpp +++ b/win-odbc64/sql/common/csconvert.cpp @@ -1136,7 +1136,7 @@ int lightValidateUTF8Str(const char *bufr, { int blankPos = pos-1; // the previous character is already past the char. limit - while (bufr[blankPos] == ' ' && blankPos < in_len) + while (blankPos < in_len && bufr[blankPos] == ' ') blankPos++; if (blankPos >= in_len) From d6573f9c0a1ca7a7f63f76a629e64750a37f038c Mon Sep 17 00:00:00 2001 From: Kenny Date: Fri, 12 Jan 2018 01:37:08 +0000 Subject: [PATCH 2/3] fix the bufoverrun Critical error checked by TScanCode --- core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.cpp | 8 ++++---- core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.h | 6 +++--- win-odbc64/odbcclient/drvr35/diagfunctions.cpp | 5 +++-- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.cpp b/core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.cpp index f7035837e0..d5de863534 100644 --- a/core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.cpp +++ b/core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.cpp @@ -233,7 +233,7 @@ int CHbaseTM::initJVM() JavaMethods_[JM_RQREGINFO ].jm_signature = "()Lorg/trafodion/dtm/HashMapArray;"; char className[]="org/trafodion/dtm/HBaseTxClient"; - return (HBTM_RetCode)JavaObjectInterfaceTM::init(className, javaClass_, (JavaMethodInit*)&JavaMethods_, (int)JM_LAST, false); + return (HBTM_RetCode)JavaObjectInterfaceTM::init(className, javaClass_, (JavaMethodInit*)&JavaMethods_, (int)JM_TMLAST, false); } ////////////////////////////////////////////// @@ -1173,10 +1173,10 @@ HMN_RetCode HashMapArray::init() return HMN_OK; if (JavaMethods_) - return (HMN_RetCode)JavaObjectInterfaceTM::init(className, javaClass_, JavaMethods_, (int32)JM_LAST, true); + return (HMN_RetCode)JavaObjectInterfaceTM::init(className, javaClass_, JavaMethods_, (int32)JM_MAPLAST, true); else { - JavaMethods_ = new JavaMethodInit[JM_LAST]; + JavaMethods_ = new JavaMethodInit[JM_MAPLAST]; JavaMethods_[JM_CTOR ].jm_name = ""; JavaMethods_[JM_CTOR ].jm_signature = "()V"; @@ -1199,7 +1199,7 @@ HMN_RetCode HashMapArray::init() JavaMethods_[JM_GET_REGINFO ].jm_name = "getRegionInfo"; JavaMethods_[JM_GET_REGINFO ].jm_signature = "(J)Ljava/lang/String;"; - return (HMN_RetCode)JavaObjectInterfaceTM::init(className, javaClass_, JavaMethods_, (int32)JM_LAST, false); + return (HMN_RetCode)JavaObjectInterfaceTM::init(className, javaClass_, JavaMethods_, (int32)JM_MAPLAST, false); } } diff --git a/core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.h b/core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.h index fb482a981f..d8eb6c0b8d 100644 --- a/core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.h +++ b/core/sqf/src/seatrans/tm/hbasetmlib2/hbasetm.h @@ -76,7 +76,7 @@ class HashMapArray : public JavaObjectInterfaceTM JM_GET_HOSTNAME, JM_GET_PORT, JM_GET_REGINFO, - JM_LAST + JM_MAPLAST }; static JavaMethodInit* JavaMethods_; static jclass javaClass_; @@ -139,9 +139,9 @@ class CHbaseTM : public JavaObjectInterfaceTM JM_REGTRUNCABORT, JM_DROPTABLE, JM_RQREGINFO, - JM_LAST + JM_TMLAST }; - JavaMethodInit JavaMethods_[JM_LAST]; + JavaMethodInit JavaMethods_[JM_TMLAST]; static jclass javaClass_; public: diff --git a/win-odbc64/odbcclient/drvr35/diagfunctions.cpp b/win-odbc64/odbcclient/drvr35/diagfunctions.cpp index e9633b9406..3a6ff2c59a 100644 --- a/win-odbc64/odbcclient/drvr35/diagfunctions.cpp +++ b/win-odbc64/odbcclient/drvr35/diagfunctions.cpp @@ -123,10 +123,11 @@ char *TraceOptionToString(long TraceOption) long index; if (TraceOption == 0) - index = sizeof(TraceOptionString) - 1; + index = sizeof(TraceOptionString)/sizeof(TraceOptionString[0]) - 1; else for (index = 0; - (TraceOption & 1) == 0 && index < sizeof(TraceOptionString); + (TraceOption & 1) == 0 && + index < sizeof(TraceOptionString)/sizeof(TraceOptionString[0]); TraceOption >>= 1, index++); return TraceOptionString[index]; } From 1fe8890705310df729c35401d53d55531e8e8398 Mon Sep 17 00:00:00 2001 From: Kenny Date: Fri, 12 Jan 2018 04:02:26 +0000 Subject: [PATCH 3/3] fix the bufoverrun Critical error checked by TScanCode --- core/sql/arkcmp/CompException.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/sql/arkcmp/CompException.h b/core/sql/arkcmp/CompException.h index f2cd872370..36eb3ddf3f 100644 --- a/core/sql/arkcmp/CompException.h +++ b/core/sql/arkcmp/CompException.h @@ -113,8 +113,8 @@ class AssertException : public BaseException{ const char * getStackTrace(); virtual void throwException(); private: - char condition_[EXCEPTION_CONDITION_SIZE]; - char stackTrace_[STACK_TRACE_SIZE]; + char condition_[EXCEPTION_CONDITION_SIZE + 1]; + char stackTrace_[STACK_TRACE_SIZE + 1]; }; class OsimLogException : public BaseException{