Uploaded image for project: 'MariaDB Connector/C'
  1. MariaDB Connector/C
  2. CONC-452

OVERRUN error (CWE-119) in file libmariadb/ma_stmt_codec.c

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 3.1.6
    • Fix Version/s: 3.1
    • Labels:
    • Environment:
      All

      Description

      Hi,

      I'm working on fixing errors provided by covscan on project mariadb-connector-c (3.1.6) and I have problem with solving one of them.

      IMHO it's quite an important one, so I want to ask you if you can help me fix it.

      This is log from covscan:
      Error: OVERRUN (CWE-119):
      mariadb-connector-c-3.1.6-src/libmariadb/ma_stmt_codec.c:1171: overrun-buffer-val: Overrunning array "dtbuffer" of 60 bytes by passing it to a function which accesses it at byte offset 253.

      1. 1169| break;
      2. 1170| }
      3. 1171|-> convert_froma_string(r_param, dtbuffer, length);
      4. 1172| break;
      5. 1173| }

      I tried to look at it but unfortunately there is a lot of stuff to process, so I'm kindly asking for your assistance.

      Thank you so much
      Lukas

        Attachments

          Activity

            People

            Assignee:
            georg Georg Richter
            Reporter:
            ljavorsk Lukas Javorsky
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: