Details
-
Bug
-
Status: Closed (View Workflow)
-
Blocker
-
Resolution: Fixed
-
3.1.6
-
None
-
All
Description
Hi,
I'm working on fixing errors provided by covscan on project mariadb-connector-c (3.1.6) and I have problem with solving one of them.
IMHO it's quite an important one, so I want to ask you if you can help me fix it.
This is log from covscan:
Error: OVERRUN (CWE-119):
mariadb-connector-c-3.1.6-src/libmariadb/ma_stmt_codec.c:1171: overrun-buffer-val: Overrunning array "dtbuffer" of 60 bytes by passing it to a function which accesses it at byte offset 253.
- 1169| break;
- 1170| }
- 1171|-> convert_froma_string(r_param, dtbuffer, length);
- 1172| break;
- 1173| }
I tried to look at it but unfortunately there is a lot of stuff to process, so I'm kindly asking for your assistance.
Thank you so much
Lukas
Attachments
Activity
Thanks for quick response,
Okay, please let me know if something updated.
Thanks for your bug report.
I classified this CVE 1,5 years ago as false positive - however after rechecking this CVE, I need to check if we can force a buffer overrun via mysql_stmt_fetch_column()