[MDEV-35988] Fix insecure use of strcpy, strcat and sprintf in Client and SQL - Jira

XML

Word

Printable

Details

Type: Bug
Status: Open (View Workflow)
Priority: Major
Resolution: Unresolved
Affects Version/s: 10.5(EOL)
Fix Version/s: 10.11
Component/s: None
Labels:
- contribution
- foundation

Description

Old style C functions strcpy(), strcat() and sprintf() are vulnerable to security issues due to lacking memory boundary checks. Replace these in the Client and SQL with safe new and/or custom functions such as snprintf() safe_strcpy() and safe_strcat().

Pull request: https://github.com/MariaDB/server/pull/2601

Attachments

Activity

People

Assignee:: Sergey Vojtovich

Reporter:: Sergey Vojtovich

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2025-01-31 12:31

Updated:: 2025-03-10 17:42

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.