[#MDEV-8317] [PATCH] Possible overflowing a buffer in strncat

[MDEV-8317] [PATCH] Possible overflowing a buffer in strncat Created: 2015-06-14 Updated: 2015-11-08 Resolved: 2015-11-08
Status:	Closed
Project:	MariaDB Server
Component/s:	Storage Engine - Connect
Affects Version/s:	10.1.5
Fix Version/s:	10.0.23, 10.1.9

Type:

Bug

Priority:

Major

Reporter:

Michal Hrusecky

Assignee:

Olivier Bertrand

Resolution:

Fixed

Votes:

Labels:

patch

Attachments:

mariadb-10.0.22-tabxml-bufferoverflowstrncat.patch

mariadb-10.1.5-tabxml-bufferoverflowstrncat.patch

Issue Links:

PartOf
is part of	~~MDEV-8379~~	SUSE mariadb patches	Closed

Description

Our static analysis tool complained about possible buffer overflow. Haven't checked how probable it is to happen, but it would be good to fix it either attached way or to replace stncats with strncpys.

Comments

Comment by Elena Stepanova [ 2015-06-14 ]

bertrandop,
If it applies to 10.0 too, please feel free to adjust the 'Fix version' accordingly.

Comment by Olivier Bertrand [ 2015-11-08 ]

Thanks for raising this problem and providing patches.
They will be applied with some typo modifications.
Note that in newer versions, the 10.1 tabxml.cpp is identical to the 10.0 one.

Comment by Olivier Bertrand [ 2015-11-08 ]

Why am I only aware today of a problem raised last june?

Generated at Thu Feb 08 07:26:15 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-8317] [PATCH] Possible overflowing a buffer in strncat Created: 2015-06-14 Updated: 2015-11-08 Resolved: 2015-11-08