Hi Michael,
Thanks for all your great feedback.
> Or you could keep the "lineno" and the error generated in memory.c as
> this gives enough details about the location where the problem
> happens. We are going to need the extra "alloc_failed".
>
> [...]
>
> Hmm. But both are related and the same
On Wed, Jul 16, 2025 at 02:04:12PM +0300, Aleksander Alekseev wrote:
> Hi Michael,
>
> > depending on what's set in a URI. I think that we need to redesign a
> > bit ecpg_strdup(), perhaps by providing an extra input argument so as
> > we can detect hard failures on OOM and let ECPGconnect() retu
Hi Michael,
> depending on what's set in a URI. I think that we need to redesign a
> bit ecpg_strdup(), perhaps by providing an extra input argument so as
> we can detect hard failures on OOM and let ECPGconnect() return early
> if we find a problem.
Makes sense. In this case however I believe w
On Mon, Jul 14, 2025 at 04:03:42PM +0300, Aleksander Alekseev wrote:
> Hi Michael,
>
> > Should we actually check sqlca_t more seriously if failing one of the
> > strdup calls used for the port, host, etc. when attempting the
> > connection? The ecpg_log() assumes that a NULL value equals a
> > ,
Hi Alvaro,
> This looks super baroque. Why not simplify a bit instead? Maybe
> something like
>
> [...]
Fair point. Here is the corrected patch.
From 35cbf8fa22d0a1e9d1b46784a83adfdfd5c675fb Mon Sep 17 00:00:00 2001
From: Aleksander Alekseev
Date: Fri, 11 Jul 2025 17:59:50 +0300
Subject: [PATC
On 2025-Jul-14, Aleksander Alekseev wrote:
> @@ -460,7 +461,21 @@ ECPGconnect(int lineno, int c, const char *name, const
> char *user, const char *p
>*/
> conn_keywords = (const char **) ecpg_alloc((connect_params + 1) *
> sizeof(char *), lineno);
> conn_values = (const char
Hi,
> Here is the corrected patch v3. Changes since v2:
>
> ```
> for (con = all_connections; con != NULL; con = con->next)
> {
> - /* XXX strcmp() will segfault if con->name is NULL */
> - if (strcmp(connection_name, con-
Hi,
> While working on it I noticed a potentially problematic strcmp call,
> marked with XXX in the patch. I didn't address this issue in v2.
Here is the corrected patch v3. Changes since v2:
```
for (con = all_connections; con != NULL; con = con->next)
{
-
Hi Michael,
> Should we actually check sqlca_t more seriously if failing one of the
> strdup calls used for the port, host, etc. when attempting the
> connection? The ecpg_log() assumes that a NULL value equals a
> , which would be wrong if we failed one of these allocations
> on OOM.
If I read
On Fri, Jul 11, 2025 at 07:22:36PM +0300, Aleksander Alekseev wrote:
> The patch looks correct, but I believe it's incomplete. It misses
> several other places where ecpg_strdup() is called without proper
> checks. A correct patch would look like the one attached.
>
> While working on it I noticed
Hi Evgeniy,
> In case of out_of_memory, the ecpg_strdup function may return NULL.
> Checks should be added in src/interfaces/ecpg/ecpglib/execute.c.
> Patch attached.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
The patch looks correct, but I believe it's incomplete. It m
Hi!
In case of out_of_memory, the ecpg_strdup function may return NULL.
Checks should be added in src/interfaces/ecpg/ecpglib/execute.c.
Patch attached.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
--
Best regards,
Evgeniy Gorbanev
diff --git a/src/interfaces/ecpg/ecpglib/
12 matches
Mail list logo
