gnustep/libs-sqlclient
0
0
Fork 0
mirror of https://github.com/gnustep/libs-sqlclient.git synced 2025-06-02 01:51:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix buffer overrun

Browse source
This commit is contained in:
rfm 2025-02-18 17:32:45 +00:00
parent 9f90bdc755
commit db1ff663f6
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
SQLClient.m
View file

@ -3256,6 +3256,7 @@ static int poolConnections = 0;
unsigned char *buf;
unsigned char *ptr;
const unsigned char *from = (const unsigned char*)statement;
const unsigned char *end = from + strlen((const char*)statement);
/*
* Calculate length of buffer needed.
@ -3274,10 +3275,10 @@ static int poolConnections = 0;
* Merge quoted data objects into statement.
*/
i = 1;
from = (unsigned char*)statement;
while (*from != 0)
while (from < end)
{
if (*from == *(unsigned char*)marker
&& (from + mLength) < end
&& memcmp(from, marker, mLength) == 0)
{
NSData *d = [blobs objectAtIndex: i++];