gnustep/libs-sqlclient
0
0
Fork 0
mirror of https://github.com/gnustep/libs-sqlclient.git synced 2025-06-04 19:11:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix buffer overrun

Browse source
This commit is contained in:
rfm 2025-02-18 17:32:45 +00:00
parent 9f90bdc755
commit db1ff663f6
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
SQLClient.m
View file

@ -3256,6 +3256,7 @@ static int poolConnections = 0;
unsigned char *buf; unsigned char *buf;
unsigned char *ptr; unsigned char *ptr;
const unsigned char *from = (const unsigned char*)statement; const unsigned char *from = (const unsigned char*)statement;
const unsigned char *end = from + strlen((const char*)statement);
/* /*
* Calculate length of buffer needed. * Calculate length of buffer needed.
@ -3274,10 +3275,10 @@ static int poolConnections = 0;
* Merge quoted data objects into statement. * Merge quoted data objects into statement.
*/ */
i = 1; i = 1;
from = (unsigned char*)statement; while (from < end)
while (*from != 0)
{ {
if (*from == *(unsigned char*)marker if (*from == *(unsigned char*)marker
&& (from + mLength) < end
&& memcmp(from, marker, mLength) == 0) && memcmp(from, marker, mLength) == 0)
{ {
NSData *d = [blobs objectAtIndex: i++]; NSData *d = [blobs objectAtIndex: i++];