You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by tr...@apache.org on 2011/03/07 11:44:41 UTC

svn commit: r1078737 - /apr/apr/trunk/dbd/apr_dbd_odbc.c

Author: trawick
Date: Mon Mar  7 10:44:41 2011
New Revision: 1078737

URL: http://svn.apache.org/viewvc?rev=1078737&view=rev
Log:
fix some existing parameter range checking that had a bad
assumption about the size of array entries

add the same range check in another path

Modified:
    apr/apr/trunk/dbd/apr_dbd_odbc.c

Modified: apr/apr/trunk/dbd/apr_dbd_odbc.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/dbd/apr_dbd_odbc.c?rev=1078737&r1=1078736&r2=1078737&view=diff
==============================================================================
--- apr/apr/trunk/dbd/apr_dbd_odbc.c (original)
+++ apr/apr/trunk/dbd/apr_dbd_odbc.c Mon Mar  7 10:44:41 2011
@@ -202,7 +202,7 @@ typedef struct {
 
 /* SQL datatype mappings to DBD datatypes 
  * These tables must correspond *exactly* to the apr_dbd_type_e enum 
- * in apr_dbd_internal.h 
+ * in apr_dbd.h
  */
 
 /* ODBC "C" types to DBD datatypes  */
@@ -231,6 +231,7 @@ static SQLSMALLINT const sqlCtype[] = {
     SQL_LONGVARCHAR,                /* APR_DBD_TYPE_CLOB,       \%pDc */
     SQL_TYPE_NULL                   /* APR_DBD_TYPE_NULL        \%pDn */
 };
+#define NUM_APR_DBD_TYPES (sizeof(sqlCtype) / sizeof(sqlCtype[0]))
 
 /*  ODBC Base types to DBD datatypes */
 static SQLSMALLINT const sqlBaseType[] = {
@@ -528,6 +529,10 @@ static SQLRETURN odbc_bind_param(apr_poo
     }
     /* bind a non-NULL data value */
     else {
+        if (type < 0 || type >= NUM_APR_DBD_TYPES) {
+            return APR_EGENERAL;
+        }
+
         baseType = sqlBaseType[type];
         cType = sqlCtype[type];
         indicator = NULL;
@@ -1338,15 +1343,17 @@ static apr_status_t odbc_datum_get(const
 {
     SQLSMALLINT sqltype;
     void *p;
-    int len = sqlSizes[dbdtype];
+    int len;
 
     if (col >= row->res->ncols)
         return APR_EGENERAL;
 
-    if (dbdtype < 0 || dbdtype >= sizeof(sqlCtype)) {
+    if (dbdtype < 0 || dbdtype >= NUM_APR_DBD_TYPES) {
         data = NULL;            /* invalid type */
         return APR_EGENERAL;
     }
+
+    len = sqlSizes[dbdtype];
     sqltype = sqlCtype[dbdtype];
 
     /* must not memcpy a brigade, sentinals are relative to orig loc */