You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafodion.apache.org by "Alice Chen (JIRA)" <ji...@apache.org> on 2015/07/22 20:17:39 UTC

[jira] [Created] (TRAFODION-637) LP Bug: 1370740 - Possible memory corruption with user and role names

Alice Chen created TRAFODION-637:
------------------------------------

             Summary: LP Bug: 1370740 - Possible memory corruption with user and role names
                 Key: TRAFODION-637
                 URL: https://issues.apache.org/jira/browse/TRAFODION-637
             Project: Apache Trafodion
          Issue Type: Bug
          Components: sql-security
            Reporter: Roberta Marton
            Assignee: Cliff Gray
             Fix For: 1.1 (pre-incubation)


The person that designed and implemented this function did not include a length parameter on purpose.  The intention that only the cli GET_SESSION calls and ComUser class will call these functions.  Both these places do check for lengths.  However, to avoid issues going forward, more care is needed to avoid memory overruns in case someone calls this function with an incorrect buffer size.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)