You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafodion.apache.org by "Alice Chen (JIRA)" <ji...@apache.org> on 2015/07/22 20:17:39 UTC
[jira] [Created] (TRAFODION-637) LP Bug: 1370740 - Possible memory
corruption with user and role names
Alice Chen created TRAFODION-637:
------------------------------------
Summary: LP Bug: 1370740 - Possible memory corruption with user and role names
Key: TRAFODION-637
URL: https://issues.apache.org/jira/browse/TRAFODION-637
Project: Apache Trafodion
Issue Type: Bug
Components: sql-security
Reporter: Roberta Marton
Assignee: Cliff Gray
Fix For: 1.1 (pre-incubation)
The person that designed and implemented this function did not include a length parameter on purpose. The intention that only the cli GET_SESSION calls and ComUser class will call these functions. Both these places do check for lengths. However, to avoid issues going forward, more care is needed to avoid memory overruns in case someone calls this function with an incorrect buffer size.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)