Issue Details (XML | Word | Printable)

Key: CORE-1447
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Claudio Valderrama C.
Reporter: Claudio Valderrama C.
Votes: 0
Watchers: 0

If you were logged in you would be able to see more operations.
Firebird Core

Buffer overrun when querying for database info on very long path through isc_database_info() API call.

Created: 11/Sep/07 03:54 AM   Updated: 19/Jan/16 05:02 AM
Component/s: Engine
Affects Version/s: 1.0.3, 1.5.2, 1.5.3, 2.0.0, 1.5.4, 2.0.1, 2.1 Alpha 1, 2.1 Beta 1, 2.0.2
Fix Version/s: 2.1 Beta 2, 1.5.5, 2.0.4

Environment: Independent of operating system.

QA Status: No test

 Description  « Hide
It's possible to cause a buffer overrun by just creating a db on a long path.
When asking information about it through isc_database_info(), an internal buffer is saturated without checking bounds.

 All   Comments   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Pavel Cisar added a comment - 26/Oct/07 10:32 AM
Shouldn't we back port this to 2.0 ?

Claudio Valderrama C. added a comment - 17/Nov/07 12:53 AM
Backported to v2.0.X as well.
It was backported to v1.5.5 in addition to the RISE-related bugs.