database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-08 11:22:35 +03:00
Code Activity

Use memory safe snprintf() in Connect Engine

Browse Source 
This commit replaces sprintf(buf, ...) with
snprintf(buf, sizeof(buf), ...),
specifically in the "easy" cases where buf is allocated with a size
known at compile time.

The changes make sure we are not write outside array/string bounds which
will lead to undefined behaviour. In case the code is trying to write
outside bounds - safe version of functions simply cut the string
messages so we process this gracefully.

All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the BSD-new
license.  I am contributing on behalf of my employer Amazon Web Services,
Inc.

bsonudf.cpp warnings cleanup by Daniel Black

Reviewer: Daniel Black
This commit is contained in:
Mikhail Chalov
2022-07-19 19:06:55 +00:00
committed by Daniel Black
parent 95eb5e5a12
commit 19af1890b5
61 changed files with 931 additions and 919 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
storage/connect/tabfmt.cpp
View File

@@ -230,7 +230,7 @@ PQRYRES CSVColumns(PGLOBAL g, PCSZ dp, PTOS topt, bool info)
colname[0] = p;
} else if (rc == RC_EF) {
sprintf(g->Message, MSG(FILE_IS_EMPTY), fn);
snprintf(g->Message, sizeof(g->Message), MSG(FILE_IS_EMPTY), fn);
goto err;
} else
goto err;
@@ -269,10 +269,10 @@ PQRYRES CSVColumns(PGLOBAL g, PCSZ dp, PTOS topt, bool info)
/*******************************************************************/
if ((rc = tdbp->ReadDB(g)) == RC_OK) {
} else if (rc == RC_EF) {
sprintf(g->Message, MSG(EOF_AFTER_LINE), num_read -1);
snprintf(g->Message, sizeof(g->Message), MSG(EOF_AFTER_LINE), num_read -1);
break;
} else {
sprintf(g->Message, MSG(ERR_READING_REC), num_read, fn);
snprintf(g->Message, sizeof(g->Message), MSG(ERR_READING_REC), num_read, fn);
goto err;
} // endif's
@@ -285,7 +285,7 @@ PQRYRES CSVColumns(PGLOBAL g, PCSZ dp, PTOS topt, bool info)
if (*p == sep) {
if (phase != 1) {
if (i == MAXCOL - 1) {
sprintf(g->Message, MSG(TOO_MANY_FIELDS), num_read, fn);
snprintf(g->Message, sizeof(g->Message), MSG(TOO_MANY_FIELDS), num_read, fn);
goto err;
} // endif i
@@ -313,7 +313,7 @@ PQRYRES CSVColumns(PGLOBAL g, PCSZ dp, PTOS topt, bool info)
if (phase == 0) {
if (blank) {
if (++nerr > mxr) {
sprintf(g->Message, MSG(MISPLACED_QUOTE), num_read);
snprintf(g->Message, sizeof(g->Message), MSG(MISPLACED_QUOTE), num_read);
goto err;
} else
goto skip;
@@ -325,7 +325,7 @@ PQRYRES CSVColumns(PGLOBAL g, PCSZ dp, PTOS topt, bool info)
if (*(p+1) == q) {
// This is currently not implemented for CSV tables
// if (++nerr > mxr) {
// sprintf(g->Message, MSG(QUOTE_IN_QUOTE), num_read);
// snprintf(g->Message, sizeof(g->Message), MSG(QUOTE_IN_QUOTE), num_read);
// goto err;
// } else
// goto skip;
@@ -336,7 +336,7 @@ PQRYRES CSVColumns(PGLOBAL g, PCSZ dp, PTOS topt, bool info)
phase = 2;
} else if (++nerr > mxr) { // phase == 2
sprintf(g->Message, MSG(MISPLACED_QUOTE), num_read);
snprintf(g->Message, sizeof(g->Message), MSG(MISPLACED_QUOTE), num_read);
goto err;
} else
goto skip;
@@ -344,7 +344,7 @@ PQRYRES CSVColumns(PGLOBAL g, PCSZ dp, PTOS topt, bool info)
} else {
if (phase == 2) {
if (++nerr > mxr) {
sprintf(g->Message, MSG(MISPLACED_QUOTE), num_read);
snprintf(g->Message, sizeof(g->Message), MSG(MISPLACED_QUOTE), num_read);
goto err;
} else
goto skip;
@@ -366,7 +366,7 @@ PQRYRES CSVColumns(PGLOBAL g, PCSZ dp, PTOS topt, bool info)
if (phase == 1) {
if (++nerr > mxr) {
sprintf(g->Message, MSG(UNBALANCE_QUOTE), num_read);
snprintf(g->Message, sizeof(g->Message), MSG(UNBALANCE_QUOTE), num_read);
goto err;
} else
goto skip;
@@ -583,7 +583,7 @@ PTDB CSVDEF::GetTable(PGLOBAL g, MODE mode)
((PZLBFAM)txfp)->SetOptimized(To_Pos != NULL);
} // endelse
#else
sprintf(g->Message, MSG(NO_FEAT_SUPPORT), "GZ");
snprintf(g->Message, sizeof(g->Message), MSG(NO_FEAT_SUPPORT), "GZ");
return NULL;
#endif
} else
@@ -865,7 +865,7 @@ bool TDBCSV::SkipHeader(PGLOBAL g)
} // endfor cdp
if (hlen > Lrecl) {
sprintf(g->Message, MSG(LRECL_TOO_SMALL), hlen);
snprintf(g->Message, sizeof(g->Message), MSG(LRECL_TOO_SMALL), hlen);
return true;
} // endif hlen
@@ -949,7 +949,7 @@ int TDBCSV::ReadBuffer(PGLOBAL g)
if (*p != Sep && i != Fields - 1) { // Should be the separator
if (CheckErr()) {
sprintf(g->Message, MSG(MISSING_FIELD),
snprintf(g->Message, sizeof(g->Message), MSG(MISSING_FIELD),
i+1, Name, RowNumber(g));
return RC_FX;
} else if (Accept)
@@ -976,7 +976,7 @@ int TDBCSV::ReadBuffer(PGLOBAL g)
} // endif n
} else if (CheckErr()) {
sprintf(g->Message, MSG(BAD_QUOTE_FIELD),
snprintf(g->Message, sizeof(g->Message), MSG(BAD_QUOTE_FIELD),
Name, i+1, RowNumber(g));
return RC_FX;
} else if (Accept) {
@@ -993,7 +993,7 @@ int TDBCSV::ReadBuffer(PGLOBAL g)
len = strlen(p2);
bad = true;
} else if (CheckErr()) {
sprintf(g->Message, MSG(MISSING_FIELD), i+1, Name, RowNumber(g));
snprintf(g->Message, sizeof(g->Message), MSG(MISSING_FIELD), i+1, Name, RowNumber(g));
return RC_FX;
} else if (Accept) {
len = strlen(p2);
@@ -1009,7 +1009,7 @@ int TDBCSV::ReadBuffer(PGLOBAL g)
if (Mode != MODE_UPDATE)
Fldlen[i] = len;
else if (len > Fldlen[i]) {
sprintf(g->Message, MSG(FIELD_TOO_LONG), i+1, RowNumber(g));
snprintf(g->Message, sizeof(g->Message), MSG(FIELD_TOO_LONG), i+1, RowNumber(g));
return RC_FX;
} else {
strncpy(Field[i], p2, len);
@@ -1143,7 +1143,7 @@ int TDBCSV::CheckWrite(PGLOBAL g)
else if (strchr(Field[i], Sep) || (Qot && *Field[i] == Qot)
|| Quoted > 1 || (Quoted == 1 && !Fldtyp[i]))
if (!Qot) {
sprintf(g->Message, MSG(SEP_IN_FIELD), i + 1);
snprintf(g->Message, sizeof(g->Message), MSG(SEP_IN_FIELD), i + 1);
return -1;
} else {
// Quotes inside a quoted field must be doubled
@@ -1225,7 +1225,7 @@ bool TDBFMT::OpenDB(PGLOBAL g)
Linenum = 0;
if (Mode == MODE_INSERT || Mode == MODE_UPDATE) {
sprintf(g->Message, MSG(FMT_WRITE_NIY), "FMT");
snprintf(g->Message, sizeof(g->Message), MSG(FMT_WRITE_NIY), "FMT");
return true; // NIY
} // endif Mode
@@ -1255,13 +1255,13 @@ bool TDBFMT::OpenDB(PGLOBAL g)
if (!cdp->IsSpecial() && !cdp->IsVirtual()
&& (i = cdp->GetOffset() - 1) < Fields) {
if (!(pfm = cdp->GetFmt())) {
sprintf(g->Message, MSG(NO_FLD_FORMAT), i + 1, Name);
snprintf(g->Message, sizeof(g->Message), MSG(NO_FLD_FORMAT), i + 1, Name);
return true;
} // endif pfm
// Roughly check the Fmt format
if ((n = strlen(pfm) - 2) < 4) {
sprintf(g->Message, MSG(BAD_FLD_FORMAT), i + 1, Name);
snprintf(g->Message, sizeof(g->Message), MSG(BAD_FLD_FORMAT), i + 1, Name);
return true;
} // endif n
@@ -1338,7 +1338,7 @@ int TDBFMT::ReadBuffer(PGLOBAL g)
sscanf("a", "%*c"); // Seems to reset things Ok
if (CheckErr()) {
sprintf(g->Message, MSG(BAD_LINEFLD_FMT), Linenum, i + 1, Name);
snprintf(g->Message, sizeof(g->Message), MSG(BAD_LINEFLD_FMT), Linenum, i + 1, Name);
return RC_FX;
} else if (Accept)
bad = true;
@@ -1361,7 +1361,7 @@ int TDBFMT::ReadBuffer(PGLOBAL g)
// if (Mode != MODE_UPDATE)
Fldlen[i] = len;
// else if (len > Fldlen[i]) {
// sprintf(g->Message, MSG(FIELD_TOO_LONG), i+1, To_Tdb->RowNumber(g));
// snprintf(g->Message, sizeof(g->Message), MSG(FIELD_TOO_LONG), i+1, To_Tdb->RowNumber(g));
// return RC_FX;
// } else {
// strncpy(Field[i], To_Line + pos, len);
@@ -1384,7 +1384,7 @@ int TDBFMT::ReadBuffer(PGLOBAL g)
/***********************************************************************/
int TDBFMT::WriteDB(PGLOBAL g)
{
sprintf(g->Message, MSG(FMT_WRITE_NIY), "FMT");
snprintf(g->Message, sizeof(g->Message), MSG(FMT_WRITE_NIY), "FMT");
return RC_FX; // NIY
} // end of WriteDB
@@ -1443,7 +1443,7 @@ void CSVCOL::ReadColumn(PGLOBAL g)
if (!tdbp->IsRead())
if ((rc = tdbp->ReadBuffer(g)) != RC_OK) {
if (rc == RC_EF)
sprintf(g->Message, MSG(INV_DEF_READ), rc);
snprintf(g->Message, sizeof(g->Message), MSG(INV_DEF_READ), rc);
throw 34;
} // endif
@@ -1461,7 +1461,7 @@ void CSVCOL::ReadColumn(PGLOBAL g)
if (Long > colen && tdbp->CheckErr()) {
Long = colen; // Restore column length
sprintf(g->Message, MSG(FLD_TOO_LNG_FOR),
snprintf(g->Message, sizeof(g->Message), MSG(FLD_TOO_LNG_FOR),
Fldnum + 1, Name, To_Tdb->RowNumber(g), tdbp->GetFile(g));
throw 34;
} // endif Long
@@ -1525,7 +1525,7 @@ void CSVCOL::WriteColumn(PGLOBAL g)
htrc("new length(%p)=%d\n", p, n);
if (n > flen) {
sprintf(g->Message, MSG(BAD_FLD_LENGTH), Name, p, n,
snprintf(g->Message, sizeof(g->Message), MSG(BAD_FLD_LENGTH), Name, p, n,
tdbp->RowNumber(g), tdbp->GetFile(g));
throw 34;
} else if (Dsp)
@@ -1542,7 +1542,7 @@ void CSVCOL::WriteColumn(PGLOBAL g)
/*********************************************************************/
if (Fldnum < 0) {
// This can happen for wrong offset value in XDB files
sprintf(g->Message, MSG(BAD_FIELD_RANK), Fldnum + 1, Name);
snprintf(g->Message, sizeof(g->Message), MSG(BAD_FIELD_RANK), Fldnum + 1, Name);
throw 34;
} else
strncpy(tdbp->Field[Fldnum], p, flen);