mirror of
https://github.com/MariaDB/server.git
synced 2025-08-08 11:22:35 +03:00
Use memory safe snprintf() in Connect Engine
This commit replaces sprintf(buf, ...) with snprintf(buf, sizeof(buf), ...), specifically in the "easy" cases where buf is allocated with a size known at compile time. The changes make sure we are not write outside array/string bounds which will lead to undefined behaviour. In case the code is trying to write outside bounds - safe version of functions simply cut the string messages so we process this gracefully. All new code of the whole pull request, including one or several files that are either new files or modified ones, are contributed under the BSD-new license. I am contributing on behalf of my employer Amazon Web Services, Inc. bsonudf.cpp warnings cleanup by Daniel Black Reviewer: Daniel Black
This commit is contained in:
Mikhail Chalov
committed by
Daniel Black
Daniel Black
parent
95eb5e5a12
commit
19af1890b5
@@ -512,7 +512,7 @@ bool XMLDEF::DefineAM(PGLOBAL g, LPCSTR am, int poff)
|
||||
defcol = "TD";
|
||||
break;
|
||||
default:
|
||||
sprintf(g->Message, MSG(INV_COL_TYPE), buf);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(INV_COL_TYPE), buf);
|
||||
return true;
|
||||
} // endswitch typname
|
||||
|
||||
@@ -777,7 +777,7 @@ int TDBXML::LoadTableFile(PGLOBAL g, char *filename)
|
||||
|
||||
// Initialize the implementation
|
||||
if (Docp->Initialize(g, Entry, Zipped)) {
|
||||
sprintf(g->Message, MSG(INIT_FAILED), (Usedom) ? "DOM" : "libxml2");
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(INIT_FAILED), (Usedom) ? "DOM" : "libxml2");
|
||||
return RC_FX;
|
||||
} // endif init
|
||||
|
||||
@@ -867,7 +867,7 @@ bool TDBXML::Initialize(PGLOBAL g)
|
||||
// Evaluate table xpath
|
||||
if ((TabNode = Root->SelectSingleNode(g, tabpath))) {
|
||||
if (TabNode->GetType() != XML_ELEMENT_NODE) {
|
||||
sprintf(g->Message, MSG(BAD_NODE_TYPE), TabNode->GetType());
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(BAD_NODE_TYPE), TabNode->GetType());
|
||||
goto error;
|
||||
} // endif Type
|
||||
|
||||
@@ -884,12 +884,12 @@ bool TDBXML::Initialize(PGLOBAL g)
|
||||
if (!(DBnode = Root->SelectSingleNode(g, tabpath))) {
|
||||
// DB node does not exist yet; we cannot create it
|
||||
// because we don't know where it should be placed
|
||||
sprintf(g->Message, MSG(MISSING_NODE), XmlDB, Xfile);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(MISSING_NODE), XmlDB, Xfile);
|
||||
goto error;
|
||||
} // endif DBnode
|
||||
|
||||
if (!(TabNode = DBnode->AddChildNode(g, Tabname))) {
|
||||
sprintf(g->Message, MSG(FAIL_ADD_NODE), Tabname);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(FAIL_ADD_NODE), Tabname);
|
||||
goto error;
|
||||
} // endif TabNode
|
||||
|
||||
@@ -934,7 +934,7 @@ bool TDBXML::Initialize(PGLOBAL g)
|
||||
goto error;
|
||||
|
||||
} else {
|
||||
sprintf(g->Message, MSG(FILE_UNFOUND), Xfile);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(FILE_UNFOUND), Xfile);
|
||||
|
||||
if (Mode == MODE_READ) {
|
||||
PushWarning(g, this);
|
||||
@@ -946,7 +946,7 @@ bool TDBXML::Initialize(PGLOBAL g)
|
||||
|
||||
} else if (rc == RC_INFO) {
|
||||
// Loading failed
|
||||
sprintf(g->Message, MSG(LOADING_FAILED), Xfile);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(LOADING_FAILED), Xfile);
|
||||
goto error;
|
||||
} else // (rc == RC_FX)
|
||||
goto error;
|
||||
@@ -979,9 +979,9 @@ bool TDBXML::Initialize(PGLOBAL g)
|
||||
buf, sizeof(buf), NULL, NULL);
|
||||
|
||||
if (rc)
|
||||
sprintf(g->Message, "%s: %s", MSG(COM_ERROR), buf);
|
||||
snprintf(g->Message, sizeof(g->Message), "%s: %s", MSG(COM_ERROR), buf);
|
||||
else
|
||||
sprintf(g->Message, "%s hr=%x", MSG(COM_ERROR), e.Error());
|
||||
snprintf(g->Message, sizeof(g->Message), "%s hr=%x", MSG(COM_ERROR), e.Error());
|
||||
|
||||
goto error;
|
||||
#endif // _WIN32
|
||||
@@ -1138,7 +1138,7 @@ int TDBXML::RowNumber(PGLOBAL g, bool b)
|
||||
/*******************************************************************/
|
||||
/* Don't know how to retrieve RowID for expanded XML tables. */
|
||||
/*******************************************************************/
|
||||
sprintf(g->Message, MSG(NO_ROWID_FOR_AM),
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(NO_ROWID_FOR_AM),
|
||||
GetAmName(g, GetAmType()));
|
||||
return 0; // Means error
|
||||
} else
|
||||
@@ -1260,7 +1260,7 @@ int TDBXML::ReadDB(PGLOBAL g)
|
||||
// Get the new row node
|
||||
if (Nlist) {
|
||||
if ((RowNode = Nlist->GetItem(g, Irow, RowNode)) == NULL) {
|
||||
sprintf(g->Message, MSG(MISSING_ROWNODE), Irow);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(MISSING_ROWNODE), Irow);
|
||||
return RC_FX;
|
||||
} // endif RowNode
|
||||
|
||||
@@ -1325,7 +1325,7 @@ int TDBXML::DeleteDB(PGLOBAL g, int irc)
|
||||
// Delete all rows
|
||||
for (Irow = 0; Irow < Nrow; Irow++)
|
||||
if ((RowNode = Nlist->GetItem(g, Irow, RowNode)) == NULL) {
|
||||
sprintf(g->Message, MSG(MISSING_ROWNODE), Irow);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(MISSING_ROWNODE), Irow);
|
||||
return RC_FX;
|
||||
} else {
|
||||
TabNode->DeleteChild(g, RowNode);
|
||||
@@ -1521,7 +1521,7 @@ bool XMLCOL::ParseXpath(PGLOBAL g, bool mode)
|
||||
|
||||
if (Xname) {
|
||||
if (Type == 2) {
|
||||
sprintf(g->Message, MSG(BAD_COL_XPATH), Name, Tdbp->Name);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(BAD_COL_XPATH), Name, Tdbp->Name);
|
||||
return true;
|
||||
} else
|
||||
strcat(pbuf, Xname);
|
||||
@@ -1551,7 +1551,7 @@ bool XMLCOL::ParseXpath(PGLOBAL g, bool mode)
|
||||
if (mode) {
|
||||
// For Update or Insert the Xpath must be explicit
|
||||
if (strchr("@/.*", *p)) {
|
||||
sprintf(g->Message, MSG(XPATH_NOT_SUPP), Name);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(XPATH_NOT_SUPP), Name);
|
||||
return true;
|
||||
} else
|
||||
Nodes[i] = p;
|
||||
@@ -1562,7 +1562,7 @@ bool XMLCOL::ParseXpath(PGLOBAL g, bool mode)
|
||||
} // endfor i, p
|
||||
|
||||
if (*p == '/' || *p == '.') {
|
||||
sprintf(g->Message, MSG(XPATH_NOT_SUPP), Name);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(XPATH_NOT_SUPP), Name);
|
||||
return true;
|
||||
} else if (*p == '@') {
|
||||
p++; // Remove the @ if mode
|
||||
@@ -1623,7 +1623,7 @@ bool XMLCOL::ParseXpath(PGLOBAL g, bool mode)
|
||||
bool XMLCOL::SetBuffer(PGLOBAL g, PVAL value, bool ok, bool check)
|
||||
{
|
||||
if (!(To_Val = value)) {
|
||||
sprintf(g->Message, MSG(VALUE_ERROR), Name);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(VALUE_ERROR), Name);
|
||||
return true;
|
||||
} else if (Buf_Type == value->GetType()) {
|
||||
// Values are of the (good) column type
|
||||
@@ -1642,7 +1642,7 @@ bool XMLCOL::SetBuffer(PGLOBAL g, PVAL value, bool ok, bool check)
|
||||
} else {
|
||||
// Values are not of the (good) column type
|
||||
if (check) {
|
||||
sprintf(g->Message, MSG(TYPE_VALUE_ERR), Name,
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(TYPE_VALUE_ERR), Name,
|
||||
GetTypeName(Buf_Type), GetTypeName(value->GetType()));
|
||||
return true;
|
||||
} // endif check
|
||||
@@ -1695,7 +1695,7 @@ void XMLCOL::ReadColumn(PGLOBAL g)
|
||||
if (ValNode) {
|
||||
if (ValNode->GetType() != XML_ELEMENT_NODE &&
|
||||
ValNode->GetType() != XML_ATTRIBUTE_NODE) {
|
||||
sprintf(g->Message, MSG(BAD_VALNODE), ValNode->GetType(), Name);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(BAD_VALNODE), ValNode->GetType(), Name);
|
||||
throw (int)TYPE_AM_XML;
|
||||
} // endif type
|
||||
|
||||
@@ -1861,7 +1861,7 @@ void XMLCOL::WriteColumn(PGLOBAL g)
|
||||
p = Value->GetCharString(buf);
|
||||
|
||||
if (strlen(p) > (unsigned)Long) {
|
||||
sprintf(g->Message, MSG(VALUE_TOO_LONG), p, Name, Long);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(VALUE_TOO_LONG), p, Name, Long);
|
||||
throw (int)TYPE_AM_XML;
|
||||
} else
|
||||
strcpy(Valbuf, p);
|
||||
@@ -1902,7 +1902,7 @@ void XMULCOL::ReadColumn(PGLOBAL g)
|
||||
|
||||
if (N > Tdbp->Limit) {
|
||||
N = Tdbp->Limit;
|
||||
sprintf(g->Message, "Multiple values limited to %d", Tdbp->Limit);
|
||||
snprintf(g->Message, sizeof(g->Message), "Multiple values limited to %d", Tdbp->Limit);
|
||||
PushWarning(g, Tdbp);
|
||||
} // endif N
|
||||
|
||||
@@ -1911,7 +1911,7 @@ void XMULCOL::ReadColumn(PGLOBAL g)
|
||||
|
||||
if (ValNode->GetType() != XML_ELEMENT_NODE &&
|
||||
ValNode->GetType() != XML_ATTRIBUTE_NODE) {
|
||||
sprintf(g->Message, MSG(BAD_VALNODE), ValNode->GetType(), Name);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(BAD_VALNODE), ValNode->GetType(), Name);
|
||||
throw (int)TYPE_AM_XML;
|
||||
} // endif type
|
||||
|
||||
@@ -2046,7 +2046,7 @@ void XMULCOL::WriteColumn(PGLOBAL g)
|
||||
len = Nlx->GetLength();
|
||||
|
||||
if (len > 1 && !Tdbp->Xpand) {
|
||||
sprintf(g->Message, MSG(BAD_VAL_UPDATE), Name);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(BAD_VAL_UPDATE), Name);
|
||||
throw (int)TYPE_AM_XML;
|
||||
} else
|
||||
ValNode = Nlx->GetItem(g, Tdbp->Nsub, Vxnp);
|
||||
@@ -2117,7 +2117,7 @@ void XMULCOL::WriteColumn(PGLOBAL g)
|
||||
p = Value->GetCharString(buf);
|
||||
|
||||
if (strlen(p) > (unsigned)Long) {
|
||||
sprintf(g->Message, MSG(VALUE_TOO_LONG), p, Name, Long);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(VALUE_TOO_LONG), p, Name, Long);
|
||||
throw (int)TYPE_AM_XML;
|
||||
} else
|
||||
strcpy(Valbuf, p);
|
||||
@@ -2244,7 +2244,7 @@ void XPOSCOL::WriteColumn(PGLOBAL g)
|
||||
p = Value->GetCharString(buf);
|
||||
|
||||
if (strlen(p) > (unsigned)Long) {
|
||||
sprintf(g->Message, MSG(VALUE_TOO_LONG), p, Name, Long);
|
||||
snprintf(g->Message, sizeof(g->Message), MSG(VALUE_TOO_LONG), p, Name, Long);
|
||||
throw (int)TYPE_AM_XML;
|
||||
} else
|
||||
strcpy(Valbuf, p);
|
||||
|
||||
Reference in New Issue
Block a user