Subject: | Improve security |
I addition to #75614 this issue also can be easily be improved, by
disallowing any other type bits for the impl handle than DBIt_DB or
DBIt_ST. This way it will be harder to use any pointer to shellcode
on the heap, when being attacked by memory pressure (wrong refcount
leading to use-after free).
--
Reini Urban
Subject: | DBI-add-default.patch |
diff -bu ./DBI.xs~ ./DBI.xs
--- ./DBI.xs~ 2012-10-01 20:59:06.119631448 -0500
+++ ./DBI.xs 2012-10-01 20:58:16.104084790 -0500
@@ -1492,6 +1492,8 @@
tmp_svp = hv_fetch((HV*)SvRV(h), "Statement", 9, 1);
(void)hv_store((HV*)SvRV(parent), "Statement", 9, SvREFCNT_inc(*tmp_svp), 0);
break;
+ default:
+ die("Wrong DBIc_TYPE");
}
}