Skip Menu |

This queue is for tickets about the Sedna CPAN distribution.

Report information
The Basics
Id: 80221
Status: open
Priority: 0/
Queue: Sedna
People
Owner: Nobody in particular
Requestors: chanceencounters [...] yahoo.co.uk
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: 0.004
Fixed in: (no value)

History Show all quoted text
  Tue Oct 16 11:12:55 2012 francistp [...] yahoo.com - Ticket created
Subject: getData buffer overrun
Sedna-0.004 Mac OSX 10.5.8 (Darwin 9.8.0) / Perl 5.10.0 Symptom: calls to getData crash with "bus error" Reproduce (see attached): perl test_sedna.pl 1 Patch (attached): --- SednaOld.xs 2012-10-16 16:00:52.000000000 +0100 +++ Sedna.xs 2012-10-16 15:53:39.000000000 +0100 @@ -372,11 +372,12 @@ int reqlen CODE: SvUTF8_off(svbuff); - char* buff = SvGROW(svbuff, reqlen+10); - int ret = SEgetData(conn, buff, reqlen); + char* buff = malloc(reqlen); + int ret = SEgetData(conn, buff, reqlen-1); if (ret < 0) { croak("error at SEgetData: %s", SEgetLastErrorMsg(conn)); } else { + sv_catpv(svbuff,buff); RETVAL = ret; } OUTPUT:
Subject: mods.diff
--- SednaOld.xs 2012-10-16 16:00:52.000000000 +0100 +++ Sedna.xs 2012-10-16 15:53:39.000000000 +0100 @@ -372,11 +372,12 @@ int reqlen CODE: SvUTF8_off(svbuff); - char* buff = SvGROW(svbuff, reqlen+10); - int ret = SEgetData(conn, buff, reqlen); + char* buff = malloc(reqlen); + int ret = SEgetData(conn, buff, reqlen-1); if (ret < 0) { croak("error at SEgetData: %s", SEgetLastErrorMsg(conn)); } else { + sv_catpv(svbuff,buff); RETVAL = ret; } OUTPUT:
  Tue Oct 16 11:15:24 2012 francistp [...] yahoo.com - Correspondence added
From: francistp [...] yahoo.com
...forgot the test case (see attached)
Subject: test_sedna.pl
use strict; use Test::Simple tests=>1; use Sedna; =cut INSTRUCTIONS: perl test_seda.pl 0 perl test_sedna.pl 1 The first works and the second gives a bus error (Mac OSX 10.5.8) =cut my ($fail) = @ARGV; my $con = Sedna->connect("localhost","test","SYSTEM","MANAGER"); my $expr =<<EOF let \$x := 1 return \$x EOF ; $con->begin; $con->execute($expr); $con->next; my $xml; my $buf = "0" unless ($fail); while($con->getData($buf,8)) { $xml .= $buf } $con->commit; &Test::Simple::ok($xml eq "1"); exit;
  Tue Oct 16 11:15:49 2012 The RT System itself - Status changed from 'new' to 'open'
  Tue Oct 16 11:41:23 2012 francistp [...] yahoo.com - Correspondence added
From: francistp [...] yahoo.com
Modified Patch - added call to free
Subject: 04mods.t
#!perl -w use strict; use Test::More tests => 12; ## ---------------------------------------------------------------------------- ## 04mods.t - ... ## ---------------------------------------------------------------------------- # Note: # the modules tested here are all marked as new and not guaranteed, so this if # they change, these will fail. ## ---------------------------------------------------------------------------- BEGIN { use_ok( 'DBI' ); # load these first, since the other two load them # and we want to catch the error first use_ok( 'DBI::Const::GetInfo::ANSI' ); use_ok( 'DBI::Const::GetInfo::ODBC' ); use_ok( 'DBI::Const::GetInfoType', qw(%GetInfoType) ); use_ok( 'DBI::Const::GetInfoReturn', qw(%GetInfoReturnTypes %GetInfoReturnValues) ); } ## test GetInfoType cmp_ok(scalar(keys(%GetInfoType)), '>', 1, '... we have at least one key in the GetInfoType hash'); is_deeply( \%GetInfoType, { %DBI::Const::GetInfo::ANSI::InfoTypes, %DBI::Const::GetInfo::ODBC::InfoTypes }, '... the GetInfoType hash is constructed from the ANSI and ODBC hashes' ); ## test GetInfoReturnTypes cmp_ok(scalar(keys(%GetInfoReturnTypes)), '>', 1, '... we have at least one key in the GetInfoReturnType hash'); is_deeply( \%GetInfoReturnTypes, { %DBI::Const::GetInfo::ANSI::ReturnTypes, %DBI::Const::GetInfo::ODBC::ReturnTypes }, '... the GetInfoReturnType hash is constructed from the ANSI and ODBC hashes' ); ## test GetInfoReturnValues cmp_ok(scalar(keys(%GetInfoReturnValues)), '>', 1, '... we have at least one key in the GetInfoReturnValues hash'); # ... testing GetInfoReturnValues any further would be difficult ## test the two methods found in DBI::Const::GetInfoReturn can_ok('DBI::Const::GetInfoReturn', 'Format'); can_ok('DBI::Const::GetInfoReturn', 'Explain'); 1;
  Tue Oct 16 11:44:21 2012 francistp [...] yahoo.com - Correspondence added
From: francistp [...] yahoo.com
lets try that again - with the right patch file Show quoted text
> Modified Patch - added call to free
Subject: mods.diff
--- SednaOld.xs 2012-10-16 16:00:52.000000000 +0100 +++ Sedna.xs 2012-10-16 16:31:44.000000000 +0100 @@ -372,11 +372,13 @@ int reqlen CODE: SvUTF8_off(svbuff); - char* buff = SvGROW(svbuff, reqlen+10); - int ret = SEgetData(conn, buff, reqlen); + char* buff = malloc(reqlen); + int ret = SEgetData(conn, buff, reqlen-1); if (ret < 0) { croak("error at SEgetData: %s", SEgetLastErrorMsg(conn)); } else { + sv_catpv(svbuff,buff); + free(buff); RETVAL = ret; } OUTPUT:
  Wed Oct 17 07:18:53 2012 francistp [...] yahoo.com - Correspondence added
From: francistp [...] yahoo.com
updated patch : null terminate our query result before we pass to sv_catpv
Subject: mods.txt
--- Sedna.xs 2012-10-17 11:42:01.000000000 +0100 +++ Sedna_patched.xs 2012-10-17 12:11:27.000000000 +0100 @@ -372,11 +372,14 @@ int reqlen CODE: SvUTF8_off(svbuff); - char* buff = SvGROW(svbuff, reqlen+10); - int ret = SEgetData(conn, buff, reqlen); + char* buff = malloc(reqlen); + int ret = SEgetData(conn, buff, reqlen-1); if (ret < 0) { croak("error at SEgetData: %s", SEgetLastErrorMsg(conn)); } else { + buff[ret]='\0'; + sv_catpv(svbuff,buff); + free(buff); RETVAL = ret; } OUTPUT: