search

IBM / db2sock-ibmi

An asynchronous PASE Db2 and IBM i integration library
MIT License
4 stars 7 forks source link

Buffer with garbage could cause problems #27

Closed kadler closed 6 years ago

kadler commented 6 years ago

Original report by Teemu Halmela (Bitbucket: teemu_, GitHub: Unknown).

If the toolkit is given a non empty buffer the output will include content of this buffer.

This can be fixed by not taking the output length with strlen and just going with our counter. FIX and test

Note: My silly test overflows the buffer when the fix isn't applied. Maybe there should be a check for that overflow?

$ ./test0100_outjson_garbage_buffer32                                 
input(97):            
{"pgm":[{"name":"HELLO","lib":"DB2JSON"},{"s":{"name":"char","type":"128a","value":"Hi there"}}]}
output(587):          
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXŽ­"script":[{"pgm":["HELLO","DB2JSON",{"char":"Hello World"}]}]}

result:               
fail found(X)         
fail (-1)             
Segmentation fault (core dumped)
kadler commented 6 years ago

Original comment by Teemu Halmela (Bitbucket: teemu_, GitHub: Unknown).

All OK, thank you.

kadler commented 6 years ago

Original comment by Tony Cairns (Bitbucket: rangercairns, GitHub: rangercairns).

Ok. Are we done with this issue?

kadler commented 6 years ago

Original comment by Teemu Halmela (Bitbucket: teemu_, GitHub: Unknown).

It was there originally because the buffer length wasn't stored and the length was calculated every time. But now it is completely useless as we get the length from outside.

kadler commented 6 years ago

Original comment by Tony Cairns (Bitbucket: rangercairns, GitHub: rangercairns).

Ok, i removed strlen from json_output_printf.

YIPS Super Driver - test driver - 1.1.4-sg7 toolkit - Buffer with garbage could cause problems (Halmela)

warning (i can't recall ...)

Mm ... json_output_printf seems to work with tests. I have no idea why originally added. I commented out in source for now.

Thanks (i think).

#!c

int json_output_printf(...) {
  int retLen = outLen;
  char *p = (char *) NULL; 
  char *q = (char *) NULL; 
  int l = 0;
  int w = 0;
  int printLen = 0;
  va_list args;
  /* Halmela asserts remove strlen will work.
  if(retLen == 0){
    retLen = strlen(out_caller);
  }
  */