What steps will reproduce the problem?
1. Create a configuration file where the parameter MySqlDatabase is longer than
19 characters
2. run smatool
3. the tool will complain that it cannot access the database, and the database
name will be the concatenation of fields MySqlDatabase and MySqlUser
What is the expected output? What do you see instead?
The tool should not silently overflow its buffers (it's an error and a security
concern)
What version of the product are you using? On what operating system?
0.17a
resolution: In the function GetConfig, replace each call such as
if( strcmp( variable, "MySqlDatabase" ) == 0 )
strcpy( conf->MySqlDatabase, value );
with something like
if( strcmp( variable, "MySqlDatabase" ) == 0 )
{
size_t arraysize
arraysize = sizeof(conf->MySqlDatabase)/sizeof(conf->MySqldatabase[0])
if (strlen(value) > arraysize - 1)
{
printf( "Error! MySqlDatabase variable exceeds %d characters", arraysize - 1);
return (-1);
}
strcpy( conf->MySqlDatabase, value );
}
Please provide any additional information below.
Original issue reported on code.google.com by vereecke...@gmail.com on 19 Jan 2012 at 6:14
Original issue reported on code.google.com by
vereecke...@gmail.comon 19 Jan 2012 at 6:14