search

oracle / odpi

ODPI-C: Oracle Database Programming Interface for Drivers and Applications
https://oracle.github.io/odpi/
Other
264 stars 75 forks source link

Bytes after nul in members of dpiXid are zeroed. #175

Closed kubo closed 2 years ago

kubo commented 2 years ago

ODPIC 4.3.0

https://github.com/oracle/odpi/blob/515a426239cfbd37d9446def11d0c5f8f1bb808b/src/dpiConn.c#L1343-L1348

xid->globalTransactionId and xid->branchQualifier are copied by strncpy. Bytes after a nul byte are zeroed. Shouldn't it be memcpy?

In the man page of strncpy:

If the length of src is less than n, strncpy() writes additional null bytes to dest to ensure that a total of n bytes are written.

Well, if global transaction id and branch qualifier must not contain null, this isn't a bug.

anthony-tuininga commented 2 years ago

Thanks, Kubo. Its not strictly a bug as it is extremely unlikely that an embedded NULL character would be passed and it is uncertain what would happen in the database if one was. Nevertheless, memcpy() is the safer approach anyway, so I changed it!

kubo commented 2 years ago

Thanks for fixing.