| Bug #40316 | calling SQLDriverConnect() with no output buffer will crash if not prompting | ||
|---|---|---|---|
| Submitted: | 24 Oct 2008 18:42 | Modified: | 10 Nov 2008 15:24 |
| Reporter: | Jess Balint | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | Connector / ODBC | Severity: | S3 (Non-critical) |
| Version: | 5.1 | OS: | Any |
| Assigned to: | Jess Balint | CPU Architecture: | Any |
[31 Oct 2008 18:12]
Jess Balint
This bug was a result of the change in bug#38949 and as a result is not included in any official release. Fix pushed as rev 807, will be included in 5.1.6.
[10 Nov 2008 15:24]
Tony Bedford
An entry was added to the 5.1.6 changelog: Calling SQLDriverConnect() with a NULL pointer for the output buffer caused a crash if SQL_DRIVER_NOPROMPT was also specified: SQLDriverConnect(dbc, NULL, "DSN=myodbc5", SQL_NTS, NULL, 0, NULL, SQL_DRIVER_NOPROMPT)
Description: calling SQLDriverConnect() with a NULL pointer for the output buffer will cause a crash if no prompting is done How to repeat: SQLDriverConnect(dbc, NULL, "DSN=myodbc5", SQL_NTS, NULL, 0, NULL, SQL_DRIVER_NOPROMPT) Suggested fix: === modified file 'driver/connect.c' --- driver/connect.c 2008-09-11 03:02:39 +0000 +++ driver/connect.c 2008-10-24 18:38:39 +0000 @@ -795,7 +795,7 @@ #ifndef USE_LEGACY_ODBC_GUI /* copy input to output if connected without prompting */ - if (!bPrompt) + if (!bPrompt && szConnStrOut && cbConnStrOutMax) { size_t inlen= (sqlwcharlen(szConnStrIn) + 1) * sizeof(SQLWCHAR); size_t copylen= myodbc_min((size_t)cbConnStrOutMax, inlen);