lsm/mdbtools
1
0
Fork 0
mirror of https://github.com/mdbtools/mdbtools.git synced 2026-03-03 17:08:31 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improved bounds checking

Browse Source
This commit is contained in:
Evan Miller
2021-09-08 06:37:51 -04:00
parent 4369721363
commit c137d64d13
1 changed files with 5 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/odbc/odbc.c
View File

@@ -1984,14 +1984,14 @@ SQLRETURN SQL_API SQLDataSources(
static int _odbc_fix_literals(struct _hstmt *stmt) static int _odbc_fix_literals(struct _hstmt *stmt)
{ {
char tmp[4096],begin_tag[11]; char tmp[4096];
char *s, *d, *p; char *s, *d, *p;
int i, quoted = 0, find_end = 0; int i, quoted = 0, find_end = 0;
char quote_char; char quote_char;
s=stmt->query; s=stmt->query;
d=tmp; d=tmp;
while (*s) { while (*s && d<tmp+sizeof(tmp)) {
if (!quoted && (*s=='"' || *s=='\'')) { if (!quoted && (*s=='"' || *s=='\'')) {
quoted = 1; quoted = 1;
quote_char = *s; quote_char = *s;
@@ -2006,9 +2006,7 @@ static int _odbc_fix_literals(struct _hstmt *stmt)
/* garbage */ /* garbage */
*d++=*s++; *d++=*s++;
} else { } else {
strncpy(begin_tag, s, i); /* printf("begin tag %.*s\n", i, s); */
begin_tag[i] = '\0';
/* printf("begin tag %s\n", begin_tag); */
s += i; s += i;
find_end = 1; find_end = 1;
} }
@@ -2016,8 +2014,8 @@ static int _odbc_fix_literals(struct _hstmt *stmt)
*d++=*s++; *d++=*s++;
} }
} }
*d='\0';
strcpy(stmt->query,tmp); snprintf(stmt->query, sizeof(stmt->query), "%.*s", (int)(d-tmp), tmp);
return 0; return 0;
} }