Re: Ask for two questions on psqlodbc

Поиск
Список
Период
Сортировка
От Inoue, Hiroshi
Тема Re: Ask for two questions on psqlodbc
Дата
Msg-id 53B56A35.8070300@tpf.co.jp
обсуждение исходный текст
Ответ на Ask for two questions on psqlodbc  (cobainpluto <pluto_cbin@outlook.com>)
Ответы Re: Ask for two questions on psqlodbc  (cobainpluto <pluto_cbin@outlook.com>)
Re: Ask for two questions on psqlodbc  (cobainpluto <pluto_cbin@outlook.com>)
Список pgsql-odbc
Дерево обсуждения 
Hi,

(2014/07/02 18:09), cobainpluto wrote:
> Dear all,
> Recently, I used Static Code Analyzer(Fortify) to analyze
> psqlodbc-09.03.0300 codes, and found two potential Memory Leak
> problems in qresult.c file.
>
> Details are as follows :
> 1.Potential Memory Leak problem
> qresult.c:962: in QR_next_tuple()
> 962 mres = CC_send_query(conn, movecmd, NULL, 0, stmt);
> There is a dynamically allocated memory in CC_send_query_append(...).
> If follow the below path, from here to RETURN (-1), the applied memory
> space is not free, so it is possiblehas to generate Memory
> Leak.
> ---------------------------------------------------------------
> qresult.c:963 - BranchNotTaken : Branch not taken: (mres != 0)
> qresult.c:971 - BranchTaken : Branch taken: (sscanf(mres->command, "MOVE
> %lu", (&moved)) > 0)
> qresult.c:974 - BranchTaken : Branch taken: (moved < movement)
> qresult.c:993 - BranchTaken : Branch taken: (2 == self->move_direction)
> qresult.c:998 - BranchTaken : Branch taken: (getNthValid(self, (<inline
> expression> - 1), 4, self->move_offset, (&backpt)) < 0)
> qresult.c:1004 - EndScope : RETURN(-1)

It seems a memory leak.
I would fix it.

> ---------------------------------------------------------------
>
> 2、Potential Null Dereference problem
> qresult.c:1691: in QR_read_a_tuple_from_db()
> 1691 &this_keyset->blocknum, &this_keyset->offset);
> qresult.c:1693: in QR_read_a_tuple_from_db()
> 1693 this_keyset->oid = strtoul(buffer, NULL, 10);
> Here reference to the this_keyset.
> If follow the below path,value of this_keyset is always NULL before
> referring to this_keyset, so it is possiblehas to generate Null
> Dereference possible.
> ---------------------------------------------------------------
> qresult.c:1571 - Assigned null : KeySet *this_keyset = NULL;
> qresult.c:1590 - BranchNotTaken : Branch not taken: (0 == (self->flags & 1))
> qresult.c:1624 - BranchTaken : Branch taken: (field_lf < ci_num_fields)
> qresult.c:1668 - BranchNotTaken : Branch not taken: (isnull == 0)
> qresult.c:1676 - BranchTaken : Branch taken: (field_lf >= effective_cols)
> qresult.c:1687 - BranchTaken : Branch taken: (field_lf >= effective_cols)

Though I'm suspcious if it could occur, I would check it.

Thanks.
Hiroshi Inoue

В списке pgsql-odbc по дате отправления:

Предыдущее
От: Michael Paquier
Дата:
Сообщение: Re: Facilitating page type detection
Следующее
От: matevzm
Дата:
Сообщение: Connction string lacks some options