Re: Returning non-terminated string in ECPG Informix-compatible function

On Mon, Jan 29, 2024 at 2:17 PM <o.tselebrovskiy@postgrespro.ru> wrote:
>
> Greetings, everyone!
>
> While analyzing output of Svace static analyzer [1] I've found a bug.
>
> In function intoasc(interval * i, char *str) from file
> src/interfaces/ecpg/compatlib/informix.c
> we return a non-terminated string since we use memcpy on tmp which is
> itself NULL-teminated but
> last zero byte is not copied.
>
> The proposed solution is to use strcpy instead, since it is used in all
> other functions in informix.c.
>
> The patch is attached.
>
> [1] - https://svace.pages.ispras.ru/svace-website/en/
>

Can you please add a test case showcasing the bug? I see dttoasc()
uses strcpy(). So there's already a precedence.

--
Best Wishes,
Ashutosh Bapat