Trafodion

Possible memory corruption with user and role names

Bug #1370740 reported by Roberta Marton on 2014-09-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Trafodion	Fix Released	Medium	Cliff Gray	Trafodion r1.1

Bug Description

The person that designed and implemented this function did not include a length parameter on purpose. The intention that only the cli GET_SESSION calls and ComUser class will call these functions. Both these places do check for lengths. However, to avoid issues going forward, more care is needed to avoid memory overruns in case someone calls this function with an incorrect buffer size.

Tags:

Revision history for this message

Roberta Marton (roberta-marton) wrote on 2014-09-17:

Forgot to mention the functions - it is part of the authQuery mechanism found in Context.cpp

Changed in trafodion:
importance:	Undecided → Medium
assignee:	nobody → Cliff Gray (cliff-gray)

Roberta Marton (roberta-marton) on 2014-09-17

tags:

added: sql-security

Paul Low (paul-low-x) on 2014-12-22

Changed in trafodion:
milestone:	none → r1.1

Cliff Gray (cliff-gray) on 2015-01-22

Changed in trafodion:
status:	New → In Progress

Revision history for this message

Cliff Gray (cliff-gray) wrote on 2015-01-23:

Fix is ready, will deliver when r1.0 is complete.

Revision history for this message

Cliff Gray (cliff-gray) wrote on 2015-02-09:

Fix delivered in 1082.

Changed in trafodion:
status:	In Progress → Fix Committed

Paul Low (paul-low-x) on 2015-02-23

Changed in trafodion:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.