libdbd-firebird-perl might cause a buffer overflow when truncating text or varchar fields
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libdbd-firebird-perl (Debian) |
Fix Released
|
Unknown
|
|||
libdbd-firebird-perl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned | ||
Trusty |
Triaged
|
High
|
Unassigned | ||
Utopic |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
When truncating a varchar or text field libdbd-
When truncating either SQL_VARYING or SQL_TEXT libdbd-
The bug is in ./libdbd-
Attached is a possible fix that increases the size of the fixed-sized buffer to 100 bytes and prevents a buffer overflow by using snprintf instead of sprintf.
CVE References
information type: | Public → Public Security |
information type: | Public Security → Public |
information type: | Public → Public Security |
Changed in libdbd-firebird-perl (Debian): | |
status: | Unknown → Fix Released |
Changed in libdbd-firebird-perl (Ubuntu Trusty): | |
importance: | Undecided → High |
status: | Confirmed → Triaged |
The previous patch contained the wrong buffer size for SQL_TEXT