This repository has been archived by the owner on Jan 29, 2023. It is now read-only.
malloc server_version result not correctly handled may lead to memory corruption #20
Labels
bug
Something isn't working
Comments
khoih-prog
added a commit
that referenced
this issue
Mar 12, 2022
### Release v1.6.1 1. Fix memory management bugs. Check [corrupt heap at MySQL_Connection destructor #19](#19) and [malloc server_version result not correctly handled may lead to memory corruption #20](#20) 2. Add support to SAMD21/SAMD51 boards using [Fab_SAM_Arduino core](https://github.com/qbolsee/ArduinoCore-fab-sam) 3. Add support to RP2040 boards using `Seeed RP2040 core` 4. Add `Packages' Patches` for [Fab_SAM_Arduino core](https://github.com/qbolsee/ArduinoCore-fab-sam)
khoih-prog
added a commit
that referenced
this issue
Mar 12, 2022
### Release v1.6.1 1. Fix memory management bugs. Check [corrupt heap at MySQL_Connection destructor #19](#19) and [malloc server_version result not correctly handled may lead to memory corruption #20](#20) 2. Add support to SAMD21/SAMD51 boards using [Fab_SAM_Arduino core](https://github.com/qbolsee/ArduinoCore-fab-sam) 3. Add support to RP2040 boards using `Seeed RP2040 core` 4. Add `Packages' Patches` for [Fab_SAM_Arduino core](https://github.com/qbolsee/ArduinoCore-fab-sam)
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I suggest to change in the function "void MySQL_Packet::parse_handshake_packet()"
where it says:
server_version = (char *) malloc(i - 5);
strncpy(server_version, (char *) &buffer[5], i - 5);
by this:
if (i>5) {
server_version = (char *) malloc(i - 5);
if (server_version) {
strncpy(server_version, (char *) &buffer[5], i - 5);
server_version[i-5-1]=0;
}
}
this modification will verify a correct malloc(), and a correct \0 at the end of the strncpy(), which is not added by strncpy()
The text was updated successfully, but these errors were encountered: