Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 3043608

Browse files
committed
ecpg: Fix off-by-one error in memory copying
In a rare case, one byte past the end of memory belonging to the sqlca_t structure would be written to. found by Coverity
1 parent 6f59d42 commit 3043608

File tree

1 file changed

+1
-1
lines changed
  • src/interfaces/ecpg/ecpglib

1 file changed

+1
-1
lines changed

src/interfaces/ecpg/ecpglib/misc.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -530,7 +530,7 @@ ECPGset_var(int number, void *pointer, int lineno)
530530
struct sqlca_t *sqlca = ECPGget_sqlca();
531531

532532
sqlca->sqlcode = ECPG_OUT_OF_MEMORY;
533-
strncpy(sqlca->sqlstate, "YE001", sizeof("YE001"));
533+
strncpy(sqlca->sqlstate, "YE001", sizeof(sqlca->sqlstate));
534534
snprintf(sqlca->sqlerrm.sqlerrmc, sizeof(sqlca->sqlerrm.sqlerrmc), "out of memory on line %d", lineno);
535535
sqlca->sqlerrm.sqlerrml = strlen(sqlca->sqlerrm.sqlerrmc);
536536
/* free all memory we have allocated for the user */

0 commit comments

Comments
 (0)