lsm/mdbtools
1
0
Fork 0
mirror of https://github.com/mdbtools/mdbtools.git synced 2025-04-05 04:17:06 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improved bounds checking

Browse Source
This commit is contained in:
Evan Miller 2021-09-08 06:37:51 -04:00
parent 4369721363
commit c137d64d13
1 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/odbc/odbc.c
View File

@ -1984,14 +1984,14 @@ SQLRETURN SQL_API SQLDataSources(
static int _odbc_fix_literals(struct _hstmt *stmt)
{
char tmp[4096],begin_tag[11];
char tmp[4096];
char *s, *d, *p;
int i, quoted = 0, find_end = 0;
char quote_char;
s=stmt->query;
d=tmp;
while (*s) {
while (*s && d<tmp+sizeof(tmp)) {
if (!quoted && (*s=='"' || *s=='\'')) {
quoted = 1;
quote_char = *s;
@ -2006,9 +2006,7 @@ static int _odbc_fix_literals(struct _hstmt *stmt)
/* garbage */
*d++=*s++;
} else {
strncpy(begin_tag, s, i);
begin_tag[i] = '\0';
/* printf("begin tag %s\n", begin_tag); */
/* printf("begin tag %.*s\n", i, s); */
s += i;
find_end = 1;
}
@ -2016,8 +2014,8 @@ static int _odbc_fix_literals(struct _hstmt *stmt)
*d++=*s++;
}
}
*d='\0';
strcpy(stmt->query,tmp);
snprintf(stmt->query, sizeof(stmt->query), "%.*s", (int)(d-tmp), tmp);
return 0;
}