Skip to content

Commit 9ddda58

Browse files
peterepetere
committed
ecpg: Fix off-by-one error in memory copying
In a rare case, one byte past the end of memory belonging to the sqlca_t structure would be written to. found by Coverity
1 parent b108a77 commit 9ddda58

File tree

1 file changed

+1
-1
lines changed
  • src/interfaces/ecpg/ecpglib

1 file changed

+1
-1
lines changed

src/interfaces/ecpg/ecpglib/misc.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -532,7 +532,7 @@ ECPGset_var(int number, void *pointer, int lineno)
532532
struct sqlca_t *sqlca = ECPGget_sqlca();
533533

534534
sqlca->sqlcode = ECPG_OUT_OF_MEMORY;
535-
strncpy(sqlca->sqlstate, "YE001", sizeof("YE001"));
535+
strncpy(sqlca->sqlstate, "YE001", sizeof(sqlca->sqlstate));
536536
snprintf(sqlca->sqlerrm.sqlerrmc, sizeof(sqlca->sqlerrm.sqlerrmc), "out of memory on line %d", lineno);
537537
sqlca->sqlerrm.sqlerrml = strlen(sqlca->sqlerrm.sqlerrmc);
538538
/* free all memory we have allocated for the user */

0 commit comments

Comments
 (0)