[PUSHED] Re: [PATCH] [REVIEW:3-5,3-4] odbc 64 bits crash

Michael Stahl mstahl at redhat.com
Tue Feb 14 07:28:25 PST 2012

On 14/02/12 15:37, Lionel Elie Mamane wrote:
> Yet another odbc on 64 bit crash because of wrong buffer size. This is
> supposed to be a SQLLEN but was hardcoded as 4 bytes.
> You can see that e.g. in
> connectivity/source/drivers/odbcbase/OPreparedStatement.cxx,
> OPreparedStatement::setNull:
>     sal_Int8* lenBuf = getLengthBuf (parameterIndex);
>     *(SQLLEN*)lenBuf = SQL_NULL_DATA;
> getLengthBuf just returns the paramLength member of the corresponding
> OBoundParam.
> On my machine in my (debug) build, that (or maybe some other piece of
> code, such as

> would overwrite malloc's metadata, and thus in the OBoundParameter destructor:
>     delete [] paramLength;
> would call abort() because "bad pointer".


> Please apply to libreoffice-3-4 and libreoffice-3-5.

pushed to both:



More information about the LibreOffice mailing list