Menu
▾
▴
Re: [Firebird-devel] Sanity checks for methods' parameters in Y-valve
|
From: Alex P. <pes...@ma...> - 2022-09-15 16:08:33
|
On 9/15/22 18:56, Dimitry Sibiryakov wrote: > Hello All. > > If someone by mistake calls IStatement::execute() providing metadata > but no data buffer, it will pass the values as is to a provider and > overall result will be segfault. > Shouldn't some sanity checks to be performed there? > Not sure. Check for nullptr is really simple but what if user sends garbage instead data buffer address? Luckily that segfault will never disturb remote server - only client or embedded which can suffer same way from any segfault in user process. I do not want to say segfault is good thing and will not provide as a sample trivial things like strcpy() - but almost any function in C library will segfault when passed wrong address of some data. |
