[Informixdb-cvs] informixdb/ext _informixdb.ec,1.86,1.87
Brought to you by:
chaese,
f-apolloner
Menu
▾
▴
[Informixdb-cvs] informixdb/ext _informixdb.ec,1.86,1.87
|
From: Carsten H. <ch...@us...> - 2006-12-29 03:43:45
|
Update of /cvsroot/informixdb/informixdb/ext In directory sc8-pr-cvs2.sourceforge.net:/tmp/cvs-serv29363/ext Modified Files: _informixdb.ec Log Message: Fix a rare "bogus free()" bug that was uncovered by a fuzz test from http://seclists.org/fulldisclosure/2006/Dec/0190.html Index: _informixdb.ec =================================================================== RCS file: /cvsroot/informixdb/informixdb/ext/_informixdb.ec,v retrieving revision 1.86 retrieving revision 1.87 diff -C2 -d -r1.86 -r1.87 *** _informixdb.ec 23 Dec 2006 05:40:14 -0000 1.86 --- _informixdb.ec 29 Dec 2006 03:43:36 -0000 1.87 *************** *** 2571,2575 **** } $ifdef HAVE_ESQL9; ! if (ISSMARTBLOB(da->sqlvar[i].sqltype,da->sqlvar[i].sqlxid)) { free(da->sqlvar[i].sqldata); } --- 2571,2575 ---- } $ifdef HAVE_ESQL9; ! if (ISSMARTBLOB(cur->originalType[i],cur->originalXid[i])) { free(da->sqlvar[i].sqldata); } |
