Menu
▾
▴
[mdb-dev] mdb-export problem and fix
|
From: Pete Y. <pm...@vi...> - 2006-06-12 21:01:54
|
Hi,
I'm running mdbtools-0.6pre1. I have a Jet4 MDB file that mdb-export was
having some trouble reading. It would get about halfway through the
rows, then die with a segfault. Using gdb, I traced the problem to line
1062 in src/libmdb/data.c. The segfault was in a call to strncpy().
Specifically,
if (mdb->pg_buf[start]==0xff &&
mdb->pg_buf[start+1]==0xfe) {
strncpy(text, &mdb->pg_buf[start+2], size-2);
text[size-2]='\0';
At the top of the containing routine, "text" is declared:
static char text[MDB_BIND_SIZE];
It occurred to me that "size-2" might be evaluating to something greater
than MDB_BIND_SIZE for whatever reason, so I injected a little code
before the strncpy() call to limit the size parameter to MDB_BIND_SIZE.
The segfault went away and mdb-export ran successfully. In doing this, I
may be truncating a chunk of incoming MDB data, but I'll worry about
that later. Just thought someone might want to know about this, if it's
not already known.
--
Pete Yadlowsky
ITC Unix Systems Support
University of Virginia
|
