fix(column): guard negative/oversized SQL_LEN in BindableColumn.Value#225
Open
SAY-5 wants to merge 1 commit into
Open
fix(column): guard negative/oversized SQL_LEN in BindableColumn.Value#225SAY-5 wants to merge 1 commit into
SAY-5 wants to merge 1 commit into
Conversation
BindableColumn.Value sliced c.Buffer[:c.Len] without checking sign or upper bound. Some drivers (observed on DB2 for CHAR columns when the DSN is configured for UTF-8 encoding, where the ODBC library miscalculates bounds for multi-byte UTF-8 values in fixed-length columns) return a negative SQL_LEN. The slice expression panicked with 'slice bounds out of range [:-4]', unwinding database/sql's Rows.Next through the caller's query handler. Reject any SQL_LEN that is negative or larger than len(c.Buffer) with an actionable error naming the column index and the out-of-range length. Happy-path values (0 <= c.Len <= len(c.Buffer)) are unchanged. Refs alexbrainman/odbc issue 224. Signed-off-by: SAY-5 <say.apm35@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #224.
Problem
BindableColumn.Valueslicesc.Buffer[:c.Len]without checking the sign or upper bound ofc.Len. Some drivers (observed on DB2 when the DSN is configured for UTF-8 encoding, where the ODBC stack miscalculates bounds for multi-byte UTF-8 values in fixed-length CHAR columns) return a negativeSQL_LEN. The slice expression panics:and unwinds the caller's query path entirely.
Fix
Reject any
SQL_LENthat is negative or larger thanlen(c.Buffer)with an actionable error naming the column index and out-of-range length. Happy-path values (0 <= c.Len <= len(c.Buffer)) are unchanged.Test
gofmtclean. The package does not cross-build on darwin without a platform ODBC SDK, so I could not run the full test suite locally; the guard is additive and returns an error on the previously panicking path.