[sr-dev] git:3.3: modules/db_postgres: libpq requires null terminated string, but Kamailio internal str type is not (necessarily) null-terminated

Peter Dunkley peter.dunkley at crocodile-rcs.com
Tue Aug 21 16:23:15 CEST 2012


Module: sip-router
Branch: 3.3
Commit: fb51d3815292c27245b26d1f4a4f6c9b190f9200
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=fb51d3815292c27245b26d1f4a4f6c9b190f9200

Author: Peter Dunkley <peter.dunkley at crocodile-rcs.com>
Committer: Peter Dunkley <peter.dunkley at crocodile-rcs.com>
Date:   Tue Aug 21 15:19:51 2012 +0100

modules/db_postgres: libpq requires null terminated string, but Kamailio internal str type is not (necessarily) null-terminated

- Found and fixed by Paul Pankhurst @ Crocodile RCS
(cherry picked from commit f20713462410211370e762abb463f0ceafd36d8d)

---

 modules/db_postgres/km_dbase.c |   16 +++++++++++++++-
 1 files changed, 15 insertions(+), 1 deletions(-)

diff --git a/modules/db_postgres/km_dbase.c b/modules/db_postgres/km_dbase.c
index d2be696..6c21b05 100644
--- a/modules/db_postgres/km_dbase.c
+++ b/modules/db_postgres/km_dbase.c
@@ -163,6 +163,7 @@ void db_postgres_close(db1_con_t* _h)
  */
 static int db_postgres_submit_query(const db1_con_t* _con, const str* _s)
 {
+	char *s=NULL;
 	int i, retries;
 	ExecStatusType pqresult;
 
@@ -199,17 +200,29 @@ static int db_postgres_submit_query(const db1_con_t* _con, const str* _s)
 	else
 		retries = pg_retries;
 
+	s = pkg_malloc((_s->len+1)*sizeof(char));
+	if (s==NULL)
+	{
+		LM_ERR("%p db_postgres_submit_query Out of Memory: Query: %.*s\n", _con, _s->len, _s->s);
+		return -1;
+	}
+
+	memcpy( s, _s->s, _s->len );
+	s[_s->len] = '\0';
+
 	for(i = 0; i <= retries; i++) {
 		/* free any previous query that is laying about */
 		db_postgres_free_query(_con);
 		/* exec the query */
-		if (PQsendQuery(CON_CONNECTION(_con), _s->s)) {
+
+		if (PQsendQuery(CON_CONNECTION(_con), s)) {
 			pqresult = PQresultStatus(CON_RESULT(_con));
 			if((pqresult!=PGRES_FATAL_ERROR)
 					|| (PQstatus(CON_CONNECTION(_con))==CONNECTION_OK))
 			{
 				LM_DBG("sending query ok: %p (%d) - [%.*s]\n",
 						_con, pqresult, _s->len, _s->s);
+				pkg_free(s);
 				return 0;
 			}
 			LM_WARN("postgres result check failed with code %d (%s)\n",
@@ -226,6 +239,7 @@ static int db_postgres_submit_query(const db1_con_t* _con, const str* _s)
 	}
 	LM_ERR("%p PQsendQuery Error: %s Query: %.*s\n", _con,
 	PQerrorMessage(CON_CONNECTION(_con)), _s->len, _s->s);
+	pkg_free(s);
 	return -1;
 }
 




More information about the sr-dev mailing list