Skip to content

Commit 6e937f0

Browse files
Ev3ntbogdan.khavronin
authored and
dyemanov
committed
Merge commit from fork
* vulnerability fix * stylistic changes that make code smoother * Revert "stylistic changes that make code smoother" This reverts commit bea0aa89e142ed41d596c4afee4b731141cbbc8a. * Revert "vulnerability fix" This reverts commit c1ea7b73aad36baf3489aa182a951a1a9e5fe716. * vulnerability fix --------- Co-authored-by: bogdan.khavronin <bogdan.khavronin@red-soft.ru>
1 parent 429f53d commit 6e937f0

1 file changed

Lines changed: 4 additions & 2 deletions

File tree

src/remote/server/server.cpp

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -429,6 +429,7 @@ void loginSuccess(const string& login, const string& remId)
429429
remoteFailedLogins->loginSuccess(remId);
430430
}
431431

432+
static const unsigned SEGMENT_DATA_SIZE = 254;
432433

433434
template <typename T>
434435
static void getMultiPartConnectParameter(T& putTo, Firebird::ClumpletReader& id, UCHAR param)
@@ -458,9 +459,10 @@ static void getMultiPartConnectParameter(T& putTo, Firebird::ClumpletReader& id,
458459
}
459460
checkBytes[offset] = 1;
460461

461-
offset *= 254;
462+
offset *= SEGMENT_DATA_SIZE;
462463
++specData;
463-
putTo.grow(offset + len);
464+
if (offset + len > putTo.getCount())
465+
putTo.grow(offset + len);
464466
memcpy(&putTo[offset], specData, len);
465467
}
466468
}

0 commit comments

Comments
 (0)