According to Fortify analysis,I found that some other malloc results could not be judged. It is also likely to produce a Null Dereference.
Details are as follows : --------------------------------------------------------------- psqlodbc.h:433: in STRN_TO_NAME() 432 (the_name).name = malloc((n) + 1); \ 433 memcpy((the_name).name, str, (n)); \ --------------------------------------------------------------- Here,if malloc failed,the returned name should be NULL.The subsequent memcpy operation had the potential to produce Null Dereference. There are two similar situations: --------------------------------------------------------------- dlg_specific.c:1577: in decode() 1572 outs = (char *) malloc(ilen + 1); 1577 outs[o++] = ' '; --------------------------------------------------------------- --------------------------------------------------------------- multibyte.c:186: in check_client_encoding() 185 rptr = malloc(len + 1); 186 memcpy(rptr, sptr, len); ---------------------------------------------------------------
I think it might be a bug. Could you please check and revive it? The attachments are related codes. Thank you very much.
