Thread: Some problem about malloc

Some problem about malloc

From
cobainpluto
Date:
09 July 2014, 14:00:07
Dear all，

According to Fortify analysis，I found that some other malloc results could not be judged. It is also likely to produce a Null Dereference.

Details are as follows :
---------------------------------------------------------------
psqlodbc.h:433: in STRN_TO_NAME()
432 (the_name).name = malloc((n) + 1); \
433 memcpy((the_name).name, str, (n)); \
---------------------------------------------------------------
Here，if malloc failed，the returned name should be NULL.The subsequent memcpy operation had the potential to produce Null Dereference. 
There are two similar situations:
---------------------------------------------------------------
dlg_specific.c:1577: in decode()
1572 outs = (char *) malloc(ilen + 1);
1577 outs[o++] = ' ';
---------------------------------------------------------------
---------------------------------------------------------------
multibyte.c:186: in check_client_encoding()
185 rptr = malloc(len + 1);
186 memcpy(rptr, sptr, len);
---------------------------------------------------------------

I think it might be a bug. 
Could you please check and revive it?
The attachments are related codes.
Thank you very much.

Best wishes~
Sincerely yours, 
pluto.cobain
Attachment

psqlodbc.zip