Displaying 1 result from an estimated 1 matches for "sql_valsize".
2017 Oct 19
0
[Bug 1193] New: Incorrect malloc for SQL statements and missing strings length check
...nstead of setting its value to NULL but i am unsure on how
to do that properly.
Patch on the 2.0.5 codebase :
--- util/db.c 2014-03-23 16:30:50.000000000 +0100
+++ util/db.c 2017-10-02 18:09:02.069746918 +0200
@@ -57,7 +57,8 @@
}
#define SQL_INSERTTEMPL "SELECT P(Y)"
-#define SQL_VALSIZE 100
+/* Maximum string length (non-escaped), will be replaced with NULL if longer
*/
+#define SQL_STRINGSIZE 255
/* create the static part of our insert statement */
static int sql_createstmt(struct ulogd_pluginstance *upi)
@@ -78,13 +79,35 @@
for (i = 0; i < upi->input.num_keys...