This repository was archived by the owner on Jan 29, 2023. It is now read-only.
This repository was archived by the owner on Jan 29, 2023. It is now read-only.
malloc server_version result not correctly handled may lead to memory corruption #20
Description
I suggest to change in the function "void MySQL_Packet::parse_handshake_packet()"
where it says:
server_version = (char *) malloc(i - 5);
strncpy(server_version, (char *) &buffer[5], i - 5);
by this:
if (i>5) {
server_version = (char *) malloc(i - 5);
if (server_version) {
strncpy(server_version, (char *) &buffer[5], i - 5);
server_version[i-5-1]=0;
}
}
this modification will verify a correct malloc(), and a correct \0 at the end of the strncpy(), which is not added by strncpy()