Old style C functions `strcpy()`, `strcat()` and `sprintf()` are vulnerable to
security issues due to lacking memory boundary checks. Replace these in the
Connect storage engine with safe new and/or custom functions such as
`snprintf()` `safe_strcpy()` and `safe_strcat()`.
With this change FlawFinder and other static security analyzers report 287
fewer findings.
All new code of the whole pull request, including one or several files that are
either new files or modified ones, are contributed under the BSD-new license. I
am contributing on behalf of my employer Amazon Web Services, Inc.
The MariaDB code base uses strcat() and strcpy() in several
places. These are known to have memory safety issues and their usage is
discouraged. Common security scanners like Flawfinder flags them. In MariaDB we
should start using modern and safer variants on these functions.
This is similar to memory issues fixes in 19af1890b5
and 9de9f105b5 but now replace use of strcat()
and strcpy() with safer options strncat() and strncpy().
However, add '\0' forcefully to make sure the result string is correct since
for these two functions it is not guaranteed what new string will be null-terminated.
Example:
size_t dest_len = sizeof(g->Message);
strncpy(g->Message, "Null json tree", dest_len); strncat(g->Message, ":",
sizeof(g->Message) - strlen(g->Message)); size_t wrote_sz = strlen(g->Message);
size_t cur_len = wrote_sz >= dest_len ? dest_len - 1 : wrote_sz;
g->Message[cur_len] = '\0';
All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the BSD-new
license. I am contributing on behalf of my employer Amazon Web Services
-- Reviewer and co-author Vicențiu Ciorbaru <vicentiu@mariadb.org>
-- Reviewer additions:
* The initial function implementation was flawed. Replaced with a simpler
and also correct version.
* Simplified code by making use of snprintf instead of chaining strcat.
* Simplified code by removing dynamic string construction in the first
place and using static strings if possible. See connect storage engine
changes.
Continue with similar changes as done in 19af1890 to replace sprintf(buf, ...)
with snprintf(buf, sizeof(buf), ...), specifically in the "easy" cases where buf
is allocated with a size known at compile time.
All new code of the whole pull request, including one or several files that are
either new files or modified ones, are contributed under the BSD-new license. I
am contributing on behalf of my employer Amazon Web Services, Inc.
This commit replaces sprintf(buf, ...) with
snprintf(buf, sizeof(buf), ...),
specifically in the "easy" cases where buf is allocated with a size
known at compile time.
The changes make sure we are not write outside array/string bounds which
will lead to undefined behaviour. In case the code is trying to write
outside bounds - safe version of functions simply cut the string
messages so we process this gracefully.
All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the BSD-new
license. I am contributing on behalf of my employer Amazon Web Services,
Inc.
bsonudf.cpp warnings cleanup by Daniel Black
Reviewer: Daniel Black
modified: storage/connect/bsonudf.cpp
modified: storage/connect/jsonudf.cpp
- Stringify option is now a ; separated list of columns
modified: storage/connect/json.cpp
modified: storage/connect/json.h
modified: storage/connect/mongo.h
modified: storage/connect/tabbson.cpp
modified: storage/connect/tabcmg.cpp
modified: storage/connect/tabcmg.h
modified: storage/connect/tabjmg.cpp
modified: storage/connect/tabjmg.h
modified: storage/connect/tabjson.cpp
- PrepareColist not a static function anymore (+ typo)
modified: storage/connect/taboccur.cpp
- JDVC: Recognize schema (database) from a wrapper server
modified: storage/connect/tabjdbc.cpp
- Limit decimals of doubles printed from MongoDB
Done in function Mini for Mongo C Driver and Java Driver
Done in function SerializeValue for Java tables using the J Driver
modified: storage/connect/cmgoconn.cpp
modified: storage/connect/json.cpp
modified: storage/connect/json.h
modified: storage/connect/tabjmg.cpp
- Fix crash when using BSON_TYPE_DECIMAL128
modified: storage/connect/cmgoconn.cpp
- Collection name default to table name
Fix it when creating tables via discovery
modified: storage/connect/ha_connect.cc
modified: storage/connect/tabbson.cpp
modified: storage/connect/tabjson.cpp
Add negative array indexes starting from the last
modified: storage/connect/bson.cpp
modified: storage/connect/bsonudf.cpp
modified: storage/connect/json.cpp
Occuring when inserting more than one line in one statement.
modified: storage/connect/json.cpp
- Fix a wrong if statement
modified: storage/connect/tabjson.cpp
- Continue BSON implementation
modified: storage/connect/bson.cpp
modified: storage/connect/bson.h
modified: storage/connect/filamtxt.cpp
modified: storage/connect/filamtxt.h
modified: storage/connect/tabbson.cpp
modified: storage/connect/tabbson.h
- No need anymore
deleted: storage/connect/mysql-test/connect/r/bson.result
deleted: storage/connect/mysql-test/connect/t/bson.test
Also add a new member Saved_Size in the Global structure.
modified: storage/connect/global.h
modified: storage/connect/plugutil.cpp
modified: storage/connect/user_connect.cc
modified: storage/connect/jsonudf.cpp
- Add session variables json_all_path and default_depth
modified: storage/connect/ha_connect.cc
modified: storage/connect/mongo.cpp
modified: storage/connect/tabjson.cpp
modified: storage/connect/tabxml.cpp
- ADD column options JPATH and XPATH
Work as FIELD_FORMAT but are more readable
modified: storage/connect/ha_connect.cc
modified: storage/connect/ha_connect.h
modified: storage/connect/mysql-test/connect/r/json_java_2.result
modified: storage/connect/mysql-test/connect/r/json_java_3.result
modified: storage/connect/mysql-test/connect/r/json_mongo_c.result
- Handle negative numbes in the option list
modified: storage/connect/ha_connect.cc
- Fix Json parse that could crash the server.
Was because it could use THROW out of the TRY block.
Also handle all error by THROW.
It is now done by a new class JSON.
modified: storage/connect/json.cpp
modified: storage/connect/json.h
- Add a new UDF function jfile_translate.
It translate a Json file to pretty = 0.
Fast because it does not a real parse of the file.
modified: storage/connect/jsonudf.cpp
modified: storage/connect/jsonudf.h
- Add a now options JSIZE and STRINGIFY to Json tables.
STRINGIFY makes Objects or Arrays to be returned by their
json representation instead of by their concatenated values.
JSIZE allows to specify the LRECL (was 256) defaults to 1024.
Also fix a bug about locating the sub-table by its path.
modified: storage/connect/tabjson.cpp
modified: storage/connect/tabjson.h
All variables handling sizes that were uint are now size_t.
The variable connect_work_size is now ulong (was uint);
Also make Json functiosn to allocate a larger memory (M=9 was 7)
modified: storage/connect/global.h
modified: storage/connect/ha_connect.cc
modified: storage/connect/json.cpp
modified: storage/connect/jsonudf.cpp
modified: storage/connect/plgdbutl.cpp
modified: storage/connect/plugutil.cpp
modified: storage/connect/user_connect.cc
- Fix uninitialised variable (pretty) in Json_File.
Make Jbin_file accept the same arguments as Json_File ones.
modified: storage/connect/jsonudf.cpp
- Change the Level option to Depth (the word currently used)
(Level being still accepted)
modified: storage/connect/mongo.cpp
modified: storage/connect/tabjson.cpp
modified: storage/connect/tabxml.cpp
- Suppress 2nd argument default value for MYSQLtoPLG function
modified: storage/connect/myutil.h
- Allow REST tables to be create not specifying a file_name
modified: storage/connect/tabrest.cpp
in JVALUE::GetString
modified: storage/connect/json.cpp
modified: storage/connect/json.h
modified: storage/connect/jsonudf.cpp
- Fix a compiler bug happening on some configuration and platforms
in JSNX::CalculateArray
modified: storage/connect/jsonudf.cpp
- Set default Schema as current directory
This fix several bugs like:
Fail to make JSON catalog tables
Fail to use zipped file made by a file LOAD
modified: storage/connect/reldef.cpp
modified: storage/connect/tabjson.cpp
modified: storage/connect/tabjson.h
modified: storage/connect/ha_connect.cc
Add conditional SE exception support
modified: storage/connect/json.cpp
modified: storage/connect/plgdbutl.cpp
Change %p in %x in some sprintf functions.
This to avoid some compiler warnings.
modified: storage/connect/tabwmi.cpp
modified: storage/connect/tabxml.cpp
modified: storage/connect/value.h
Add JavaWrappers.jar to the class path
modified: storage/connect/jdbconn.cpp
Fix wrong declare (char *buf[256]; --> char buf[256];)
modified: storage/connect/xindex.cpp
Always return NULL on error.
Adding also the file length.
modified: storage/connect/json.cpp
modified: storage/connect/jsonudf.cpp
- JSONCOL::WriteColumn Add types SHORT and BIGINT as accepted
modified: storage/connect/tabjson.cpp
- TDBJSN: Make this type use a separate storage for Json parsing
and retrieve this memory between each rows. This is necessary
to be able to handle big tables. See MDEV-9228.
modified: storage/connect/tabjson.cpp
modified: storage/connect/tabjson.h