[postgresql-interfaces/psqlodbc] PR #185: Avoid reading before leading string literals

postgresql-interfaces/psqlodbc GitHub issues and pull requests (mirror)  
help / color / mirror / Atom feed

From: jarvis24young (@jarvis24young) <[email protected]>
To: postgresql-interfaces/psqlodbc <[email protected]>
Subject: [postgresql-interfaces/psqlodbc] PR #185: Avoid reading before leading string literals
Date: Mon, 11 May 2026 08:59:38 +0000
Message-ID: <[email protected]> (raw)

This fixes a one-byte read before the start of the prepared SQL buffer when
parameter counting sees a leading string literal while
standard_conforming_strings is on.

Call chain reproduced through unixODBC with an ASan build:

- SQLPrepare(hstmt, "'abc'", SQL_NTS) copies the SQL into the statement buffer.
- SQLNumParams(hstmt, ...) calls PGAPI_NumParams().
- PGAPI_NumParams() calls SC_scanQueryAndCountParams().
- SC_scanQueryAndCountParams() saw the leading quote, CC_get_escape() returned 0, and the E'' prefix check read ENCODE_PTR(encstr)[-1].

ASan before the fix reported:

- heap-buffer-overflow READ of size 1
- statement.c:1125 in SC_scanQueryAndCountParams
- address located 1 byte before the buffer allocated by make_string() from PGAPI_Prepare()

The patch guards the E'' prefix check in the three scanner paths so the previous
byte is read only when the current scanner position is not at the beginning of
the SQL string. This preserves E'' handling and avoids changing normal literal
parsing.

Verification in WSL:

- Built psqlodbc with -fsanitize=address,undefined
- Reproduced the ASan failure before the fix with exe/leading-literal-numparams-test
- Rebuilt after the fix and confirmed the same test prints nparams=0 without ASan errors
- Ran the project harness: ./runsuite leading-literal-numparams --inputdir=. -> ok 1

view thread (2+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: github://postgresql-interfaces/psqlodbc
  Cc: [email protected], [email protected]
  Subject: Re: [postgresql-interfaces/psqlodbc] PR #185: Avoid reading before leading string literals
  In-Reply-To: <<[email protected]>>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox