Informix - Problembeschreibung
Problem IT27615 | Status: Geschlossen |
A SELECT STATEMENT ALLOWS A NEGATIVE SKIP VALUE WHICH LEADS TO MEMORY BLOCK CORRUPTIONS AND ASSERT CRASHES WITH VARIOUS STACKS | |
Produkt: | |
INFORMIX SERVER / 5725A3900 / C10 - IDS 12.10 | |
Problembeschreibung: | |
The stack can vary but the following was seen on the customers 12.10.FC10 instance ... 15:39:30 Found during mt_shm_malloc_segid 9 15:39:30 Pool '1007894' (0x7000001f20b6040) 15:39:30 Bad block header 0x7000002db268050 ... (oninit)mt_shm_malloc_segid (oninit)mt_malloc (oninit)old_do_rualloc (oninit)old_rualloc (oninit)chkralloc (oninit)sqmkcb (oninit)sq_cmnd (oninit)sq_prepare (oninit)sqmain Many stacks were observed. Here are a few ... (oninit)ridl_item (oninit)btnext_items_single (oninit)rsidxscan_read (oninit)fmidxscan_read (oninit)getbatchrow (oninit)readidx_new (oninit)gettupl (oninit)scan_next (oninit)getrow (oninit)fetchrow (oninit)exfetch (oninit)sql_nfetch (oninit)sq_nfetch (oninit)sqmain (oninit)rsidxscan_read (oninit)fmidxscan_read (oninit)getbatchrow (oninit)readidx_new (oninit)gettupl (oninit)scan_next (oninit)getrow (oninit)fetchrow (oninit)exfetch (oninit)sql_nfetch (oninit)sq_nfetch (oninit)sqmain There is a program that runs an SQL statement like the following ... "select skip ? first ? ..." where there is no check on the value passed in and it's possible to allow a negative value to be passed in for the skip. If you try the same SQL within dbaccess, the the hardcoded skip value is not allowed. | |
Problem-Zusammenfassung: | |
**************************************************************** * USERS AFFECTED: * * Users of IDS prior to 12.10.xC13. * **************************************************************** * PROBLEM DESCRIPTION: * * A select statement allows a negative skip value which leads * * to memory block corruptions and assert crashes with various * * stacks. * **************************************************************** * RECOMMENDATION: * **************************************************************** | |
Local-Fix: | |
Lösung | |
Workaround | |
keiner bekannt / siehe Local-Fix | |
Weitere Daten | |
Datum - Problem gemeldet : Datum - Problem geschlossen : Datum - der letzten Änderung: | 27.12.2018 03.10.2019 03.10.2019 |
Problem behoben ab folgender Versionen (IBM BugInfos) | |
12.10.xC13 | |
Problem behoben lt. FixList in der Version |