[unixODBC-support] Segmentation fault in case environment variables are too long

Mike mjbarsalou at gci.net
Fri Jan 23 01:02:17 GMT 2015


Quoting Michael KC6nig <michael.koenig at blue-yonder.com>:

> Hi!
>
> My team has encountered a bug in unixODBC 2.2.14, but it is still  
> present in more recent version as well.
> If you use environment variables such as HOME and ODBCSYSINI with  
> really long contents, segmentation faults
> occur.
>
> Here is a transcript of what happens:
>
>> echo $HOME
> /a/ridiculously/long/path/in/the/file/system/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789
>
>> echo $ODBCSYSINI
> /a/ridiculously/long/path/in/the/file/system/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789
>
>> isql "PostgreSQL R&D test database" -v
> Segmentation fault
>
>> export ODBCSYSINI=/some/short/path/
>> isql "PostgreSQL R&D test database" -v
> Segmentation fault
>
>> export HOME=/invalid/directory
>> isql "PostgreSQL R&D test database" -v
> +---------------------------------------+
> | Connected!                            |
> |                                       |
> | sql-statement                         |
> | help [tablename]                      |
> | quit                                  |
> |                                       |
> +---------------------------------------+
> SQL> quit
>
>> export  
>> HOME=/a/ridiculously/long/path/in/the/file/system/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789/0123456789
>> isql "PostgreSQL R&D test database" -v
> Segmentation fault
>
>> export ODBCSYSINI=$HOME
>> export HOME=/invalid/directory
>> isql "PostgreSQL R&D test database" -v
> Segmentation fault
>
>
> In above example, both the short path and the rediculously long path  
> contain a valid ODBC configuration with identical odbc.ini and  
> odbcinst.ini files.
>
> Essentially, environment variables are copied to buffers of fixed  
> lengths without checking their size first, leading to Bad Things.
> I propose to either do some proper buffer management or to abort  
> with a reasonable error message in case environment variables are  
> too long.
>
> We encountered this bug in real life. We operate an Apache Aurora  
> cluster and wanted to deploy an application in it which uses unixODBC.
> Aurora generates a sandbox for the application. In the event, the  
> HOME environment variable becomes really, really lengthy.
> We had to fix the HOME variable to an invalid folder, and use  
> relative folders for the ODBCSYSINI variable.
> I would prefer the "proper buffer management" solution so that we  
> can get rid of this workaround.
>
> Cheers
>
> Michael


Nice troubleshooting.  Looks thorough.

Any chance you have a patch too? :)

I'm sure Nick would be willing to entertain a change that would fix that.

Mike B.


More information about the unixODBC-support mailing list