[unixODBC-support] Rif: Re: Rif: Re: Segmentation Fault on Centos 7 when Connection Pooling Enable

Nick Gorham nick at lurcher.org
Wed Jan 11 17:45:55 GMT 2017

On 11/01/17 17:24, Davide Pagnin wrote:
> Hi,
> I'd rather be able to contribute more constructively to
> the discussion but as I said my skills as a programmer are limited.
> With regard to the doubts about the security risks of the ability to reuse
> the same connection after the environment has been released, I would 
> like to
> understand what further security risks are posed than what is written
> in this presentation of the connection pooling for unixODBC:
> http://www.unixodbc.org/doc/conn_pool.html
> In my opinion, if the security risks/concerns are prevalent, the 
> simple answer
> is to not use connection pooling at all.

Yes, I tend to agree with that.
> So, may be keeping the connection open and put the environment to NULL 
> could
> be a acceptable compromise, but perhaps even this choice will not make 
> pooling "work",
> as we saw it working on windows.
> Anyway, our application is written in php, we are using pdo_odbc, I 
> asked my collegues
> if they can "mantain" the environment, but they said that they are not 
> aware of a way
> of keeping the environment outside of the same php script, which they 
> already do.
> May be you know how to do?
> Regards

Ok, as always, I prefer to solve the current problem rather than make a 
lot of work that solves a problem that no one actually has. So I have 
made a simple change to the the code on the ftp site unixODBC-2.3.5-pre 
that should avoid the problem of the old env handle causing a seg fault, 
but allow the orphaned pooled connection to be reused.

Can you give that code a try and see how it plays.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.unixodbc.org/pipermail/unixodbc-support/attachments/20170111/ac558af3/attachment.html>

More information about the unixODBC-support mailing list