diff --git a/checkin_notes b/checkin_notes index 637ac32c20..254d5c1092 100755 --- a/checkin_notes +++ b/checkin_notes @@ -22454,3 +22454,12 @@ David 9 Jan 2005 Rom 9 Jan 2005 (boinc) - Tag for 4.58 release, all platforms boinc_core_release_4_58 + +David 9 Jan 2005 + - fix a buffer overrun problem by using std::string + in DB_BASE::insert_batch() + + db/ + db_base.C,h + sched/ + transitioner.C diff --git a/db/db_base.C b/db/db_base.C index 191c650646..e6505c433a 100644 --- a/db/db_base.C +++ b/db/db_base.C @@ -88,10 +88,10 @@ int DB_BASE::insert() { return db->do_query(query); } -int DB_BASE::insert_batch(const char* values) { - char query[MAX_QUERY_LEN]; - sprintf(query, "insert into %s values %s", table_name, values); - return db->do_query(query); +int DB_BASE::insert_batch(std::string& values) { + std::string query; + query = "insert into " + std::string(table_name) + " values " + values; + return db->do_query((char*)query.c_str()); } // update an entire record diff --git a/db/db_base.h b/db/db_base.h index 21487a15ab..fd0768c95f 100644 --- a/db/db_base.h +++ b/db/db_base.h @@ -79,7 +79,7 @@ class DB_BASE { public: DB_BASE(char *table_name, DB_CONN*); int insert(); - int insert_batch(const char*); + int insert_batch(std::string&); int update(); int update_field(char*); int delete_from_db(); diff --git a/sched/transitioner.C b/sched/transitioner.C index 91c980d02a..863f9ff91c 100644 --- a/sched/transitioner.C +++ b/sched/transitioner.C @@ -322,7 +322,7 @@ int handle_wu( } #ifdef BATCH_INSERT DB_RESULT r; - retval = r.insert_batch(values.c_str()); + retval = r.insert_batch(values); if (retval) { log_messages.printf( SCHED_MSG_LOG::CRITICAL,