Details
-
Bug
-
Resolution: Fixed
-
P3: Somewhat important
-
5.15.12, 6.0.4, 6.1.3, 6.2, 6.3.2, 6.4.2, 6.5.0 Beta2
-
None
-
efce30bb4 (dev)
Description
The documentation (https://learn.microsoft.com/en-us/sql/odbc/reference/syntax/sqlgetdata-function?view=sql-server-ver16) of SQLGetData() says that the TargetValuePtr "cannot be NULL". Yet, qGetStringData() passes NULL on the first call, in order to read the lengthIndicator. The following code doesn't depend on a successful first SQLGetData() call, so at best it's a no-op, at worst, a driver will take the "cannot be NULL" at face value and deref it unconditionally, exposing the UB.
It's also completely pointless. We use QVLA as the target buffer, so there's no performance drawback to offering the whole inline capacity() of the QVLA up-front, and see whether it's sufficient to hold the data already.
The code should also be reviewed on correct implementation of the protocol specified in the second paragraph of https://learn.microsoft.com/en-us/sql/odbc/reference/syntax/sqlgetdata-function?view=sql-server-ver16#retrieving-variable-length-data-in-parts This reporter didn't do that.
Attachments
Issue Links
- is duplicated by
-
-
- Closed
-
| For Gerrit Dashboard: QTBUG-110803 | ||||||
|---|---|---|---|---|---|---|
| # | Subject | Branch | Project | Status | CR | V |
| 458405,7 | ODBC/SQL: Fix usage of SQLGetData | dev | qt/qtbase | Status: MERGED | +2 | 0 |