From 853426f500b57ee6467f6c8225beb5c77f5b963c Mon Sep 17 00:00:00 2001 From: Galen Charlton Date: Tue, 15 Jan 2013 11:30:41 -0500 Subject: [PATCH] LP#1098377: protect against even more cstore segfaults Following up on the preceding patch, passing null as the savepoint name to savepoint.release and savepoint.rollback would also segfault cstore. Signed-off-by: Galen Charlton Signed-off-by: Bill Erickson --- Open-ILS/src/c-apps/oils_sql.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c index 18b0f9c906..c67362b8c0 100644 --- a/Open-ILS/src/c-apps/oils_sql.c +++ b/Open-ILS/src/c-apps/oils_sql.c @@ -969,6 +969,12 @@ int releaseSavepoint( osrfMethodContext* ctx ) { // Get the savepoint name from the method params const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) ); + + if (!spName) { + osrfLogWarning(OSRF_LOG_MARK, "savepoint.release called with no name"); + return -1; + } + char *safeSpName = _sanitize_savepoint_name( spName ); dbi_result result = dbi_conn_queryf( writehandle, "RELEASE SAVEPOINT \"%s\";", safeSpName ); @@ -1042,6 +1048,12 @@ int rollbackSavepoint( osrfMethodContext* ctx ) { // Get the savepoint name from the method params const char* spName = jsonObjectGetString( jsonObjectGetIndex(ctx->params, spNamePos) ); + + if (!spName) { + osrfLogWarning(OSRF_LOG_MARK, "savepoint.rollback called with no name"); + return -1; + } + char *safeSpName = _sanitize_savepoint_name( spName ); dbi_result result = dbi_conn_queryf( writehandle, "ROLLBACK TO SAVEPOINT \"%s\";", safeSpName ); -- 2.11.0