View Incident Report

Serious

Reported By: Filuta Vitaliy
Reported On: 1/17/2008
For: Version 4.26 Build 1

# 2574 Encrypted Remote Connections Can Cause Memory Overwrites with Transfers Larger than 64K

I have installed FastMM4, run my application in FullDebugMode, and got an error due to the following code:

In dbisamsv.TServerThread.DoReadAbsoluteRecordBlock:

...
Pack(TempResult,SizeOf(Word));
PackCursorInfo(TempDataCursor);
Pack(TempRecordsToGet,SizeOf(Integer));
Pack(TempRecordsBuffer^,(TempRecordsToGet*TempDataCursor.RecordSize));
Pack(TempBookmarksBuffer^,(TempRecordsToGet*TempDataCursor.BookmarkSize));

   // after that point FReceiveBufferSize = 143346 bytes

EndPack;

   // in EndPack procedure FReplyHeader.TotalReplySize evaluates to 143352 bytes
   // and DataEngine.Encrypt procedure corrupts 6 bytes of memory that are not
   // part of FReceiveBuffer memory block

Comments

This issue only affected encrypted connections directly, but could possibly cause other issues due to the memory overwrite.

Resolution

Fixed Problem on 1/20/2008 in version 4.26 build 2

Products Affected

DBISAM Additional Software and Utilities
DBISAM ODBC Client-Server
DBISAM ODBC Client-Server with Source
DBISAM ODBC Standard
DBISAM ODBC Standard with Source
DBISAM ODBC Trial
DBISAM VCL Client-Server
DBISAM VCL Client-Server with Source
DBISAM VCL Standard
DBISAM VCL Standard with Source
DBISAM VCL Trial

More Support Options

Search Incident Reports

Support Forums

Frequently Asked Questions

Technical Bulletins

Technical Articles

Product Manuals

Roadmap