Hi, is it possible to get odbc driver information. I would like to get driver name and version using odbc api. -- -- Have a nice day, Aistis Jokubauskas _______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
Hello, I'm trying to get unixODBC working on AIX 7.1, so far I have done the following: 1) I have downloaded unixODBC 2.3.0 and compiled it with the following options: export CC=xlc_r export CXX=xlC_r export CFLAGS="-q32 -qlanglvl=extended -ma -O2 -g -qstrict -qoptimize=2 -qmaxmem=8192" export CXXFLAGS="-q32 -ma -O2 -g -qstrict -qoptimize=2 -qmaxmem=8192" export LDFLAGS="-Wl,-brtl" export OBJECT_MODE=32 ./configure --enable-gui=no --enable-drivers=no > c.log N.B: The install script does not seem work correctly on AIX 7.1. 2) I then downloaded MySQL 5.6.10: wget http://dev.mysql.com/get/Downloads/MySQL-5.6/mysql-5.6.10.tar.gz/from/http://cdn.mysql.com/ -O mysql-5.6.10.tar.gz and added the following to CMakeLists.txt: SET(CMAKE_C_FLAGS "-q32 -qlanglvl=extended -ma -O2 -g -qstrict -qoptimize=2 -qmaxmem=8192 -lC -liconv" CACHE STRING "Forced C compiler flags." FORCE) SET(CMAKE_CXX_FLAGS "-q32 -ma -O2 -g -qstrict -qoptimize=2 -qmaxmem=8192" CACHE STRING "Forced C++ compiler flags." FORCE) SET(CMAKE_C_COMPILER "/usr/vac/bin/xlc_r") SET(CMAKE_CXX_COMPILER "/usr/vacpp/bin/xlC_r")(Continue reading)
_______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
Am trying to move my compiled C code that connects to mssql database servers from using the datadirect odbc drivers to using the unixodbc driver manager (version 2.3.1)/ freetds drivers (version 0.91) which are already compiled for 64 bit and available to me. Am able to successfully compile it on 64 bit RHEL5 Linux by linking in libodbc which has already been compiled. But I get the error net.c:350: tds_select: Assertion 'timeout_seconds >= 0' failed multiple times when I run the code and the database connection fails. The environment variables I set are ODBCINI, ODBCHOME and LDD_LIBRARY_PATH (which is set to the libraries in the unixodbc path). The driver in the odbcinst file is set to the path where libtdsodbc.so is located. The permissions on the odbc.ini, odbcinst.ini files appear to be fine. I also tried linking in libodbinst and libtdsodbc (by including and not including libodbc) when compiling and set the FREETDSCONF environment variable as well to the freetds.conf location. But I keep getting the same error, "net.c:350: tds_select: Assertion 'timeout_seconds >= 0' '. My code connects to the database occasionally, but for most of the part it errors. The timeout from the freetds.conf file appears to be correct: ----------------------------------------------------- # Command and connection timeouts ; timeout = 10 ; connect timeout = 10 -------------------------------------------------- When I do an ldd on my executable, the dependencies are: libodbcinst.so.2 => libtdsodbc.so.0 => libnsl.so.1 => libc.so.6 => libdl.so.2 => libpthread.so.0 => librt.so.1 => /lib64/ld-linux-x86-64.so.2 Am I missing something here. Thanks for your help. _______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
_______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
Good afternoon! I have a problem of hooking ODBC-api calls to perform some authority check of SQL-requests. I decided that it is possible if I developed my own driver, which would pass calls from driver manager to the next DBMS-specific driver, or again to the driver manager(driver manager then would call DBMS specific driver) after authority check. I decided to implement my custom driver by the second way (i.e. driver passes calls to the driver manager), because the driver manager performs many routine work of managing environment and connections. So my custom driver loads the driver manager (libodbc.so) using dlmopen(), extracts the entry points using dlsym(), then just passes calls to the corresponding functions of newly loaded driver manager. I'm getting SIGSEGV when my driver passes the call to driver manager's SQLConnect() function. So my question is: is it possible at all to use the driver manager in a such scheme? /**************************************************** Applicaion -> Driver manager 1 -> My custom driver(hook) -> Driver manager 2 -> DBMS specific driver. ****************************************************/ If not, maybe you have some ideas on how to do it using ODBC? Saying again: I need to perform authority check of SQL-requests before requests are passed to DBMS. Moreover, I must be able to reject unauthorized requests. Thank you for attention! _______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
_______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
Hi, While working on the PostgreSQL driver, I bumped into two little bugs in handling out-of-memory situation. Patch attached. It's probably self-evident from the patch what the bugs are, but I'll explain anyway: 1. In __post_internal_error_ex, check for NULL return from malloc, and avoid some unnecessary allocations so that we don't need to handle the case that they fail. (In my test case, the reason that __post_internal_error_ex got called in the first place was that dlopen() failed with Out-of-Memory while loading the driver, so it's not surprising that those allocations failed too) 2. In __alloc_desc, there is a check for calloc returning NULL, but some of the initialization code was misplaced, and was being called on the NULL pointer anyway. There are a lot more places where we don't check for malloc returning NULL, but fixing those two made my test case work. In the test case, I opened a large number of connections, and to induce the OOM condition, I ran it with a small "ulimit -v". - Heikki
_______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
On 30/01/13 16:10, Todor Buyukliev wrote: > hi, nick! > > in one of our applications we found leaked structures allocated by iconv_open() from unixODBC. i read the source and the only way i see this could happen is by failure in __connect_part_one(). __connect_part_one() is called by all SQLConnect() variants and no cleanup is done on failure, despite that memory might have been allocated. what's worse is that in this case the connection is left in STATE_C2 and even if SQLDisconnect() is called the memory will not be freed. > > one approach for fixing this is in the attached patch. does it look ok to you? i haven't reproduced the issue and haven't confirmed that the patch doesn't break anything. > > pooling is not enabled in our setup, so i haven't inspected the pooling code. > > regards, > todor I have added this fix to the source and built a 2.3.2-pre tarball with it in on the ftp site. -- -- Nick _______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
_______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
Hi All, I am a graduate student at Auburn University, working with Dr. Munawar Hafiz. We are working on an empirical study project to understand the software engineering practices used in companies that produce secure software. In particular, we are concentrating on how developers write code to prevent buffer overflow and integer overflow vulnerabilities. We are interested in the software development process: how you develop software, how you test and analyze programs to detect vulnerabilities, and what processes you follow to remove bugs. We are looking into automated tools that software developers use, and are expecting that there is a common insight in the security engineering process that can be reusable. We request your assistance by participating in this research study. We would greatly appreciate it if you would share your experience with us by answering the questions at the end of this email. We may send some follow up questions based on your response in future. Your response(s) will be kept confidential, and will only be aggregated with those of other responders. Please let us know if you have any questions or concerns regarding the study. Thanks in advance for your support. Yasmeen Rawajfih Software Analysis, Transformations and Security Group Auburn University Working under the supervision of: Dr. Munawar Hafiz Assistant Professor Dept. of Computer Science and Software Engineering Auburn University Auburn, AL http://munawarhafiz.com/ Questions: (There are ten questions.) 1. How long have you been a software developer? 2. How long have you been affiliated with unixODBC? Were you part of the original development team for this software? 3. What is the size of the current code base? 4. Did you follow a coding standard when developing this software? Is it a standard determined by your group?t 5. What did you use to manage bug reports in your software? Does it satisfy your requirements? Are there other software options that you would consider switching to? 6. Did you use any compiler options to detect integer overflow vulnerabilities? Do you think that they are useful? 7. Did you use any automated (static or dynamic analysis) tools to detect buffer overflows, integer overflows, or any other bugs? Which tools did you use? Why these tools? 8. Did you use fuzzing? Which tools did you use and why? If you wrote your own fuzzer, why did you write it yourself? Was it written from scratch or by extending some other fuzzing tools? 9. Did you have specific phases during development where you concentrated on fixing security issues? Did you have a test suite, unit tests, or regression tests? 10. Buffer overflows often result from the use of unsafe functions, such as strcpy. Does your software use those? If you use a different string library, why is it used? Is it an in-house library or an off-the-shelf library? Did you migrate your code to use the string library? _______________________________________________ unixODBC-dev mailing list unixODBC-dev <at> mailman.unixodbc.org http://mailman.unixodbc.org/mailman/listinfo/unixodbc-dev
 |
|
|
|
|
|
|
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 |
RSS Feed22 | |
|---|---|
2 | |
1 | |
12 | |
9 | |
5 | |
2 | |
2 | |
8 | |
3 | |
6 | |
18 | |
14 | |
5 | |
8 | |
2 | |
2 | |
1 | |
9 | |
2 | |
3 | |
5 | |
12 | |
4 | |
3 | |
2 | |
20 | |
15 | |
73 | |
10 | |
4 | |
5 | |
38 | |
57 | |
56 | |
26 | |
23 | |
11 | |
29 | |
19 | |
21 | |
13 | |
1 | |
36 | |
1 | |
20 | |
13 | |
26 | |
8 | |
2 | |
3 | |
35 | |
11 | |
12 | |
62 | |
4 | |
1 | |
8 | |
9 | |
6 | |
14 | |
19 | |
3 | |
1 | |
17 | |
13 | |
87 | |
38 | |
56 | |
15 | |
41 | |
30 | |
37 | |
24 | |
134 | |
38 | |
26 | |
56 | |
48 | |
49 | |
42 | |
60 | |
74 | |
77 | |
74 | |
67 | |
53 | |
80 | |
65 | |
89 | |
32 | |
38 | |
28 | |
39 | |
55 | |
66 | |
51 | |
30 | |
28 | |
10 |