Hide Forgot
I have looked at first scan of mysql-connector-odbc64, here are my points: 1) Dereference of NULL pointer => util/odbcinstw.c:89 It looks that there is mistake on line 73. Malloc returns NULL (when error occurred) by default. No need to use if-else. Should there be return 0; in else branch instead? 2) Dereference of NULL pointer => driver/info.c:773 Dereference of the dbc->ds. Based on the check on line 768 it looks that this pointer may be NULL. 3) Again (two) dereferences of NULL pointers => driver/utility.c:545|760 The pointer 'result' may be set to zero on line 475 (and on line 516) and is dereferenced even when is equal to zero on line 545. 4) Copy and paste error? => util/MYODBCUtilWriteDataSourceStr.c:73 Passing possible NULL pointer -- pDataSource->pszDATABASE -- into MYODBCUtilInsertStr(). Shouldn't there be the pDataSource->pszDESCRIPTION pointer? (This defect is mentioned in Bug 756947 also.) These problems were found in RHEL 5.8 by the Coverity tool (firstly), because mysql-connector-odbc64 is a new package in RHEL-5. I've tried to keep only most seriously looking defects.
This request was evaluated by Red Hat Product Management for inclusion in Red Hat Enterprise Linux 5.8 and Red Hat does not plan to fix this issue the currently developed update. Contact your manager or support representative in case you need to escalate this bug.
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.
Filed upstream by Honza, but I don't think we'll do anything about this in RHEL5.