From 0deb10ad8ed70e4785169d15e70b6aa8c3ebaa47 Mon Sep 17 00:00:00 2001
From: Hiroshi Inoue <h-inoue@dream.email.ne.jp>
Date: Thu, 20 Jul 2017 05:31:00 +0900
Subject: [PATCH] Fix buffer truncations reported by Pavel Raiskup. The
 truncations occured when concatenating 'RELEASE xxxx...;' and 'SAVEPOINT
 xxxx....'.

---
 connection.c | 4 ++--
 execute.c    | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/connection.c b/connection.c
index 411e045..d43bc33 100644
--- a/connection.c
+++ b/connection.c
@@ -1604,7 +1604,7 @@ int
 CC_internal_rollback(ConnectionClass *self, int rollback_type, BOOL ignore_abort)
 {
 	int	ret = 0;
-	char		cmd[64];
+	char		cmd[128];
 	PGresult   *pgres = NULL;
 
 	if (!CC_is_in_error_trans(self))
@@ -1701,7 +1701,7 @@ CC_send_query_append(ConnectionClass *self, const char *query, QueryInfo *qi, UD
 			consider_rollback;
 	int		func_cs_count = 0, i;
 	size_t		query_buf_len = 0;
-	char	   *query_buf = NULL, prepend_cmd[64];
+	char	   *query_buf = NULL, prepend_cmd[128];
 	size_t		query_len;
 
 	/* QR_set_command() dups this string so doesn't need static */
diff --git a/execute.c b/execute.c
index 09b8560..2137bf2 100644
--- a/execute.c
+++ b/execute.c
@@ -588,7 +588,7 @@ inolog("%s:%p->external=%d\n", func, stmt, stmt->external);
 int
 GenerateSvpCommand(ConnectionClass *conn, int type, char *cmd, int buflen)
 {
-	char esavepoint[32];
+	char esavepoint[50];
 	int	rtn = -1;
 
 	cmd[0] = '\0';
@@ -621,7 +621,7 @@ RETCODE
 SetStatementSvp(StatementClass *stmt, unsigned int option)
 {
 	CSTR	func = "SetStatementSvp";
-	char	cmd[64];
+	char	cmd[128];
 	ConnectionClass	*conn = SC_get_conn(stmt);
 	QResultClass *res;
 	RETCODE	ret = SQL_SUCCESS_WITH_INFO;
-- 
2.39.5