MDAC 2.5 Buffer Overrun with long servernames?

From: news@news.com
Date: 02/25/03


From: <news@news.com>
Date: Tue, 25 Feb 2003 11:42:36 -0800


Sorry for the independant cross post, also posted in .connect and
public.odbc

I think we have uncovered a bug in MDAC 2.5 and 2.5 SP1 -

Connecting to servernames that are 32 characters long with a standard
connection using ODBC/TCPIP with MDAC 2.5RTM or SP1 results in a bad login
packets sent to sql, most likely the result of a buffer overrun.

OLEDB provider correctly identifies a string truncation, ODBC does not.

MDAC 2.6SP1/SP2 seems to work, as well as trusted connections with TCP/IP
MDAC 2.5, but this may be resulted from the length of the connection string
being shorter w/out credentials.