Subject RE: [ib-support] Questions about Firebird's API
On 14 Mar 2002 at 14:37, C R Zamana wrote:

> I use this approach to connect with database passing username
>and password and it works fine. Feel free :-)
>---- Code ------------------------------------------------------------
> dpb_buffer = (char *)malloc(USERNAME_SIZE+PASSWORD_SIZE+3);

Do USERNAME_SIZE and PASSWORD_SIZE macros include bytes for their
lengths? If no, a buffer overflow is very probable.
I'd write something like

dpb_length = strlen(user)+strlen(password)+5;
dpb_buffer = (char *)malloc(dpb_length);

SY, Dimitry Sibiryakov.