Security Advisories (8)

CVE-2020-14393 (2020-09-16)

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

CVE-2020-14392 (2020-06-17)

An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.

CVE-2019-20919 (2020-09-17)

An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.

CPANSA-DBI-2014-01 (2014-10-15)

DBD::File drivers open files from folders other than specifically passed using the f_dir attribute.

CVE-2014-10402 (2020-09-16)

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.

CVE-2014-10401 (2020-09-11)

An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.

CVE-2013-7491 (2020-09-11)

An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated.

CVE-2013-7490 (2020-09-11)

An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.

NAME

DBI::Gofer::Execute - Executes Gofer requests and returns Gofer responses

SYNOPSIS

$executor = DBI::Gofer::Execute->new( { ...config... });

$response = $executor->execute_request( $request );

DESCRIPTION

Accepts a DBI::Gofer::Request object, executes the requested DBI method calls, and returns a DBI::Gofer::Response object.

Any error, including any internal 'fatal' errors are caught and converted into a DBI::Gofer::Response object.

This module is usually invoked by a 'server-side' Gofer transport module. They usually have names in the "DBI::Gofer::Transport::*" namespace. Examples include: DBI::Gofer::Transport::stream and DBI::Gofer::Transport::mod_perl.

CONFIGURATION

check_request_sub

If defined, it must be a reference to a subroutine that will 'check' the request.

The subroutine can either return the original request object or die with a suitable error message (which will be turned into a Gofer response).

It can also construct and return a new request that should be executed instead of the original request.

forced_connect_dsn

If set, this DSN is always used instead of the one in the request.

default_connect_dsn

If set, this DSN is used if forced_connect_dsn is not set and the request does not contain a DSN itself.

forced_connect_attributes

A reference to a hash of connect() attributes. Individual attributes in forced_connect_attributes will take precedence over corresponding attributes in the request.

default_connect_attributes

A reference to a hash of connect() attributes. Individual attributes in the request take precedence over corresponding attributes in default_connect_attributes.

max_cached_dbh_per_drh

If set, the loaded drivers will be checked to ensure they don't have more than this number of cached connections. There is no default value. This limit is not enforced for every request.

max_cached_sth_per_dbh

If set, all the cached statement handles will be cleared once the number of cached statement handles rises above this limit. The default is 1000.

forced_single_resultset

If true, then only the first result set will be fetched and returned in the response.

track_recent

If set, specifies the number of recent requests and responses that should be kept by the update_stats() method for diagnostics. See DBI::Gofer::Transport::mod_perl.

Note that this setting can significantly increase memory use. Use with caution.

AUTHOR AND COPYRIGHT

You may distribute under the terms of either the GNU General Public License or the Artistic License, as specified in the Perl README file.

To install DBI, copy and paste the appropriate command in to your terminal.

cpanm

cpanm DBI

CPAN shell

perl -MCPAN -e shell
install DBI

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)