/ 
DBI-1.640
⭐ Starred 84
/ DBD::Gofer::Policy::rush
Security Advisories (4)
CVE-2020-14393 (2020-09-16)

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

CVE-2020-14392 (2020-06-17)

An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.

CVE-2019-20919 (2020-09-17)

An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.

CVE-2014-10402 (2020-09-16)

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.

NAME

DBD::Gofer::Policy::rush - The 'rush' policy for DBD::Gofer

SYNOPSIS

$dbh = DBI->connect("dbi:Gofer:transport=...;policy=rush", ...)

DESCRIPTION

The rush policy tries to make as few round-trips as possible. It's the opposite end of the policy spectrum to the pedantic policy.

Temporary docs: See the source code for list of policies and their defaults.

In a future version the policies and their defaults will be defined in the pod and parsed out at load-time.

AUTHOR

Tim Bunce, http://www.tim.bunce.name

LICENCE AND COPYRIGHT

Copyright (c) 2007, Tim Bunce, Ireland. All rights reserved.

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See perlartistic.