When a negative number whose number of digits is 39 such as -123456789012345678901234567890123456789 is converted to an Oracle number, dpiDataBuffer__toOracleNumberFromText() overruns 1 byte.

How to check it.

1. Change here as follows.

    if (appendSentinel) { *target = 102; fprintf(stderr, "offset = %d\n", target - (uint8_t*)oracleValue); }

2. Download this file and run it.
   Edited: The posted file doesn't provide the issue. Change a number in the file as my next post to reproduce it.

The program prints offset = 22. So the sentinel 102 was written at 23th byte. However the size of Oracle number is 22.