CMDPROT
The CMDPROT parameter specifies whether to allow or inhibit CICS® validation of start addresses of storage referenced as output parameters on EXEC CICS commands.
- CMDPROT={YES|NO}
- Valid values are as follows:
- YES
- CICS validates the initial
byte at the start of any storage that is referenced as an output parameter
on EXEC CICS commands to ensure
that the application program has write access to the storage. This
ensures that CICS does not
overwrite storage on behalf of the application program when the program
itself cannot do so. If CICS detects
that an application program has asked CICS to
write into an area to which the application does not have addressability, CICS abends the task with an AEYD
abend.
The level of protection against bad addresses depends on the level of storage protection in the CICS environment. The various levels of protection provided when you specify CMDPROT=YES are shown in Table 1.
- NO
- CICS does not perform any validation of addresses of the storage referenced by EXEC CICS commands. This means that an application program could cause CICS to overwrite storage to which the application program itself does not have write access.
Table 1. Levels of protection provided by CICS validation of application-supplied addresses Environment Execution key of affected programs Types of storage referenced by applications that cause AEYD abends Read-only storage (RENTPGM=PROTECT) CICS-key and user-key CICS key 0 read-only storage (RDSA and ERDSA). Subsystem storage protection (STGPROT=YES) User-key All CICS-key storage (CDSA and ECDSA) Transaction isolation (TRANISO=YES) User-key and ISOLATE(YES) Task-lifetime storage of all other transactions Transaction isolation (TRANISO=YES) User-key and ISOLATE(NO) Task-lifetime storage of all except other user key and ISOLATE(NO) transactions Base CICS (all storage is CICS key 8 storage) (RENTPGM=NOPROTECT; STGPROT=NO; and TRANISO=NO) CICS-key and user-key MVS™ storage only