New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Crash test] isc_dsql_prepare with statement_text=NULL [CORE2071] #2506
Comments
Modified by: @AlexPeshkoffassignee: Alexander Peshkov [ alexpeshkoff ] |
Commented by: Claudio Valderrama C. (robocop) Typically, the engine is not careful about those conditions. See CORE1506 for example. |
Commented by: @AlexPeshkoff no backport because it's client, not server, crash |
Modified by: @AlexPeshkoffstatus: Open [ 1 ] => Resolved [ 5 ] resolution: Fixed [ 1 ] Fix Version: 2.5 Beta 1 [ 10251 ] |
Commented by: @dyemanov While it's definitely an improvement over the old behavior, I think that a crash caused by any weak input validation means a bug :-) |
Modified by: @dyemanovissuetype: Improvement [ 4 ] => Bug [ 1 ] |
Modified by: @pcisarstatus: Resolved [ 5 ] => Closed [ 6 ] |
Modified by: @pavel-zotovQA Status: No test |
Modified by: @pavel-zotovstatus: Closed [ 6 ] => Closed [ 6 ] QA Status: No test => Cannot be tested Test Details: It seems that fdb contains protection from pass None as argument to execute_immediate:import sys DB_NAME=sys.argv[1]
|
Submitted by: @ibprovider
Hi
I think, the implementation of isc_dsql_prepare should detect and correctly process the statement_text=NULL.
Currently, if I pass into isc_dsql_prepare the statement_length=1 and statement_text=NULL, I get the AV.
Please, add nessesary code in isc_dsql_prepare implementation.
Regards,
Dmitry Kovalenko
http://www.ibprovider.com
Commits: e80d922
====== Test Details ======
It seems that fdb contains protection from pass None as argument to execute_immediate:
import sys
import fdb
DB_NAME=sys.argv[1]
con=fdb.connect(dsn=DB_NAME)
print ( con.firebird_version, sys.argv[1] )
stm=None
con.execute_immediate(stm)
con.close()
-- output will be:
TypeError: object of type 'NoneType' has no len()
(checked on 2.1.0.17798, which crashes when empty string is passed to this method)
But there is test for core-1506 which seems to be related to this ticked.
The text was updated successfully, but these errors were encountered: