[Crash test] isc_dsql_prepare with statement_text=NULL [CORE2071] #2506
Comments
Modified by: @AlexPeshkoffassignee: Alexander Peshkov [ alexpeshkoff ] |
|
Commented by: Claudio Valderrama C. (robocop) Typically, the engine is not careful about those conditions. See CORE1506 for example. |
|
Commented by: @AlexPeshkoff no backport because it's client, not server, crash |
Modified by: @AlexPeshkoffstatus: Open [ 1 ] => Resolved [ 5 ] resolution: Fixed [ 1 ] Fix Version: 2.5 Beta 1 [ 10251 ] |
|
Commented by: @dyemanov While it's definitely an improvement over the old behavior, I think that a crash caused by any weak input validation means a bug :-) |
Modified by: @dyemanovissuetype: Improvement [ 4 ] => Bug [ 1 ] |
Modified by: @pcisarstatus: Resolved [ 5 ] => Closed [ 6 ] |
Modified by: @pavel-zotovQA Status: No test |
Modified by: @pavel-zotovstatus: Closed [ 6 ] => Closed [ 6 ] QA Status: No test => Cannot be tested Test Details: It seems that fdb contains protection from pass None as argument to execute_immediate:import sys DB_NAME=sys.argv[1]
|
Submitted by: @ibprovider
Hi
I think, the implementation of isc_dsql_prepare should detect and correctly process the statement_text=NULL.
Currently, if I pass into isc_dsql_prepare the statement_length=1 and statement_text=NULL, I get the AV.
Please, add nessesary code in isc_dsql_prepare implementation.
Regards,
Dmitry Kovalenko
http://www.ibprovider.com
Commits: e80d922
====== Test Details ======
It seems that fdb contains protection from pass None as argument to execute_immediate:
import sys
import fdb
DB_NAME=sys.argv[1]
con=fdb.connect(dsn=DB_NAME)
print ( con.firebird_version, sys.argv[1] )
stm=None
con.execute_immediate(stm)
con.close()
-- output will be:
TypeError: object of type 'NoneType' has no len()
(checked on 2.1.0.17798, which crashes when empty string is passed to this method)
But there is test for core-1506 which seems to be related to this ticked.
The text was updated successfully, but these errors were encountered: