Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

using a result from a procedure in a substring expression leads to server crash [CORE4006] #4338

Closed
firebird-automations opened this issue Dec 6, 2012 · 5 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: Frank Schlottmann-Goedde (fsg)

The following script demonstrates the issue:
------------------------------------------------------------------------------------------
SET TERM ^ ;

create or alter procedure P_STR_RPOS
returns (
RESULT integer)
as
begin
result=14;
suspend;
end^

SET TERM ; ^

select substring('somestringwith \ no meaning' from 1 for RESULT)
from P_STR_RPOS;

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Call stack:

ntdll\.dll\!77bd15de\(\) 	
\[Unten angegebene Rahmen sind möglicherweise nicht korrekt und/oder fehlen, keine Symbole geladen für ntdll\.dll\]	
ntdll\.dll\!77bd15de\(\) 	
ntdll\.dll\!77bc014e\(\) 	

> engine12.dll!Firebird::MemoryPool::allocate(unsigned int size=0x0018efac) Zeile 497 + 0x1a Bytes C++
engine12.dll!Jrd::FieldNode::parse(Jrd::thread_db * tdbb=0x0018e834, Firebird::MemoryPool & pool={...}, Jrd::CompilerScratch * csb=0x0388003c, unsigned char blrOp='¬') Zeile 4717 + 0x11 Bytes C++
engine12.dll!Firebird::Array<Jrd::AccessItem,Firebird::EmptyStorageJrd::AccessItem\ >::insert(const unsigned int index=0x00000000, const Jrd::AccessItem & item={...}) Zeile 200 + 0x12 Bytes C++
engine12.dll!CMP_post_access(Jrd::thread_db * tdbb=0x00000026, Jrd::CompilerScratch * csb=0x54d3fd8a, const Firebird::MetaName & security_name={...}, long view_id=0x0255dfeb, unsigned short mask=0xffff, long type_name=0x0230e944, const Firebird::MetaName & name={...}, const Firebird::MetaName & r_name={...}) Zeile 397 + 0xf Bytes C++
engine12.dll!DataTypeUtilBase::convertLength(const dsc * src=0x0018e988, const dsc * dst=0x0018e954) Zeile 226 + 0x73 Bytes C++
engine12.dll!Jrd::SubstringNode::getDesc(Jrd::thread_db * tdbb=0x0018efac, Jrd::CompilerScratch * csb=0x03880ec0, dsc * desc=0x0018e988) Zeile 9432 + 0x2d Bytes C++
engine12.dll!Jrd::SubstringNode::pass2(Jrd::thread_db * tdbb=0x0018efac, Jrd::CompilerScratch * csb=0x03880018) Zeile 9475 C++
engine12.dll!Jrd::AssignmentNode::pass2(Jrd::thread_db * tdbb=0x0018efac, Jrd::CompilerScratch * csb=0x03880018) Zeile 371 + 0x1c Bytes C++
engine12.dll!Jrd::CompoundStmtNode::pass2(Jrd::thread_db * tdbb=0x0018efac, Jrd::CompilerScratch * csb=0x03880018) Zeile 778 + 0x14 Bytes C++
engine12.dll!Jrd::SuspendNode::pass2(Jrd::thread_db * tdbb=0x0018efac, Jrd::CompilerScratch * csb=0x03880018) Zeile 7277 + 0x22 Bytes C++
engine12.dll!Jrd::ForNode::pass2(Jrd::thread_db * tdbb=0x0018efac, Jrd::CompilerScratch * csb=0x03880018) Zeile 4370 + 0x16 Bytes C++
engine12.dll!Jrd::CompoundStmtNode::pass2(Jrd::thread_db * tdbb=0x0018efac, Jrd::CompilerScratch * csb=0x03880018) Zeile 778 + 0x14 Bytes C++
engine12.dll!Jrd::JrdStatement::makeStatement(Jrd::thread_db * tdbb=0x0018efac, Jrd::CompilerScratch * csb=0x03880018, bool internalFlag=false) Zeile 244 + 0xd Bytes C++
engine12.dll!Jrd::JrdStatement::makeRequest(Jrd::thread_db * tdbb=0x0018efac, Jrd::CompilerScratch * csb=0x03880018, bool internalFlag=false) Zeile 295 + 0x15 Bytes C++
engine12.dll!CMP_compile2(Jrd::thread_db * tdbb=0x0018efac, const unsigned char * blr=0x02ea006c, unsigned long blr_length=0x0000007d, bool internal_flag=false, unsigned long dbginfo_length=0x00000000, const unsigned char * dbginfo=0x02ea047c) Zeile 176 + 0xe Bytes C++
engine12.dll!JRD_compile(Jrd::thread_db * tdbb=0x0018efac, Jrd::Attachment * attachment=0x004a0018, Jrd::jrd_req * * req_handle=0x02ea13a4, unsigned long blr_length=0x0000007d, const unsigned char * blr=0x02ea006c, Firebird::RefPtr<Firebird::AnyRef<Firebird::StringBaseFirebird::StringComparator\ > > ref_str={...}, unsigned long dbginfo_length=0x00000000, const unsigned char * dbginfo=0x02ea047c, bool isInternalRequest=false) Zeile 7202 + 0x23 Bytes C++
engine12.dll!Jrd::DsqlDmlRequest::dsqlPass(Jrd::thread_db * tdbb=0x0018efac, Jrd::DsqlCompilerScratch * scratch=0x02ea0060, ntrace_result_t * traceResult=0x0018ec6c) Zeile 766 + 0x69 Bytes C++
engine12.dll!prepareStatement(Jrd::thread_db * tdbb=0x0018efac, Jrd::dsql_dbb * database=0x00000000, Jrd::jrd_tra * transaction=0x02e202a0, unsigned long textLength=0x00000000, const char * text=0x00000000, unsigned short clientDialect=0x0003, unsigned short parserVersion=0x0002, bool isInternalRequest=false) Zeile 1663 C++
engine12.dll!prepareRequest(Jrd::thread_db * tdbb=0x0018efac, Jrd::dsql_dbb * database=0x02e30018, Jrd::jrd_tra * transaction=0x02e202a0, unsigned long textLength=0x00000000, const char * text=0x02e60018, unsigned short clientDialect=0x0003, unsigned short parserVersion=0x0000, bool isInternalRequest=false) Zeile 1526 + 0x23 Bytes C++
engine12.dll!DSQL_prepare(Jrd::thread_db * tdbb=0x0018efac, Jrd::jrd_tra * transaction=0x02e202a0, Jrd::dsql_req * * req_handle=0x00488360, unsigned long length=0x00000000, const char * string=0x02e60018, unsigned short dialect=0x0003, unsigned long item_length=0x00000019, const unsigned char * items=0x00497cd8, unsigned long buffer_length=0x0000ffff, unsigned char * buffer=0x03810018, bool isInternalRequest=false) Zeile 435 + 0x1a Bytes C++
engine12.dll!Jrd::JStatement::prepare(Firebird::IStatus * user_status=0x0018f128, Firebird::ITransaction * apiTra=0x00488338, unsigned int stmtLength=0x00000000, const char * sqlStmt=0x02e60018, unsigned int dialect=0x00000003, unsigned int flags=0x00000007) Zeile 4523 C++
fbclient.dll!Why::YStatement::prepare(Firebird::IStatus * status=0x0018f128, Firebird::ITransaction * transaction=0x00260940, unsigned int stmtLength=0x00000000, const char * sqlStmt=0x02e60018, unsigned int dialect=0x00000003, unsigned int flags=0x00000007) Zeile 3691 + 0x1d Bytes C++
fbclient.dll!isc_dsql_prepare(int * userStatus=0x00263e00, void * * traHandle=0x00260940, void * * stmtHandle=0x00260940, unsigned short stmtLength=0x0000, const char * sqlStmt=0x02e60018, unsigned short dialect=0x0003, XSQLDA * sqlda=0x00264010) Zeile 2302 C++
isql.exe!process_statement(const char * string=0x02e60018, XSQLDA * * sqldap=0x00000000) Zeile 9968 + 0x1f Bytes C++
isql.exe!do_isql() Zeile 5744 + 0xc Bytes C++
isql.exe!ISQL_main(int argc=0x00000002, char * * argv=0x00293f68) Zeile 1613 C++
isql.exe!__tmainCRTStartup() Zeile 597 + 0x17 Bytes C
kernel32.dll!771b33aa()
ntdll.dll!77be9ef2()
ntdll.dll!77be9ec5()

Commits: da61724

@firebird-automations
Copy link
Collaborator Author

Modified by: @asfernandes

assignee: Adriano dos Santos Fernandes [ asfernandes ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @asfernandes

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 3.0 Alpha 1 [ 10331 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @asfernandes

Version: 3.0 Initial [ 10301 ]

Version: 3.0 Alpha 1 [ 10331 ] =>

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

status: Closed [ 6 ] => Closed [ 6 ]

QA Status: Done successfully

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants