[email protected]
[Top] [All Lists]

Bug#396218: marked as forwarded (bind.c: bad handling of SQL_LEN_DATA_AT

Subject: Bug#396218: marked as forwarded bind.c: bad handling of SQL_LEN_DATA_AT_EXEC breaks passing char buffer length at SQLExec time
From: Debian Bug Tracking System
Date: Mon, 06 Nov 2006 12:03:19 -0800
Your message dated Mon, 6 Nov 2006 20:46:15 +0100
with message-id <[email protected]>
has caused the Debian Bug report #396218,
regarding bind.c: bad handling of SQL_LEN_DATA_AT_EXEC breaks passing char 
buffer length at SQLExec time
to be marked as having been forwarded to the upstream software
author(s) [email protected]

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Subject: Fwd: Bug#396218: bind.c: bad handling of SQL_LEN_DATA_AT_EXEC breaks passing char buffer length at SQLExec time
From: Peter Eisentraut
Date: Mon, 6 Nov 2006 20:46:15 +0100
A Debian bug report ...

----------  Forwarded Message  ----------

Subject: Bug#396218: bind.c: bad handling of SQL_LEN_DATA_AT_EXEC breaks 
passing char buffer length at SQLExec time
Date: Monday 30 October 2006 17:00
From: Enrico Zini <[email protected]>
To: Debian Bug Tracking System <[email protected]>

Package: odbc-postgresql
Version: 1:08.01.0200-2
Severity: normal
Tags: patch

Hello,

thanks for maintaining odbc-postgresql.

In my package dballe (apt-get source dballe) I optimize some frequent
query by preparing the ODBC statement for them and binding the input
parameters, so that when I need the results I can just set some of the
bound variables and call SQLExecute.

This is an example of such variable bind code:

    SQLBindParameter(res->istm, 3, SQL_PARAM_INPUT, SQL_C_CHAR,
 SQL_CHAR, 0, 0, &(res->value), 0, &(res->value_ind));

Note that I'm passing a pointer to the variable that will hold the
string length as the last parameter, instead of using SQL_NTS.

Now, this call eventually ends up in this code, found at bind.c:118:

    /* Data at exec macro only valid for C char/binary data */
    if (pcbValue && (*pcbValue == SQL_DATA_AT_EXEC ||
                                     *pcbValue <=
 SQL_LEN_DATA_AT_EXEC_OFFSET)) apdopts->parameters[ipar].data_at_exec =
 TRUE;
    else
        apdopts->parameters[ipar].data_at_exec = FALSE;

This code tries to dereferenciate the (still uninitialised) pointer I
pass it ( that &(res->value_ind) ) and fails.  The test should be like
this instead:

    /* Data at exec macro only valid for C char/binary data */
    if (pcbValue && (pcbValue == SQL_DATA_AT_EXEC ||
                                     pcbValue <=
 SQL_LEN_DATA_AT_EXEC_OFFSET)) apdopts->parameters[ipar].data_at_exec =
 TRUE;
    else
        apdopts->parameters[ipar].data_at_exec = FALSE;

ODBC has this dirty habit of passing negative integers as special
 values for pointers, and SQL_DATA_AT_EXEC is one of those:

from /usr/include/sql.h:29:

#define SQL_NULL_DATA             (-1)
#define SQL_DATA_AT_EXEC          (-2)

same goes for the handling of SQL_LEN_DATA_AT_EXEC_OFFSET.

I regret I can't test the patch with code that uses SQL_DATA_AT_EXEC,
because that is an ODBC feature that I do not use.  However, with the
patch my SQLBindParameter above works fine.


Ciao,

Enrico


-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-686
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)

Versions of packages odbc-postgresql depends on:
ii  libc6                        2.3.6.ds1-7 GNU C Library: Shared
 libraries ii  libpq4                       8.1.5-1     PostgreSQL C
 client library ii  odbcinst1debian1             2.2.11-13   Support
 library and helper program

odbc-postgresql recommends no packages.

-- no debconf information

-------------------------------------------------------
-- 
Peter Eisentraut
http://developer.postgresql.org/~petere/

Attachment: SQLBindParameter.patch
Description: Text Data


--- End Message ---
<Prev in Thread] Current Thread [Next in Thread>
  • Bug#396218: marked as forwarded (bind.c: bad handling of SQL_LEN_DATA_AT_EXEC breaks passing char buffer length at SQLExec time), Debian Bug Tracking System <=