| Bug #28851 | SQL parser mishandles '/' characters | ||
|---|---|---|---|
| Submitted: | 2 Jun 2007 17:43 | Modified: | 18 Jul 2007 9:42 |
| Reporter: | Par Winzell | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | Connector / J | Severity: | S2 (Serious) |
| Version: | 5.0.6 | OS: | Any |
| Assigned to: | CPU Architecture: | Any | |
[10 Jun 2007 16:37]
Tonci Grgin
Hi Par and thanks for your report.
Verified just as described using MySQL server 5.0.44BK on WinXP Pro SP2 localhost with JDK 1.5.0_11 and latest c/J 5.0 sources from SVN repository.
Properties props = new Properties();
props.put("useServerPrepStmts", "true"); //Doesn't make difference
Connection conn2 = getConnectionWithProps(props);
PreparedStatement pstm = conn2.prepareStatement("SELECT /? 1");
try {
assertTrue(pstm.execute());
}
catch (Exception e)
{
e.printStackTrace();
}
java.sql.SQLException: No value specified for parameter 1
[28 Jun 2007 16:18]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/29875
[18 Jul 2007 9:42]
MC Brown
This has been documented in the 5.0.7 changelog: Parser in client-side prepared statements eats character following '/' if it's not a multi-line comment.
[29 Aug 2007 17:56]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/33375
[6 Sep 2007 15:13]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/33832
[7 Sep 2007 14:03]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/33909
[3 Oct 2007 16:41]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/34839
[3 Oct 2007 16:46]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/34840
[3 Oct 2007 18:59]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/34855
[5 Oct 2007 18:53]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/35011
[11 Oct 2007 20:10]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/35407
[11 Oct 2007 20:24]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/35410
[11 Oct 2007 20:52]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/35414
[19 Nov 2007 0:56]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/38019
[19 Nov 2007 2:51]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/38024
Description: While parsing for /* comments */ the code around line 243 in PreparedStatement.java discards the current character to peek ahead at the next. Unfortunately, it then neglects to revert to the current character for the rest of the parse loop, which is quite disastrous when slashes are used that do not in fact begin a comment. How to repeat: Attempt to execute SQL including a fragment such as e.g. 'where foo/? = 1' which parser will see as 'where foo?? = 1' and proceed to complain that you're not feeding it enough argument values. Suggested fix: You should probably use local variable other than 'c' to hold the peek-ahead, or else replace the sql.charAt(i), but I figure you can work that out yourselves. :)