| Bug #28851 | SQL parser mishandles '/' characters | ||
|---|---|---|---|
| Submitted: | 2 Jun 2007 19:43 | Modified: | 18 Jul 2007 11:42 |
| Reporter: | Par Winzell | ||
| Status: | Closed | ||
| Category: | Connector/J | Severity: | S2 (Serious) |
| Version: | 5.0.6 | OS: | Any |
| Assigned to: | Target Version: | ||
[10 Jun 2007 18:37]
Tonci Grgin
Hi Par and thanks for your report.
Verified just as described using MySQL server 5.0.44BK on WinXP Pro SP2 localhost with
JDK 1.5.0_11 and latest c/J 5.0 sources from SVN repository.
Properties props = new Properties();
props.put("useServerPrepStmts", "true"); //Doesn't make difference
Connection conn2 = getConnectionWithProps(props);
PreparedStatement pstm = conn2.prepareStatement("SELECT /? 1");
try {
assertTrue(pstm.execute());
}
catch (Exception e)
{
e.printStackTrace();
}
java.sql.SQLException: No value specified for parameter 1
[28 Jun 2007 18:18]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/29875
[18 Jul 2007 11:42]
MC Brown
This has been documented in the 5.0.7 changelog: Parser in client-side prepared statements eats character following '/' if it's not a multi-line comment.
[29 Aug 2007 19:56]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/33375
[6 Sep 2007 17:13]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/33832
[7 Sep 2007 16:03]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/33909
[3 Oct 2007 18:41]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/34839
[3 Oct 2007 18:46]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/34840
[3 Oct 2007 20:59]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/34855
[5 Oct 2007 20:53]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/35011
[11 Oct 2007 22:10]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/35407
[11 Oct 2007 22:24]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/35410
[11 Oct 2007 22:52]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/35414
[19 Nov 2007 1:56]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/38019
[19 Nov 2007 3:51]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/38024
Description: While parsing for /* comments */ the code around line 243 in PreparedStatement.java discards the current character to peek ahead at the next. Unfortunately, it then neglects to revert to the current character for the rest of the parse loop, which is quite disastrous when slashes are used that do not in fact begin a comment. How to repeat: Attempt to execute SQL including a fragment such as e.g. 'where foo/? = 1' which parser will see as 'where foo?? = 1' and proceed to complain that you're not feeding it enough argument values. Suggested fix: You should probably use local variable other than 'c' to hold the peek-ahead, or else replace the sql.charAt(i), but I figure you can work that out yourselves. :)