Description:
Some inputs cause the templating mechanism to throw exceptions: I encountered InterfaceError and UnicodeDecodeError, both raised from the `_split_statement` function in the internal `_scripting.py` file.
I have managed to reproduce of one of the bugs, the one causing InterfaceError.
The UnicodeDecodeError eludes me. It happened one time in my fuzzing script and ironically couldn't be saved to the DB for later inspection, because of the bug. It is raised in line 96, in the operation `delimiter.decode()`.
How to repeat:
To reproduce the InterfaceError, run the following code:
```
$ python
>>> import mysql.connector
>>> conn = mysql.connector.connect(...)
>>> cur = conn.cursor()
>>> cur.execute("create table test (field varchar(100));")
>>> PROBLEMATIC_DATA = "The word `delimiter' followed by quote: DELIMITER '"
>>> cur.execute("insert into test (field) values (%s);", (PROBLEMATIC_DATA,))
```
Expected outcome: the method returns None (no output).
Actual outcome: the following exception is raised:
```
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/Users/amir/.pyenv/versions/3.11.8/lib/python3.11/site-packages/mysql/connector/cursor_cext.py", line 345, in execute
self._stmt_partition = next(self._stmt_partitions)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/amir/.pyenv/versions/3.11.8/lib/python3.11/site-packages/mysql/connector/_scripting.py", line 343, in split_multi_statement
stmts = tok.split_script()
^^^^^^^^^^^^^^^^^^
File "/Users/amir/.pyenv/versions/3.11.8/lib/python3.11/site-packages/mysql/connector/_scripting.py", line 283, in split_script
self._split_statement(code=b" ".join(buf), delimiter=delimiter)
File "/Users/amir/.pyenv/versions/3.11.8/lib/python3.11/site-packages/mysql/connector/_scripting.py", line 91, in _split_statement
raise InterfaceError(
mysql.connector.errors.InterfaceError: The backslash (\) character is not a valid delimiter.
```
© 2025, Oracle Corporation and/or its affiliates
Description: Some inputs cause the templating mechanism to throw exceptions: I encountered InterfaceError and UnicodeDecodeError, both raised from the `_split_statement` function in the internal `_scripting.py` file. I have managed to reproduce of one of the bugs, the one causing InterfaceError. The UnicodeDecodeError eludes me. It happened one time in my fuzzing script and ironically couldn't be saved to the DB for later inspection, because of the bug. It is raised in line 96, in the operation `delimiter.decode()`. How to repeat: To reproduce the InterfaceError, run the following code: ``` $ python >>> import mysql.connector >>> conn = mysql.connector.connect(...) >>> cur = conn.cursor() >>> cur.execute("create table test (field varchar(100));") >>> PROBLEMATIC_DATA = "The word `delimiter' followed by quote: DELIMITER '" >>> cur.execute("insert into test (field) values (%s);", (PROBLEMATIC_DATA,)) ``` Expected outcome: the method returns None (no output). Actual outcome: the following exception is raised: ``` Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/Users/amir/.pyenv/versions/3.11.8/lib/python3.11/site-packages/mysql/connector/cursor_cext.py", line 345, in execute self._stmt_partition = next(self._stmt_partitions) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/Users/amir/.pyenv/versions/3.11.8/lib/python3.11/site-packages/mysql/connector/_scripting.py", line 343, in split_multi_statement stmts = tok.split_script() ^^^^^^^^^^^^^^^^^^ File "/Users/amir/.pyenv/versions/3.11.8/lib/python3.11/site-packages/mysql/connector/_scripting.py", line 283, in split_script self._split_statement(code=b" ".join(buf), delimiter=delimiter) File "/Users/amir/.pyenv/versions/3.11.8/lib/python3.11/site-packages/mysql/connector/_scripting.py", line 91, in _split_statement raise InterfaceError( mysql.connector.errors.InterfaceError: The backslash (\) character is not a valid delimiter. ```