Bug #36069 A SQLProcedures followed by a SQLFreeStmt causes a crash
Submitted: 14 Apr 2008 18:54 Modified: 8 Jul 2008 13:08
Reporter: Kevin Wicken Email Updates:
Status: Closed Impact on me:
None 
Category:Connector / ODBC Severity:S3 (Non-critical)
Version:5.01.03 OS:Microsoft Windows
Assigned to: Jess Balint
Triage: D2 (Serious)

[14 Apr 2008 18:54] Kevin Wicken
Description:
When using the ODBC C API a crash occurs when calling SQLProcedures followed by SQLFreeStmt after successfully establishing a connection.

The version of the server that it is connecting to is 5.0.51a-community-nt

How to repeat:
1.  Establish an ODBC connection to a MySQL database through the MySQL ODBC driver.

2.  Once the connection is established make these three function calls:

    SQLHSTMT	stmt;
    int ret = SQLAllocHandle( SQL_HANDLE_STMT, database_connection, &stmt );
    ret = SQLProcedures( stmt, "", 0, "ml", 2, "ml_", 3 );
    ret = SQLFreeStmt( stmt, SQL_RESET_PARAMS );

The 'ml' database that was used in these steps had 8 procedures that began with 'ml_'.  When these commands were run against a Microsoft SQL Server database they completed successfully.

The same commands also work with version 3.51.24 of the MySQL ODBC Driver.
[14 Apr 2008 19:09] Kevin Wicken
The C file used to reproduce the bug

Attachment: odbcbug.c (text/plain), 5.59 KiB.

[14 Apr 2008 19:10] Kevin Wicken
One of the commands was left out in the original report, here's an update:

    SQLHSTMT	stmt;
    RETCODE	ret;    
    SQLSMALLINT size = 0; 
    ret = SQLAllocHandle( SQL_HANDLE_STMT, conn->dbc, &stmt );
    ret = SQLProcedures( stmt, "", 0, "ml", 2, "ml_", 3 );
    ret = SQLFreeStmt( stmt, SQL_RESET_PARAMS );
    ret = SQLNumResultCols( stmt, &size );
[14 Apr 2008 20:50] Miguel Solorzano
Thank you for the bug report. Do you meant a server crash or the client
application crash?. Thanks in advance.
[14 Apr 2008 20:56] Jess Balint
Verified, crashes in ODBC driver.
[14 Apr 2008 21:51] Jess Balint
fix + test

Attachment: bug36069.diff (application/octet-stream, text), 1.47 KiB.

[16 Apr 2008 17:37] Kevin Wicken
I noticed that this fix did not go into 5.01.04

Would it be possible for me to get a build with this fix in it?  I am currently blocked because of this bug.
[17 Apr 2008 19:44] Lawrenty Novitsky
patch approved
[17 Apr 2008 20:48] Jess Balint
Kevin, What is the purpose of calling SQLFreeStmt() in this way? I agree that we needed to fix this because of the crash, but otherwise I see no purpose to this calling sequence.
[18 Apr 2008 3:24] Kevin Wicken
The ODBC function calls are generated for me so I'm not exactly sure the reason they were generated in that sequence(and can't change the sequence).  

I put together the reproducible through an ODBC trace of what was originally a java program.
[6 Jun 2008 19:37] Jess Balint
Committed as rev 1114, will be released in 5.1.5.
[8 Jul 2008 13:08] Tony Bedford
An entry has been added to the 5.1.5 Changelog:

After having successfully established a connection, a crash occurs when calling SQLProcedures() followed by SQLFreeStmt(), using the ODBC C API.