Skip Menu |
 

This queue is for tickets about the DBD-SQLite CPAN distribution.

Report information
The Basics
Id: 73787
Status: resolved
Priority: 0/
Queue: DBD-SQLite

People
Owner: Nobody in particular
Requestors: gamesh.g [...] gmail.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: sqlite_see_if_its_a_number causes a buffer overflow
Date: Fri, 6 Jan 2012 09:35:26 +0000
To: bug-DBD-SQLite [...] rt.cpan.org
From: Gil Gamesh <gamesh.g [...] gmail.com>
Download (untitled) / with headers
text/plain 820b
The following code produces a crash. An SQLite database table is being searched for a particular string. The code for the table is given after __DATA__ - but the table can be empty and the crash still happens. If the line 'sqlite_see_if_its_a_number => 1' is commented out there is no crash. I've attached the backtrace and memory map in a text file. I'm running Kubuntu 11.10 on an i386 machine. J. use 5.012; use DBI; my $dbh = DBI->connect( qq{dbi:SQLite:dbname=mincase.db}, q{}, q{}, { sqlite_see_if_its_a_number => 1, } ) or croak $DBI::errstr; my $db_row = $dbh->selectrow_hashref( qq{SELECT id FROM ip_address WHERE name = ?}, {}, '552000.60e40deb.9b25d191.ip' ); exit; __DATA__ CREATE TABLE ip_address ( id INTEGER PRIMARY KEY, name text NOT NULL UNIQUE );
Download Backtrace.txt
text/plain 4.5k

Message body is not shown because sender requested not to inline it.

Download (untitled) / with headers
text/plain 996b
Fixed the trunk with a test. Thanks. On Fri Jan 06 18:35:36 2012, gamesh.g@gmail.com wrote: Show quoted text
> The following code produces a crash. An SQLite database table is > being searched for a particular string. The code for the table is
given Show quoted text
> after __DATA__ - but the table can be empty and the crash still
happens. Show quoted text
> > If the line 'sqlite_see_if_its_a_number => 1' is commented out there
is Show quoted text
> no crash. > > I've attached the backtrace and memory map in a text file. > > I'm running Kubuntu 11.10 on an i386 machine. > > J. > > > use 5.012; > use DBI; > > my $dbh = DBI->connect( > qq{dbi:SQLite:dbname=mincase.db}, > q{}, q{}, > { > sqlite_see_if_its_a_number => 1, > } > ) or croak $DBI::errstr; > > > my $db_row = $dbh->selectrow_hashref( > qq{SELECT id FROM ip_address WHERE name = ?}, > {}, > '552000.60e40deb.9b25d191.ip' > ); > > exit; > > __DATA__ > CREATE TABLE ip_address ( > id INTEGER PRIMARY KEY, > name text NOT NULL UNIQUE > );
DBD::SQLite 1.36_01 with the fix is released. Thanks.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.