229065 – double ?? in prepare causes seg fault on execute

Bug 229065 - double ?? in prepare causes seg fault on execute

Summary: double ?? in prepare causes seg fault on execute

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	perl-DBD-Pg
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Marcela Mašláňová
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-02-16 19:30 UTC by Robert Haas
Modified:	2008-03-27 07:16 UTC (History)
CC List:	2 users (show)
Fixed In Version:	perl-DBD-Pg-1.49-5.fc8.2
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-03-27 07:16:28 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Robert Haas 2007-02-16 19:30:26 UTC

Description of problem:
If you attempt to prepare and execute a statement that contains "??", perl seg
faults.

Version-Release number of selected component (if applicable):
perl-5.8.8-10
perl-DBI-1.52-1.fc6
perl-DBD-Pg-1.49-1.fc6
postgresql-8.1.8-1.fc6

How reproducible:

require DBI;
my $dbh = DBI->connect('DBI:Pg:');
my $sth = $dbh->prepare("SELECT foo(??)");
$sth->execute(1, 1);

Steps to Reproduce:
1. Put the script above into a file
2. Fiddle connection string if necessary.  Any valid database will cause the
same result.
3. Feed it to perl.
 
Actual results:
Segmentation fault

Expected results:
Query gets executed and succeeds or fails or whatever the case may be.

Additional info:
I also tried this on an FC4 system with the same result, so it's not a new
regression.

Comment 1 Robert Haas 2008-01-17 21:47:29 UTC

This bug still exists in Fedora Core 7.

perl-5.8.8-27.fc7
perl-DBI-1.53-2.fc7
perl-DBD-Pg-1.49-3.fc7
postgresql-8.2.6-1.fc7

Comment 2 Jan Pazdziora 2008-03-05 13:20:40 UTC

Reproduced in F8 with perl-DBD-Pg-1.49-5.fc8.1.

With DBD-Pg-2.2.2 from CPAN, I get

DBD::Pg::st execute failed: ERROR:  syntax error at or near "$2"
LINE 1: SELECT foo($1$2)
                     ^ at -e line 1.

so the problem seems to be properly fixed there.

Comment 3 Jan Pazdziora 2008-03-05 13:29:57 UTC

And the patch to fix this in 1.49 is here:

http://svn.perl.org/viewvc/modules/DBD-Pg/trunk/dbdimp.c?r1=10445&r2=10479

So ... we will either want to use 2.2.2+ in Fedora 9, or apply that patch to
1.49. Which one will it be?

Comment 4 Marcela Mašláňová 2008-03-06 13:54:48 UTC

I'd like to use 2.2.2 version, but I wait for perl-5.10.

Comment 5 Marcela Mašláňová 2008-03-11 15:40:49 UTC

F-7 and F-8 will be updated soon. The rawhide should be fixed with new version
of package.

Comment 6 Fedora Update System 2008-03-11 15:44:46 UTC

perl-DBD-Pg-1.49-5.fc8.2 has been submitted as an update for Fedora 8

Comment 7 Fedora Update System 2008-03-11 16:15:00 UTC

perl-DBD-Pg-1.49-4.fc7 has been submitted as an update for Fedora 7

Comment 8 Fedora Update System 2008-03-13 07:45:43 UTC

perl-DBD-Pg-1.49-4.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update perl-DBD-Pg'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F7/FEDORA-2008-2440

Comment 9 Fedora Update System 2008-03-26 17:17:55 UTC

perl-DBD-Pg-1.49-5.fc8.2 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2008-03-26 17:19:24 UTC

perl-DBD-Pg-1.49-4.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.