Bad packet of op_execute kills the server -----------------------------------------
Key: CORE-4785 URL: http://tracker.firebirdsql.org/browse/CORE-4785 Project: Firebird Core Issue Type: Bug Components: Engine Affects Versions: 2.5.4 Reporter: Kovalenko Dmitry 0. Connection through TCP/IP (INET) 1. Query: insert into NUM (N_1_0) values (?) 2. input XSQLDA contains one LONG-variable (isc_sql_long). Build code: XSQLDA_V1_Wrapper xsqlda(1); xsqlda->sqld=1; unsigned __int32 xparam0_value=5; short xparam0_ind=0; xsqlda->sqlvar[0].sqltype=isc_api::ibp_isc_sql_long|1; xsqlda->sqlvar[0].sqllen =sizeof(xparam0_value); xsqlda->sqlvar[0].sqldata=reinterpret_cast<char*>(&xparam0_value); xsqlda->sqlvar[0].sqlind =&xparam0_ind; 3. network packet ( op_execute ) P_OP_SQLDATA p_sqldata_statement 2 unsigned short p_sqldata_transaction 1 unsigned short p_sqldata_blr {cstr_length=12 cstr_address=0x00424240 "\x5\x2\x4" } ibp::db_client::fb::protocol::P_CSTRING_CONST cstr_length 12 cstr_address = 05 02 04 00 02 00 08 00 07 00 ff 4c p_sqldata_message_number 0 unsigned short p_sqldata_messages 0 unsigned short p_sqldata_out_blr {cstr_length=0 cstr_address=0x00000000 <NULL> } ibp::db_client::fb::protocol::P_CSTRING_CONST p_sqldata_out_message_number 0 unsigned short p_sqldata_status 0 unsigned long 4. Server crash stack: > fb_inet_server.exe!map_in_out(Jrd::dsql_req * request, Jrd::dsql_msg * > message, unsigned short blr_length, const unsigned char * blr, unsigned short > msg_length, unsigned char * dsql_msg_buf, const unsigned char * > in_dsql_msg_buf) Line 2216 C++ fb_inet_server.exe!execute_request(Jrd::thread_db * tdbb, Jrd::dsql_req * request, Jrd::jrd_tra * * tra_handle, unsigned short in_blr_length, const unsigned char * in_blr, unsigned short in_msg_length, const unsigned char * in_msg, unsigned short out_blr_length, unsigned char * out_blr, unsigned short out_msg_length, unsigned char * out_msg, bool singleton) Line 1267 C++ fb_inet_server.exe!DSQL_execute(Jrd::thread_db * tdbb, Jrd::jrd_tra * * tra_handle, Jrd::dsql_req * request, unsigned short in_blr_length, const unsigned char * in_blr, unsigned short in_msg_type, unsigned short in_msg_length, const unsigned char * in_msg, unsigned short out_blr_length, unsigned char * out_blr, unsigned short out_msg_length, unsigned char * out_msg) Line 273 C++ fb_inet_server.exe!jrd8_execute(__int64 * user_status, Jrd::jrd_tra * * tra_handle, Jrd::dsql_req * * stmt_handle, unsigned short in_blr_length, const char * in_blr, unsigned short in_msg_type, unsigned short in_msg_length, const char * in_msg, unsigned short out_blr_length, char * out_blr, unsigned short __formal, unsigned short out_msg_length, char * out_msg) Line 4049 C++ fb_inet_server.exe!isc_dsql_execute2_m(__int64 * user_status, unsigned int * tra_handle, unsigned int * stmt_handle, unsigned short in_blr_length, const char * in_blr, unsigned short in_msg_type, unsigned short in_msg_length, char * in_msg, unsigned short out_blr_length, char * out_blr, unsigned short out_msg_type, unsigned short out_msg_length, char * out_msg) Line 2725 C++ fb_inet_server.exe!rem_port::execute_statement(P_OP op, p_sqldata * sqldata, packet * sendL) Line 2327 C++ fb_inet_server.exe!process_packet(rem_port * port, packet * sendL, packet * receive, rem_port * * result) Line 3530 C++ fb_inet_server.exe!loopThread(void * __formal) Line 5261 C++ -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://tracker.firebirdsql.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel