odbc driver crashes on linux with unixodbc

Mon, 17 Oct 2005 01:37:22 -0700 

In SqlDisconnect the odbc driver returns 
 
SQL_SUCCESS_WITH_INFO
 
                /* ESQ disconnect ok? */
                if (dbc_block_ptr->esqblk.esq_sql_code != 0) {
                    /* if disconnect failes with one of the following
codes
                     * we are not connected anymore.
                     * So return SQL_SUCCESS_WITH_INFO and not SQL_ERROR
*/
                    /* cpr_no_session_connected: */
                    if( dbc_block_ptr->esqblk.esq_sql_code == -807
                        /* cpr_reflex_timeout: */
                        || dbc_block_ptr->esqblk.esq_sql_code == 700
                        /* cpr_reflex_start_required: */
                        || dbc_block_ptr->esqblk.esq_sql_code == -813
                        /* cpr_reflex_crash */
                        || dbc_block_ptr->esqblk.esq_sql_code == 800
                        /* cpr_reflex_shutdown */
                        || dbc_block_ptr->esqblk.esq_sql_code == -708) {
                        retcode = SQL_SUCCESS_WITH_INFO;
 
But unixodbc make a call to SQLGetDiagField by passing the same handle
to get the info.
 
But in vpa80String.c:728 the program crashes with sigsegv because the
dsname string has already been freed in call to SQLDisconnect.
 
                if (retcode != SQL_ERROR) {
                    dbc_block_ptr -> state = API_DBC_ALLOCATED;
                    dbc_block_ptr -> connectionDead = API_TRUE;
                    /* free any remaining stmts   */
                    hstmt = dbc_block_ptr -> child_hstmt;
                    dbc_block_ptr -> serverdb[0] = '\0';
                    dbc_block_ptr -> servernode[0] = '\0';
                    dbc_block_ptr -> kernelVersionString[0] = '\0';
                    while (hstmt != 0) {
                        tpa60Stmt *stmt_block_ptr;
                        RETCODE ret;
                        stmt_block_ptr = (tpa60Stmt FAR
*)apdlock(hstmt);
                        API_ASSERT_PTR(stmt_block_ptr);
                        stmt_block_ptr -> state = API_STMT_ALLOCATED;
                        /* stmt_block_ptr -> hstmt_setpos =
API_NULL_HANDLE;
                        */
                        ret = pa60DropStmt( hstmt );
                        if (ret != SQL_SUCCESS) {
                            retcode = SQL_SUCCESS_WITH_INFO;
                            pa40PutError( hdbc, API_ODBC_01002, NULL);
                            /* disconnect error */
                            break;
                        } /* of if ret is OK */
                        hstmt = dbc_block_ptr -> child_hstmt;
                    } /* of while */
                    /* free tpr05_strings,
 
http://pts:1080/webpts?wptsdetail=yes&ErrorType=0&ErrorID=1127862 */
                    pr05IfCom_String_DeleteString
(dbc_block_ptr->userid);
                    pr05IfCom_String_DeleteString
(dbc_block_ptr->passw);
                    pr05IfCom_String_DeleteString
(dbc_block_ptr->dsname);
                    pr05IfCom_String_DeleteString
(dbc_block_ptr->driverConnectStr);
                    dbc_block_ptr->userid = dbc_block_ptr->passw
= NULL;
                    dbc_block_ptr->dsname =
dbc_block_ptr->driverConnectStr = NULL;
                }; /* if */
                /*           PA09LEAVEASYNCFUNCTION(); */
 
Is this a bug ??
 
Regards
Srinidhi

Reply via email to