You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
there is, as explained in issues JDBC58 and CORE1217, a bug in Firebird engine : string parameters get truncated and this may lead to a FB server crash.
There is a workaround in JayBird (class org.firebirdsql.jdbc.field.FBWorkaroundStringField, method setString) to prevent server from crashing.
This method throws a java.sql.DataTruncation as soon as possible (before sending the sql request to the database server).
Workaround is :
if (data.length > field.sqllen && !isSystemTable(field.relname)) {
// special handling for the LIKE ? queries with CHAR(1) fields
if (!(value.length() <= field.sqllen + 2 && value.charAt(0) == '%' && value.charAt(value.length() - 1) == '%')) {
throw new DataTruncation(-1, true, false, data.length, field.sqllen);
}
}
Requests like "SELECT * FROM COMPANY WHERE NAME LIKE ?" with a parameter whose length is higher than the NAME column length should not fail but return an empty resultset.
I'll attach a java class to reproduce the parameter problem using JDK6 + JayBird 2.1.6 + FB 2.1.3.
If you run it with a patched JayBird driver (commented workaround lines in org.firebirdsql.jdbc.field.FBWorkaroundStringField), you'll see that insert or update queries do not fail if the new value length for the NAME column is 11 or 12 (data gets silently truncated to maximum length of 10 in the engine) but fail if new length is >= 13.
I'll try to reproduce the test case in Delphi.
Regards,
Sylvain
The text was updated successfully, but these errors were encountered:
I created this issue to summarize old issues. I just quoted comment of Alice F. Bird in JDBC58
"All Firebird versions marked the database connection invalid
(all subsequent operations on this connection throw
"operation was cancelled" exception and if I remember
correctly, 1.0.x versions simply crashed). Therefore it was
decided that JDBC driver does the check for the allowed
maximum length before sending data to the engine."
Again, think about another people.
If engine crashed - this is critical bug and it should be fixed ASAP. Else - don't use such words, please !
There is no needs to create new ticket just to summarize another ticket(s).
There is CORE1217 and you can add comments and attachments there is you wish.
Submitted by: Sylvain Dusart (sdusart)
Attachments:
FBParametersTestCase.java
testcase_output.txt
testcase_output_with_jaybird_workaround_removed.txt
Votes: 1
Hi,
there is, as explained in issues JDBC58 and CORE1217, a bug in Firebird engine : string parameters get truncated and this may lead to a FB server crash.
There is a workaround in JayBird (class org.firebirdsql.jdbc.field.FBWorkaroundStringField, method setString) to prevent server from crashing.
This method throws a java.sql.DataTruncation as soon as possible (before sending the sql request to the database server).
Workaround is :
if (data.length > field.sqllen && !isSystemTable(field.relname)) {
// special handling for the LIKE ? queries with CHAR(1) fields
if (!(value.length() <= field.sqllen + 2 && value.charAt(0) == '%' && value.charAt(value.length() - 1) == '%')) {
throw new DataTruncation(-1, true, false, data.length, field.sqllen);
}
}
Requests like "SELECT * FROM COMPANY WHERE NAME LIKE ?" with a parameter whose length is higher than the NAME column length should not fail but return an empty resultset.
I'll attach a java class to reproduce the parameter problem using JDK6 + JayBird 2.1.6 + FB 2.1.3.
If you run it with a patched JayBird driver (commented workaround lines in org.firebirdsql.jdbc.field.FBWorkaroundStringField), you'll see that insert or update queries do not fail if the new value length for the NAME column is 11 or 12 (data gets silently truncated to maximum length of 10 in the engine) but fail if new length is >= 13.
I'll try to reproduce the test case in Delphi.
Regards,
Sylvain
The text was updated successfully, but these errors were encountered: