Fix for CONPY-175:

Since memory for stack allocation is limited, we need to allocate memory from the heap, otherwise in case of large strings escape_string method might crash.
mariadb-corporation · Nov 2, 2021 · eb48926 · eb48926
1 parent d3eafac
commit eb48926
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/mariadb/mariadb_connection.c b/mariadb/mariadb_connection.c
@@ -681,9 +681,13 @@ static PyObject *MrdbConnection_escape_string(MrdbConnection *self,
         return NULL;
 
     from= (char *)PyUnicode_AsUTF8AndSize(string, (Py_ssize_t *)&from_length);
-    to= (char *)alloca(from_length * 2 + 1);
+    if (!(to= (char *)PyMem_RawCalloc(1, from_length * 2 + 1)))
+    {
+        return NULL;
+    }
     to_length= mysql_real_escape_string(self->mysql, to, from, (unsigned long)from_length);
     new_string= PyUnicode_FromStringAndSize(to, to_length);
+    PyMem_Free(to);
     return new_string;
 }
 /* }}} */

diff --git a/testing/test/integration/test_connection.py b/testing/test/integration/test_connection.py
@@ -219,5 +219,14 @@ def test_server_status(self):
         con.autocommit= False
         self.assertTrue(not con.server_status & STATUS.AUTOCOMMIT)
 
+    def test_conpy175(self):
+        default_conf= conf()
+        c1 = mariadb.connect(**default_conf)
+        str= '"' * 4194304
+        newstr= c1.escape_string(str);
+        self.assertEqual(newstr, '\\"' * 4194304)
+        c1.close()
+
+
 if __name__ == '__main__':
     unittest.main()