From e50571e3ab03ab78fb4f9ff3d4ce469b88e94f6f Mon Sep 17 00:00:00 2001 From: Georg Richter Date: Mon, 15 May 2017 14:11:59 +0200 Subject: [PATCH] Disallow bulk execution if parameter count is 0 --- include/errmsg.h | 1 + libmariadb/ma_errmsg.c | 1 + libmariadb/mariadb_stmt.c | 10 +++++++++- unittest/libmariadb/bulk1.c | 33 ++++++++++++++++++++++++++++++++- 4 files changed, 43 insertions(+), 2 deletions(-) diff --git a/include/errmsg.h b/include/errmsg.h index a6600b4b..f4af5288 100644 --- a/include/errmsg.h +++ b/include/errmsg.h @@ -95,5 +95,6 @@ extern const char *mariadb_client_errors[]; /* Error messages */ #define CR_FUNCTION_NOT_SUPPORTED 5003 #define CR_FILE_NOT_FOUND 5004 #define CR_FILE_READ 5005 +#define CR_BULK_WITHOUT_PARAMETERS 5006 #endif diff --git a/libmariadb/ma_errmsg.c b/libmariadb/ma_errmsg.c index cfb3027f..5c7884b3 100644 --- a/libmariadb/ma_errmsg.c +++ b/libmariadb/ma_errmsg.c @@ -156,6 +156,7 @@ const char *mariadb_client_errors[] = /* 5003 */ "Server doesn't support function '%s'", /* 5004 */ "File '%s' not found (Errcode: %d)", /* 5005 */ "Error reading file '%s' (Errcode: %d)", + /* 5006 */ "Bulk operation without parameters is not supported", "" }; diff --git a/libmariadb/mariadb_stmt.c b/libmariadb/mariadb_stmt.c index 566a5cec..a73827a8 100644 --- a/libmariadb/mariadb_stmt.c +++ b/libmariadb/mariadb_stmt.c @@ -831,11 +831,18 @@ unsigned char* mysql_stmt_execute_generate_bulk_request(MYSQL_STMT *stmt, size_t if (!MARIADB_STMT_BULK_SUPPORTED(stmt)) { - stmt_set_error(stmt, CR_FUNCTION_NOT_SUPPORTED, SQLSTATE_UNKNOWN, + stmt_set_error(stmt, CR_FUNCTION_NOT_SUPPORTED, "IM001", CER(CR_FUNCTION_NOT_SUPPORTED), "Bulk operation"); return NULL; } + if (!stmt->param_count) + { + stmt_set_error(stmt, CR_BULK_WITHOUT_PARAMETERS, "IM001", + CER(CR_BULK_WITHOUT_PARAMETERS), "Bulk operation"); + return NULL; + } + /* preallocate length bytes */ if (!(start= p= (uchar *)malloc(length))) goto mem_error; @@ -903,6 +910,7 @@ unsigned char* mysql_stmt_execute_generate_bulk_request(MYSQL_STMT *stmt, size_t switch (stmt->params[i].buffer_type) { case MYSQL_TYPE_NULL: has_data= FALSE; + indicator= STMT_INDICATOR_NULL; break; case MYSQL_TYPE_TINY_BLOB: case MYSQL_TYPE_MEDIUM_BLOB: diff --git a/unittest/libmariadb/bulk1.c b/unittest/libmariadb/bulk1.c index 6ec97e50..21f92f22 100644 --- a/unittest/libmariadb/bulk1.c +++ b/unittest/libmariadb/bulk1.c @@ -597,16 +597,47 @@ static int test_conc243(MYSQL *mysql) return OK; } +static int bulk7(MYSQL *mysql) +{ + MYSQL_STMT *stmt= mysql_stmt_init(mysql); + int rc; + int array_size= 5; + + rc= mysql_query(mysql, "DROP TABLE IF EXISTS t1"); + check_mysql_rc(rc, mysql); + rc= mysql_query(mysql, "CREATE TABLE t1 (a int)"); + check_mysql_rc(rc, mysql); + rc= mysql_query(mysql, "INSERT INTO t1 VALUES (1)"); + check_mysql_rc(rc, mysql); + + rc= mysql_stmt_prepare(stmt, "UPDATE t1 SET a=a+1", -1); + check_stmt_rc(rc, stmt); + + rc= mysql_stmt_attr_set(stmt, STMT_ATTR_ARRAY_SIZE, &array_size); + check_stmt_rc(rc, stmt); + rc= mysql_stmt_execute(stmt); + + FAIL_IF(!rc, "Error expected: Bulk operation without parameters is not supported"); + diag("%s", mysql_stmt_error(stmt)); + + mysql_stmt_close(stmt); + rc= mysql_query(mysql, "DROP TABLE t1"); + check_mysql_rc(rc, mysql); + + return OK; +} + struct my_tests_st my_tests[] = { {"check_bulk", check_bulk, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, {"test_conc243", test_conc243, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, + {"update_no_param", bulk7, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, {"bulk5", bulk5, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, {"bulk6", bulk6, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, {"bulk1", bulk1, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, {"bulk2", bulk2, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, {"bulk3", bulk3, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, {"bulk4", bulk4, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, -// {"bulk_null", bulk_null, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, + {"bulk_null", bulk_null, TEST_CONNECTION_DEFAULT, 0, NULL, NULL}, {NULL, NULL, 0, 0, NULL, NULL} };