Integer underflow while processing packets
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Drizzle Client & Protocol Library |
New
|
Undecided
|
Unassigned |
Bug Description
When I was trying to buffer results for prepared statements using "drizzle_
Debug log:
.....
DEBUG: drizzle_
DEBUG: buffer_size= 130, packet_size= 62, packet_number= 51
DEBUG: drizzle_
DEBUG: drizzle_
DEBUG: buffer_size= 64, packet_size= 32, packet_number= 52
DEBUG: drizzle_
DEBUG: drizzle_
DEBUG: buffer_size= 28, packet_size= 62, packet_number= 53
DEBUG: drizzle_
DEBUG: drizzle_
** FATAL : [9] drizzle_
I did some modifications to print out "con->buffer_size", and I got:
.....
DEBUG: buffer_size= 64, packet_size= 32, packet_number= 52
DEBUG: drizzle_
DEBUG: drizzle_
DEBUG: buffer_size= 28, packet_size= 62, packet_number= 53
DEBUG: drizzle_
DEBUG: drizzle_
** FATAL : [9] drizzle_
Here we can see "con->buffer_size" was underflowed.
This happens every time when the SQL gives a large set of rows, and we can see the "buffer_size" field is smaller than "packet_size". So I guess the response packet was not complete that causes the integer underflow.
I did some possible fix in "state.cc", the attachment is the diff file.
Test code:
static void fatal(drizzle_
{
fprintf(stderr, "** FATAL : [%d] %s\n", (int)ret, drizzle_
exit(ret);
}
int main()
{
drizzle_st *con = drizzle_
con->verbose = DRIZZLE_
drizzle_
if ((ret = drizzle_
fatal(ret, con);
const char *query= "SELECT id, state, result, timestamp FROM some_table WHERE state = ?";
drizzle_stmt_st *stmt = drizzle_
printf("params: %" PRIu16 "\n", drizzle_
if ((ret = drizzle_
fatal(ret, con);
printf(
if ((ret = drizzle_
fatal(ret, con);
printf(
if ((ret = drizzle_
fatal(ret, con);
while ((ret = drizzle_
{
size_t size;
const char *id = drizzle_
const char *state = drizzle_
const char *result = drizzle_
const char *timestamp = drizzle_
}
printf("rows found: %" PRIu64 "\n", drizzle_
drizzle_
printf(
drizzle_
return 0;
}
seeing the low activity in this project, I doubt your bug will be looked at here. You could however report it to https:/ /github. com/sociomantic -tsunami/ libdrizzle- redux