Ubuntu
myodbc package

Ubuntu 14.04.1 libmyodbc 5.1.10-3 bug

Bug #1394866 reported by bugproxy
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
myodbc (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

== Comment: #0 - Xiao Yuan Li <email address hidden> - 2014-11-20 21:58:30 ==
---Problem Description---
Ubuntu 14.04.1 libmyodbc 5.1.10-3 reset the row-count loop variable of user application to zero and it results in user application core dump

---uname output---
Linux (none) 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

Machine Type = x64

---Debugger---
A debugger is not configured

---Steps to Reproduce---
 user application query multi-rows data from mysql, libmyodbc function "copy_ansi_result ()" will reset row-count loop variable "j" to 0.
Then it will result in the return value of "SQLGetData()" is "SQL_NO_DATA".
user application will core dump.

int fetch_all_data(SQLHSTMT V_OD_hstmt, DB_RES *res) {
        SQLRETURN V_OD_erg; // result of functions
        DB_ROW row = NULL;
        SQLUSMALLINT i;
        char *temp;
#if USE_SQLLEN
        SQLLEN indicator;
#else
        SQLINTEGER indicator;
#endif
        long j;

        //GRID_LOG_DEBUG(("DEBUG: in fetch\n"));
        res->fetched_rows=malloc((res->row_count+1)*sizeof(char*));
        if (!res->fetched_rows) {
                        GRID_LOG(("ERROR: malloc memory error for fetch."));
                        return -1;
        }
        memset(res->fetched_rows, 0, (res->row_count+1)*sizeof(char*));
        for(j=0;j<res->row_count;j++){//fetch each row
                V_OD_erg = SQLFetchScroll(V_OD_hstmt,SQL_FETCH_NEXT,0);
                if(!SQL_SUCCEEDED(V_OD_erg)){
                        free(res->fetched_rows);
                        return -1;
                        }
                row=malloc(res->field_count*sizeof(char*));
                if (!row) {
                                free(res->fetched_rows);
                                GRID_LOG(("ERROR: malloc memory error for fetch(first)."));
                                return -1;
                }
                memset(row, 0, res->field_count*sizeof(char*));
                for (i = 1; i <= res->field_count; i++) {//get each column for each row
                    V_OD_erg = SQLGetData(V_OD_hstmt, i, SQL_C_CHAR, NULL, 0, (SQLLEN *) (&indicator));//get the column length
                        if (SQL_SUCCEEDED(V_OD_erg)) {
                                /* Handle null columns */
                                if (indicator == SQL_NULL_DATA){
temp=malloc(1);//for some propramm use dbodbc_row[0] directly, not check if the result of dbodbc_fetch_row is NULL or not
                                        if (!temp) {
                                                free(res->fetched_rows);
                                                GRID_LOG(("ERROR: malloc memory error for fetch(third)."));
                                                return -1;
                                }
                                        memset(temp, 0, 1);
                                        row[i-1]=temp;
                                        //GRID_LOG_DEBUG(("DEBUG: Column %u :NULL\n", i));
                                }else{
                                        temp=malloc(indicator+1);
                                        if (!temp) {
                                                free(res->fetched_rows);
                                                GRID_LOG(("ERROR: malloc memory error for fetch(third)."));
                                                return -1;
                            }
                                        memset(temp, 0, indicator+1);
                                        V_OD_erg = SQLGetData(V_OD_hstmt, i, SQL_C_CHAR, temp, indicator+1, (SQLLEN *) (&indicator));//get the column data
                                        row[i-1]=temp;
                        //GRID_LOG_DEBUG(("DEBUG: Column %u [%d]: %s\n", i,indicator, temp));
                                }
                        }else{ temp=malloc(1);//for some propramm use dbodbc_row[0] directly, not check if the result of dbodbc_fetch_row is NULL or not
                                if (!temp) {
                                        free(res->fetched_rows);
                                        GRID_LOG(("ERROR: malloc memory error for fetch(third)."));
                                        return -1;
                        }
                                memset(temp, 0, 1);
                                row[i-1]=temp;
                                GRID_LOG(("ERROR: get the column length failed!\n"));
                        }
                }//end for i
                //GRID_LOG_DEBUG(("DEBUG: Fetched [%d] Column\n", res->field_count));
                res->fetched_rows[j]=row;
        }//end for j
        res->current_row_num=0;
        return 0;
}
----following is gdb debug info---
please refer the following gdb info and i is res->field_count/j is res->row_count

mysql> select id from lic_pollers order by id (this is the following query sql)
    -> ;
+----+
| id |
+----+
| 1 |
| 2 |
+----+
2 rows in set (0.03 sec)

11/10/2014 12:16:09 AM - LIC field_count=1, row_count=2
484 fetch_ret=fetch_all_data(V_OD_hstmt,res);
(gdb) s
fetch_all_data (V_OD_hstmt=0x647280, res=0x647dc0) at database.c:669
669 DB_ROW row = NULL;
(gdb) n
679 GRID_LOG_DEBUG(("DEBUG: in fetch\n"));
(gdb)
11/10/2014 12:16:15 AM - LIC DEBUG: in fetch
680 res->fetched_rows=malloc((res->row_count+1)*sizeof(char*));
(gdb) watch i
Hardware watchpoint 2: i
(gdb) watch j
Hardware watchpoint 3: j
(gdb) n
681 if (!res->fetched_rows) {
(gdb) n
685 memset(res->fetched_rows, 0, (res->row_count+1)*sizeof(char*));
(gdb)
686 for(j=0;j<res->row_count;j++){//fetch each row
(gdb)
Hardware watchpoint 3: j

Old value = 140737488345312
New value = 0
0x000000000040728c in fetch_all_data (V_OD_hstmt=0x647280, res=0x647dc0) at database.c:686
686 for(j=0;j<res->row_count;j++){//fetch each row
(gdb)
687 V_OD_erg = SQLFetchScroll(V_OD_hstmt,SQL_FETCH_NEXT,0);
(gdb)
688 if(!SQL_SUCCEEDED(V_OD_erg)){
(gdb)
692 row=malloc(res->field_count*sizeof(char*));
(gdb)
693 if (!row) {
(gdb)
698 memset(row, 0, res->field_count*sizeof(char*));
(gdb)
699 for (i = 1; i <= res->field_count; i++) {//get each column for each row
(gdb)
Hardware watchpoint 2: i

Old value = 0
New value = 1
0x0000000000407342 in fetch_all_data (V_OD_hstmt=0x647280, res=0x647dc0) at database.c:699
699 for (i = 1; i <= res->field_count; i++) {//get each column for each row
(gdb)
700 V_OD_erg = SQLGetData(V_OD_hstmt, i, SQL_C_CHAR, NULL, 0, (SQLLEN *) (&indicator));//get the column length
(gdb)
701 if (SQL_SUCCEEDED(V_OD_erg)) {
(gdb)
703 if (indicator == SQL_NULL_DATA){
(gdb)
714 temp=malloc(indicator+1);
(gdb)
715 if (!temp) {
(gdb)
720 memset(temp, 0, indicator+1);
(gdb)
721 V_OD_erg = SQLGetData(V_OD_hstmt, i, SQL_C_CHAR, temp, indicator+1, (SQLLEN *) (&indicator));//get the column data
(gdb)
722 row[i-1]=temp;
(gdb)
723 GRID_LOG_DEBUG(("DEBUG: Column %u [%d]: %s\n", i,indicator, temp));
(gdb)
11/10/2014 12:17:05 AM - LIC DEBUG: Column 1 [1]: 1
699 for (i = 1; i <= res->field_count; i++) {//get each column for each row
(gdb)
Hardware watchpoint 2: i

Old value = 1
New value = 2
0x0000000000407591 in fetch_all_data (V_OD_hstmt=0x647280, res=0x647dc0) at database.c:699
699 for (i = 1; i <= res->field_count; i++) {//get each column for each row
(gdb) n
737 GRID_LOG_DEBUG(("DEBUG: Fetched [%d] Column\n", res->field_count));
(gdb)
11/10/2014 12:17:18 AM - LIC DEBUG: Fetched [1] Column
738 res->fetched_rows[j]=row;
(gdb)
686 for(j=0;j<res->row_count;j++){//fetch each row
(gdb) n
Hardware watchpoint 3: j

Old value = 0
New value = 1
0x00000000004075eb in fetch_all_data (V_OD_hstmt=0x647280, res=0x647dc0) at database.c:686
686 for(j=0;j<res->row_count;j++){//fetch each row
(gdb)
687 V_OD_erg = SQLFetchScroll(V_OD_hstmt,SQL_FETCH_NEXT,0);
(gdb)
688 if(!SQL_SUCCEEDED(V_OD_erg)){
(gdb) n
692 row=malloc(res->field_count*sizeof(char*));
(gdb) n
693 if (!row) {
(gdb) n
698 memset(row, 0, res->field_count*sizeof(char*));
(gdb)
699 for (i = 1; i <= res->field_count; i++) {//get each column for each row
(gdb)
Hardware watchpoint 2: i

Old value = 2
New value = 1
0x0000000000407342 in fetch_all_data (V_OD_hstmt=0x647280, res=0x647dc0) at database.c:699
699 for (i = 1; i <= res->field_count; i++) {//get each column for each row
(gdb) n
700 V_OD_erg = SQLGetData(V_OD_hstmt, i, SQL_C_CHAR, NULL, 0, (SQLLEN *) (&indicator));//get the column length
(gdb)
Hardware watchpoint 3: j

Old value = 1
New value = 0
0x00007ffff6aa3685 in copy_ansi_result () from /usr/lib/x86_64-linux-gnu/odbc/libmyodbc.so

Userspace tool common name: libmyodbc

The userspace tool has the following bit modes: 64-bit

Userspace rpm: libmyodbc-5.1.10-3

Userspace tool obtained from project website: na

bugproxy (bugproxy)
tags: added: architecture-x8664 bugnameltc-119128 severity-critical targetmilestone-inin14041
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https://wiki.ubuntu.com/Bugs/FindRightPackage. You might also ask for help in the #ubuntu-bugs irc channel on Freenode.

To change the source package that this bug is filed about visit https://bugs.launchpad.net/ubuntu/+bug/1394866/+editstatus and add the package name in the text box next to the word Package.

[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]

tags: added: bot-comment
San Chen LvLiang (cj-three)
affects: ubuntu → myodbc (Ubuntu)
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2014-12-01 15:01 EDT-------
Any updates from Canonical on this?

Revision history for this message
bugproxy (bugproxy) wrote : gdb bt full

------- Comment on attachment From <email address hidden> 2014-12-12 07:59 EDT-------

add gdb bt full info

Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2015-01-19 17:24 EDT-------
There is no change in this bug for more than 1 month. What are the next steps here?

Luciano Chavez (lnx1138)
Changed in myodbc (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.