From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from [87.239.111.99] (localhost [127.0.0.1]) by dev.tarantool.org (Postfix) with ESMTP id 8D775714AA; Tue, 5 Oct 2021 15:49:41 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 8D775714AA DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev; t=1633438181; bh=G4YCxrAMK9ONGybFs0jajp1n+mLO4eLQEvD4SkCkQYA=; h=To:Cc:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=QsqEcH+M6Jdxv15Tm8GJSHZeJRs6nVEsVOAopjyIom8KSuLOT+3pA6sqi/UgvSy8y SMya867skpvvG6btME1GbDnEofKxUI9kzJhqNYMig2+WaCqGDBfhEsDyqFNIwQfn08 Kmcxix0v0LYEr4IRSMkbBjVDpFIuY5P6/I4vtXHo= Received: from smtpng1.i.mail.ru (smtpng1.i.mail.ru [94.100.181.251]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 7B70E714AA for ; Tue, 5 Oct 2021 15:49:40 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 7B70E714AA Received: by smtpng1.m.smailru.net with esmtpa (envelope-from ) id 1mXjt5-0006hx-RO; Tue, 05 Oct 2021 15:49:40 +0300 To: imun@tarantool.org Cc: tarantool-patches@dev.tarantool.org Date: Tue, 5 Oct 2021 15:49:39 +0300 Message-Id: X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-7564579A: EEAE043A70213CC8 X-77F55803: 4F1203BC0FB41BD9064ADF4728AA0EE950704E1C1E1FED60C49BF516B31B232E182A05F538085040BE8D82952DF6DA40E2889D8EF1B19D55001CA0BE3829B3CE0D3819BDD15F284E X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE78044725E6B9C7F2CEA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F7900637EFACF7FB96444C4B8638F802B75D45FF36EB9D2243A4F8B5A6FCA7DBDB1FC311F39EFFDF887939037866D6147AF826D8CBD8D914DC0A4EA773D7AE84A408010A117882F4460429724CE54428C33FAD305F5C1EE8F4F765FCAA867293B0326636D2E47CDBA5A96583BD4B6F7A4D31EC0BC014FD901B82EE079FA2833FD35BB23D27C277FBC8AE2E8BAA867293B0326636D2E47CDBA5A96583BA9C0B312567BB231DD303D21008E29813377AFFFEAFD269A417C69337E82CC2E827F84554CEF50127C277FBC8AE2E8BA83251EDC214901ED5E8D9A59859A8B66F6A3E018CF4DC80089D37D7C0E48F6C5571747095F342E88FB05168BE4CE3AF X-C1DE0DAB: C20DE7B7AB408E4181F030C43753B8186998911F362727C414F749A5E30D975C80CE368667DD8FDEBE52E2D38F0A7793792CC05E0F693D699C2B6934AE262D3EE7EAB7254005DCEDFB29427B7C22B3881E0A4E2319210D9B64D260DF9561598F01A9E91200F654B00191F08AA555D0B08E8E86DC7131B365E7726E8460B7C23C X-C8649E89: 4E36BF7865823D7055A7F0CF078B5EC49A30900B95165D34EE19B6E2433CA0934012EB21E32333F92CE942F593438B49420A67DC6A13708F32E65E564D5FDF1C1D7E09C32AA3244C96D840D621BB87CAF4E031C72970936C64EE5813BBCA3A9D729B2BEF169E0186 X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojhAh8SZXECpDIWPJhlK+jSw== X-Mailru-Sender: 689FA8AB762F7393C37E3C1AEC41BA5DAA8E6E364D13B9E0D1ED12789D39445683D72C36FC87018B9F80AB2734326CD2FB559BB5D741EB96352A0ABBE4FDA4210A04DAD6CC59E33667EA787935ED9F1B X-Mras: Ok Subject: [Tarantool-patches] [PATCH v1 1/1] sql: fix a segfault in hex() on receiving zeroblob X-BeenThere: tarantool-patches@dev.tarantool.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Mergen Imeev via Tarantool-patches Reply-To: imeevma@tarantool.org Errors-To: tarantool-patches-bounces@dev.tarantool.org Sender: "Tarantool-patches" This patch fixes a segmentation fault when zeroblob is received by the SQL built-in HEX() function. Closes #6113 --- https://github.com/tarantool/tarantool/issues/6113 https://github.com/tarantool/tarantool/tree/imeevma/gh-6113-fix-hex-segfault-2.8 .../unreleased/gh-6113-fix-segfault-in-hex-func.md | 4 ++++ src/box/sql/func.c | 10 ++++++++-- test/sql-tap/engine.cfg | 1 + .../gh-6113-assert-in-hex-on-zeroblob.test.lua | 13 +++++++++++++ 4 files changed, 26 insertions(+), 2 deletions(-) create mode 100644 changelogs/unreleased/gh-6113-fix-segfault-in-hex-func.md create mode 100755 test/sql-tap/gh-6113-assert-in-hex-on-zeroblob.test.lua diff --git a/changelogs/unreleased/gh-6113-fix-segfault-in-hex-func.md b/changelogs/unreleased/gh-6113-fix-segfault-in-hex-func.md new file mode 100644 index 000000000..d9bd9e279 --- /dev/null +++ b/changelogs/unreleased/gh-6113-fix-segfault-in-hex-func.md @@ -0,0 +1,4 @@ +## bugfix/sql + +* The HEX() SQL built-in function no longer throw an assert when its argument + consist of zero-bytes (gh-6113). diff --git a/src/box/sql/func.c b/src/box/sql/func.c index a5f1259cd..98670c6d7 100644 --- a/src/box/sql/func.c +++ b/src/box/sql/func.c @@ -1221,15 +1221,21 @@ hexFunc(sql_context * context, int argc, sql_value ** argv) UNUSED_PARAMETER(argc); pBlob = mem_as_bin(argv[0]); n = mem_len_unsafe(argv[0]); + assert((argv[0]->flags & MEM_Zero) == 0 || + argv[0]->type == MEM_TYPE_BIN); + int zero_len = (argv[0]->flags & MEM_Zero) == 0 ? 0 : argv[0]->u.nZero; assert(pBlob == mem_as_bin(argv[0])); /* No encoding change */ z = zHex = contextMalloc(context, ((i64) n) * 2 + 1); if (zHex) { - for (i = 0; i < n; i++, pBlob++) { + for (i = 0; i < n - zero_len; i++, pBlob++) { unsigned char c = *pBlob; *(z++) = hexdigits[(c >> 4) & 0xf]; *(z++) = hexdigits[c & 0xf]; } - *z = 0; + assert(i == n || (argv[0]->flags & MEM_Zero) != 0); + assert(n == zero_len + i); + memset(z, '0', 2 * zero_len); + z[2 * zero_len] = '\0'; sql_result_text(context, zHex, n * 2, sql_free); } } diff --git a/test/sql-tap/engine.cfg b/test/sql-tap/engine.cfg index 8e15625f4..9f1811481 100644 --- a/test/sql-tap/engine.cfg +++ b/test/sql-tap/engine.cfg @@ -22,6 +22,7 @@ }, "gh-6157-unnecessary-free-on-string.test.lua": {}, "gh-4077-iproto-execute-no-bind.test.lua": {}, + "gh-6113-assert-in-hex-on-zeroblob.test.lua": {}, "*": { "memtx": {"engine": "memtx"}, "vinyl": {"engine": "vinyl"} diff --git a/test/sql-tap/gh-6113-assert-in-hex-on-zeroblob.test.lua b/test/sql-tap/gh-6113-assert-in-hex-on-zeroblob.test.lua new file mode 100755 index 000000000..91a29a5b4 --- /dev/null +++ b/test/sql-tap/gh-6113-assert-in-hex-on-zeroblob.test.lua @@ -0,0 +1,13 @@ +#!/usr/bin/env tarantool +local test = require("sqltester") +test:plan(1) + +test:do_execsql_test( + "gh-6113", + [[ + SELECT hex(zeroblob(0)), hex(zeroblob(10)); + ]], { + '', '00000000000000000000' + }) + +test:finish_test() -- 2.25.1