firebird/firebird-mirror
firebird/firebird-mirror
8
0
Fork 1
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-01-23 21:23:03 +01:00
Code Issues

Fixed bug CORE-6475 : Memory leak when running EXECUTE STATEMENT with named parameters

Browse Source 
Also, added check for parameter name length not exceeding MAX_SQL_IDENTIFIER_LEN (it is anyway limited at the SQL\BLR parsers level).
This commit is contained in:
hvlad 2021-01-23 14:25:21 +02:00
parent 4ad2beeffe
commit 4dfb30a45b
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/jrd/extds/ExtDS.cpp
View File

@ -2104,14 +2104,19 @@ void Statement::preprocess(const string& sql, string& ret)
// hvlad: TODO check quoted param names // hvlad: TODO check quoted param names
ident.assign(start + 1, p - start - 1); ident.assign(start + 1, p - start - 1);
if (tok == ttIdent) if (tok == ttIdent)
{
if (ident.length() > MAX_SQL_IDENTIFIER_LEN)
ERR_post(Arg::Gds(isc_eds_preprocess) <<
Arg::Gds(isc_dyn_name_longer) <<
Arg::Gds(isc_random) << Arg::Str(ident));
ident.upper(); ident.upper();
}
FB_SIZE_T n = 0; FB_SIZE_T n = 0;
if (!m_sqlParamNames.find(ident.c_str(), n)) MetaString name(ident);
{ if (!m_sqlParamNames.find(name, n))
MetaString* pName = FB_NEW_POOL(getPool()) MetaString(getPool(), ident); n = m_sqlParamNames.add(name);
n = m_sqlParamNames.add(*pName);
}
m_sqlParamsMap.add(&m_sqlParamNames[n]); m_sqlParamsMap.add(&m_sqlParamNames[n]);
} }