[Firebird-checkins] SF.net SVN: firebird:[61485] firebird/trunk

[<asf...@us...>]

Revision: 61485
          http://sourceforge.net/p/firebird/code/61485
Author:   asfernandes
Date:     2015-05-04 16:24:10 +0000 (Mon, 04 May 2015)
Log Message:
-----------
Fixed CORE-4781 - Maximum string length (32765 bytes) is not validated.

Modified Paths:
--------------
    firebird/trunk/lang_helpers/gds_codes.ftn
    firebird/trunk/lang_helpers/gds_codes.pas
    firebird/trunk/src/dsql/Parser.cpp
    firebird/trunk/src/include/gen/codetext.h
    firebird/trunk/src/include/gen/iberror.h
    firebird/trunk/src/include/gen/msgs.h
    firebird/trunk/src/include/gen/sql_code.h
    firebird/trunk/src/include/gen/sql_state.h
    firebird/trunk/src/msgs/facilities2.sql
    firebird/trunk/src/msgs/messages2.sql
    firebird/trunk/src/msgs/system_errors2.sql

Modified: firebird/trunk/lang_helpers/gds_codes.ftn
===================================================================
--- firebird/trunk/lang_helpers/gds_codes.ftn	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/lang_helpers/gds_codes.ftn	2015-05-04 16:24:10 UTC (rev 61485)
@@ -2332,6 +2332,8 @@
       PARAMETER (GDS__dsql_wlock_conflict              = 336397329)
       INTEGER*4 GDS__dsql_max_exception_arguments    
       PARAMETER (GDS__dsql_max_exception_arguments     = 336397330)
+      INTEGER*4 GDS__dsql_string_length              
+      PARAMETER (GDS__dsql_string_length               = 336397331)
       INTEGER*4 GDS__gsec_cant_open_db               
       PARAMETER (GDS__gsec_cant_open_db                = 336723983)
       INTEGER*4 GDS__gsec_switches_error             

Modified: firebird/trunk/lang_helpers/gds_codes.pas
===================================================================
--- firebird/trunk/lang_helpers/gds_codes.pas	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/lang_helpers/gds_codes.pas	2015-05-04 16:24:10 UTC (rev 61485)
@@ -1173,6 +1173,7 @@
 	gds_dsql_wlock_aggregates            = 336397328;
 	gds_dsql_wlock_conflict              = 336397329;
 	gds_dsql_max_exception_arguments     = 336397330;
+	gds_dsql_string_length               = 336397331;
 	gds_gsec_cant_open_db                = 336723983;
 	gds_gsec_switches_error              = 336723984;
 	gds_gsec_no_op_spec                  = 336723985;

Modified: firebird/trunk/src/dsql/Parser.cpp
===================================================================
--- firebird/trunk/src/dsql/Parser.cpp	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/src/dsql/Parser.cpp	2015-05-04 16:24:10 UTC (rev 61485)
@@ -483,6 +483,18 @@
 			}
 			*p = *lex.ptr++;
 		}
+
+		if (p - buffer > MAX_COLUMN_SIZE - sizeof(USHORT))
+		{
+			if (buffer != string)
+				gds__free (buffer);
+
+			ERRD_post(Arg::Gds(isc_sqlerr) << Arg::Num(-104) <<
+					  Arg::Gds(isc_dsql_string_length) <<
+					  Arg::Num(p - buffer) <<
+					  Arg::Num(MAX_COLUMN_SIZE - sizeof(USHORT)));
+		}
+
 		if (c == '"')
 		{
 			stmt_ambiguous = true;
@@ -654,6 +666,14 @@
 					byte = c;
 			}
 
+			if (temp.length() > MAX_COLUMN_SIZE - sizeof(USHORT))
+			{
+				ERRD_post(Arg::Gds(isc_sqlerr) << Arg::Num(-104) <<
+						  Arg::Gds(isc_dsql_string_length) <<
+						  Arg::Num(temp.length()) <<
+						  Arg::Num(MAX_COLUMN_SIZE - sizeof(USHORT)));
+			}
+
 			yylval.intlStringPtr = newIntlString(temp, "BINARY");
 
 			return STRING;
@@ -693,9 +713,18 @@
 		{
 			if (*lex.ptr == endChar && *++lex.ptr == '\'')
 			{
-				yylval.intlStringPtr = newIntlString(
-					Firebird::string(lex.last_token + 3, lex.ptr - lex.last_token - 4));
+				size_t len = lex.ptr - lex.last_token - 4;
 
+				if (len > MAX_COLUMN_SIZE - sizeof(USHORT))
+				{
+					ERRD_post(Arg::Gds(isc_sqlerr) << Arg::Num(-104) <<
+							  Arg::Gds(isc_dsql_string_length) <<
+							  Arg::Num(len) <<
+							  Arg::Num(MAX_COLUMN_SIZE - sizeof(USHORT)));
+				}
+
+				yylval.intlStringPtr = newIntlString(Firebird::string(lex.last_token + 3, len));
+
 				++lex.ptr;
 
 				mark.length = lex.ptr - lex.last_token;

Modified: firebird/trunk/src/include/gen/codetext.h
===================================================================
--- firebird/trunk/src/include/gen/codetext.h	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/src/include/gen/codetext.h	2015-05-04 16:24:10 UTC (rev 61485)
@@ -1162,6 +1162,7 @@
 	{"dsql_wlock_aggregates", 336397328},
 	{"dsql_wlock_conflict", 336397329},
 	{"dsql_max_exception_arguments", 336397330},
+	{"dsql_string_length", 336397331},
 	{"gsec_cant_open_db", 336723983},
 	{"gsec_switches_error", 336723984},
 	{"gsec_no_op_spec", 336723985},

Modified: firebird/trunk/src/include/gen/iberror.h
===================================================================
--- firebird/trunk/src/include/gen/iberror.h	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/src/include/gen/iberror.h	2015-05-04 16:24:10 UTC (rev 61485)
@@ -1196,6 +1196,7 @@
 const ISC_STATUS isc_dsql_wlock_aggregates            = 336397328L;
 const ISC_STATUS isc_dsql_wlock_conflict              = 336397329L;
 const ISC_STATUS isc_dsql_max_exception_arguments     = 336397330L;
+const ISC_STATUS isc_dsql_string_length               = 336397331L;
 const ISC_STATUS isc_gsec_cant_open_db                = 336723983L;
 const ISC_STATUS isc_gsec_switches_error              = 336723984L;
 const ISC_STATUS isc_gsec_no_op_spec                  = 336723985L;
@@ -1298,7 +1299,7 @@
 const ISC_STATUS isc_trace_switch_param_miss          = 337182758L;
 const ISC_STATUS isc_trace_param_act_notcompat        = 337182759L;
 const ISC_STATUS isc_trace_mandatory_switch_miss      = 337182760L;
-const ISC_STATUS isc_err_max                          = 1242;
+const ISC_STATUS isc_err_max                          = 1243;
 
 #else /* c definitions */
 
@@ -2464,6 +2465,7 @@
 #define isc_dsql_wlock_aggregates            336397328L
 #define isc_dsql_wlock_conflict              336397329L
 #define isc_dsql_max_exception_arguments     336397330L
+#define isc_dsql_string_length               336397331L
 #define isc_gsec_cant_open_db                336723983L
 #define isc_gsec_switches_error              336723984L
 #define isc_gsec_no_op_spec                  336723985L
@@ -2566,7 +2568,7 @@
 #define isc_trace_switch_param_miss          337182758L
 #define isc_trace_param_act_notcompat        337182759L
 #define isc_trace_mandatory_switch_miss      337182760L
-#define isc_err_max                          1242
+#define isc_err_max                          1243
 
 #endif
 

Modified: firebird/trunk/src/include/gen/msgs.h
===================================================================
--- firebird/trunk/src/include/gen/msgs.h	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/src/include/gen/msgs.h	2015-05-04 16:24:10 UTC (rev 61485)
@@ -1165,6 +1165,7 @@
 	{336397328, "WITH LOCK cannot be used with aggregates"},		/* dsql_wlock_aggregates */
 	{336397329, "WITH LOCK cannot be used with @1"},		/* dsql_wlock_conflict */
 	{336397330, "Number of arguments (@1) exceeds the maximum (@2) number of EXCEPTION USING arguments"},		/* dsql_max_exception_arguments */
+	{336397331, "String literal with @1 bytes exceeds the maximum length of @2 bytes"},		/* dsql_string_length */
 	{336723983, "unable to open database"},		/* gsec_cant_open_db */
 	{336723984, "error in switch specifications"},		/* gsec_switches_error */
 	{336723985, "no operation specified"},		/* gsec_no_op_spec */

Modified: firebird/trunk/src/include/gen/sql_code.h
===================================================================
--- firebird/trunk/src/include/gen/sql_code.h	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/src/include/gen/sql_code.h	2015-05-04 16:24:10 UTC (rev 61485)
@@ -1161,6 +1161,7 @@
 	{336397328, -104}, /* 1040 dsql_wlock_aggregates */
 	{336397329, -104}, /* 1041 dsql_wlock_conflict */
 	{336397330, -901}, /* 1042 dsql_max_exception_arguments */
+	{336397331, -901}, /* 1043 dsql_string_length */
 	{336723983, -901}, /*  15 gsec_cant_open_db */
 	{336723984, -901}, /*  16 gsec_switches_error */
 	{336723985, -901}, /*  17 gsec_no_op_spec */

Modified: firebird/trunk/src/include/gen/sql_state.h
===================================================================
--- firebird/trunk/src/include/gen/sql_state.h	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/src/include/gen/sql_state.h	2015-05-04 16:24:10 UTC (rev 61485)
@@ -1161,6 +1161,7 @@
 	{336397328, "42000"}, // 1040 dsql_wlock_aggregates
 	{336397329, "42000"}, // 1041 dsql_wlock_conflict
 	{336397330, "07002"}, // 1042 dsql_max_exception_arguments
+	{336397331, "42000"}, // 1043 dsql_string_length
 	{336723983, "00000"}, //  15 gsec_cant_open_db
 	{336723984, "00000"}, //  16 gsec_switches_error
 	{336723985, "00000"}, //  17 gsec_no_op_spec

Modified: firebird/trunk/src/msgs/facilities2.sql
===================================================================
--- firebird/trunk/src/msgs/facilities2.sql	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/src/msgs/facilities2.sql	2015-05-04 16:24:10 UTC (rev 61485)
@@ -10,7 +10,7 @@
 ('1996-11-07 13:39:40', 'INSTALL', 10, 1)
 ('1996-11-07 13:38:41', 'TEST', 11, 4)
 ('2014-05-09 01:30:36', 'GBAK', 12, 361)
-('2015-04-29 12:27:00', 'SQLERR', 13, 1043)
+('2015-04-29 12:27:00', 'SQLERR', 13, 1044)
 ('1996-11-07 13:38:42', 'SQLWARN', 14, 613)
 ('2006-09-10 03:04:31', 'JRD_BUGCHK', 15, 307)
 ('2014-05-07 03:04:46', 'ISQL', 17, 190)

Modified: firebird/trunk/src/msgs/messages2.sql
===================================================================
--- firebird/trunk/src/msgs/messages2.sql	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/src/msgs/messages2.sql	2015-05-04 16:24:10 UTC (rev 61485)
@@ -2618,6 +2618,7 @@
 ('dsql_wlock_aggregates', 'pass1_rse_impl', 'pass1.cpp', NULL, 13, 1040, NULL, 'WITH LOCK cannot be used with aggregates', NULL, NULL);
 ('dsql_wlock_conflict', NULL, 'pass1.cpp', NULL, 13, 1041, NULL, 'WITH LOCK cannot be used with @1', NULL, NULL);
 ('dsql_max_exception_arguments', NULL, 'StmtNodes.cpp', NULL, 13, 1042, NULL, 'Number of arguments (@1) exceeds the maximum (@2) number of EXCEPTION USING arguments', NULL, NULL);
+('dsql_string_length', NULL, 'Parser.cpp', NULL, 13, 1043, NULL, 'String literal with @1 bytes exceeds the maximum length of @2 bytes', NULL, NULL);
 -- SQLWARN
 (NULL, NULL, NULL, NULL, 14, 100, NULL, 'Row not found for fetch, update or delete, or the result of a query is an empty table.', NULL, NULL);
 (NULL, NULL, NULL, NULL, 14, 101, NULL, 'segment buffer length shorter than expected', NULL, NULL);

Modified: firebird/trunk/src/msgs/system_errors2.sql
===================================================================
--- firebird/trunk/src/msgs/system_errors2.sql	2015-05-04 11:45:05 UTC (rev 61484)
+++ firebird/trunk/src/msgs/system_errors2.sql	2015-05-04 16:24:10 UTC (rev 61485)
@@ -1155,6 +1155,7 @@
 (-104, '42', '000', 13, 1040, 'dsql_wlock_aggregates', NULL, NULL)
 (-104, '42', '000', 13, 1041, 'dsql_wlock_conflict', NULL, NULL)
 (-901, '07', '002', 13, 1042, 'dsql_max_exception_arguments', NULL, NULL)
+(-901, '42', '000', 13, 1043, 'dsql_string_length', NULL, NULL)
 -- GSEC
 (-901, '00', '000', 18, 15, 'gsec_cant_open_db', NULL, NULL)
 (-901, '00', '000', 18, 16, 'gsec_switches_error', NULL, NULL)

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.