public inbox for [email protected]  

help / color / mirror / Atom feed

From: Shruthi Gowda <[email protected]>
To: Tom Lane <[email protected]>
Cc: PostgreSQL Development <[email protected]>
Subject: Re: [BUG] CRASH: ECPGprepared_statement() and ECPGdeallocate_all() when connection is NULL
Date: Wed, 7 Jan 2026 23:30:27 +0530
Message-ID: <CAASxf_P5f=Frf8S7rN9BzphtCLoeN9vFuh-V7ukotOQZU54g+w@mail.gmail.com> (raw)
In-Reply-To: <[email protected]>
References: <CAASxf_P1F75Ck+0qyb10auT+BORupOM4yigXBnm7aWRNx1LYcA@mail.gmail.com>
	<[email protected]>

On Mon, Dec 8, 2025 at 9:39 PM Tom Lane <[email protected]> wrote:

> Shruthi Gowda <[email protected]> writes:
> > The ECPG application crashes with a segmentation fault when calling
> > specific deallocation or prepared statement functions without an
> > established database connection. This is caused by a missing NULL check
> on
> > the connection handle before attempting to access it.
>
> Hmm ... poking around, I see several other places that aren't checking
> the result of ecpg_get_connection.  Shouldn't we tighten them all?
>
>                         regards, tom lane
>

I agree. I’ve reviewed all occurrences of ecpg_get_connection() and noted
that, in most instances, it is followed by ecpg_init(), which validates the
connection and returns immediately if the connection is NULL.
In a few cases, the caller had already validated the connection. However, I
identified an additional case that lacked this check, so I have revised the
patch to include the missing validation.


Thanks & Regards,

Shruthi K C

EnterpriseDB: http://www.enterprisedb.com


Attachments:

  [application/octet-stream] v2-0001-Add-missing-connection-validation-in-ECPG.patch (2.6K, 3-v2-0001-Add-missing-connection-validation-in-ECPG.patch)
  download | inline diff:
From 1b37c4ed49b84ce646a59d3bd615e89c02b7638f Mon Sep 17 00:00:00 2001
From: shruthi gowda <[email protected]>
Date: Wed, 7 Jan 2026 12:42:47 +0000
Subject: [PATCH v2] Add missing connection validation in ECPG

Ensure that ECPG connections are validated before use to prevent
application crashes. This allows the system to handle disconnected
states gracefully by throwing a proper error instead of
segfaulting.
---
 src/interfaces/ecpg/ecpglib/descriptor.c |  8 ++++++++
 src/interfaces/ecpg/ecpglib/prepare.c    | 24 ++++++++++++++++++++----
 2 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/src/interfaces/ecpg/ecpglib/descriptor.c b/src/interfaces/ecpg/ecpglib/descriptor.c
index 39cd5130ec9..02df1f7345b 100644
--- a/src/interfaces/ecpg/ecpglib/descriptor.c
+++ b/src/interfaces/ecpg/ecpglib/descriptor.c
@@ -507,6 +507,14 @@ ECPGget_desc(int lineno, const char *desc_name, int index,...)
 
 		/* desperate try to guess something sensible */
 		stmt.connection = ecpg_get_connection(NULL);
+		if (!stmt.connection)
+		{
+			ecpg_raise(lineno, ECPG_NO_CONN, ECPG_SQLSTATE_CONNECTION_DOES_NOT_EXIST,
+						ecpg_gettext("NULL"));
+			va_end(args);
+			return false;
+		}
+
 		ecpg_store_result(ECPGresult, index, &stmt, &data_var);
 
 #ifdef HAVE_USELOCALE
diff --git a/src/interfaces/ecpg/ecpglib/prepare.c b/src/interfaces/ecpg/ecpglib/prepare.c
index 5c7c5397535..96be4396415 100644
--- a/src/interfaces/ecpg/ecpglib/prepare.c
+++ b/src/interfaces/ecpg/ecpglib/prepare.c
@@ -381,8 +381,16 @@ ecpg_deallocate_all_conn(int lineno, enum COMPAT_MODE c, struct connection *con)
 bool
 ECPGdeallocate_all(int lineno, int compat, const char *connection_name)
 {
-	return ecpg_deallocate_all_conn(lineno, compat,
-									ecpg_get_connection(connection_name));
+	struct connection *con;
+
+	con = ecpg_get_connection(connection_name);
+	if (!con)
+	{
+		ecpg_raise(lineno, ECPG_NO_CONN, ECPG_SQLSTATE_CONNECTION_DOES_NOT_EXIST,
+				   connection_name ? connection_name : ecpg_gettext("NULL"));
+		return false;
+	}
+	return ecpg_deallocate_all_conn(lineno, compat, con);
 }
 
 char *
@@ -399,9 +407,17 @@ ecpg_prepared(const char *name, struct connection *con)
 char *
 ECPGprepared_statement(const char *connection_name, const char *name, int lineno)
 {
-	(void) lineno;				/* keep the compiler quiet */
+	struct connection *con;
+
+	con = ecpg_get_connection(connection_name);
+	if (!con)
+	{
+		ecpg_raise(lineno, ECPG_NO_CONN, ECPG_SQLSTATE_CONNECTION_DOES_NOT_EXIST,
+				   connection_name ? connection_name : ecpg_gettext("NULL"));
+		return NULL;
+	}
 
-	return ecpg_prepared(name, ecpg_get_connection(connection_name));
+	return ecpg_prepared(name, con);
 }
 
 /*
-- 
2.43.0

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected]
  Subject: Re: [BUG] CRASH: ECPGprepared_statement() and ECPGdeallocate_all() when connection is NULL
  In-Reply-To: <CAASxf_P5f=Frf8S7rN9BzphtCLoeN9vFuh-V7ukotOQZU54g+w@mail.gmail.com>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox