public inbox for [email protected]
help / color / mirror / Atom feedFrom: Mahendra Singh Thalor <[email protected]>
To: Shruthi Gowda <[email protected]>
Cc: Fujii Masao <[email protected]>
Cc: Tom Lane <[email protected]>
Cc: PostgreSQL Development <[email protected]>
Subject: Re: [BUG] CRASH: ECPGprepared_statement() and ECPGdeallocate_all() when connection is NULL
Date: Tue, 24 Mar 2026 08:04:01 +0530
Message-ID: <CAKYtNAqjJbzV+ZJDqA-s0fHSLen6msc=A0SfrTS1ub1KKH9haQ@mail.gmail.com> (raw)
In-Reply-To: <CAASxf_OGWD7PA5TMEh2MdF2YxN8V3ByLhnFJ=uw0hKr33sgqAw@mail.gmail.com>
References: <CAASxf_P1F75Ck+0qyb10auT+BORupOM4yigXBnm7aWRNx1LYcA@mail.gmail.com>
<[email protected]>
<CAASxf_P5f=Frf8S7rN9BzphtCLoeN9vFuh-V7ukotOQZU54g+w@mail.gmail.com>
<CAHGQGwHAPXexiGaHMkDDRF7cPBr_3fgCNdT4n2+1UjaEU++BAQ@mail.gmail.com>
<CAASxf_OGWD7PA5TMEh2MdF2YxN8V3ByLhnFJ=uw0hKr33sgqAw@mail.gmail.com>
On Mon, 19 Jan 2026 at 17:38, Shruthi Gowda <[email protected]> wrote:
>
>
>
> On Thu, Jan 8, 2026 at 9:32 PM Fujii Masao <[email protected]> wrote:
>>
>> On Thu, Jan 8, 2026 at 3:00 AM Shruthi Gowda <[email protected]> wrote:
>> >
>> >
>> > On Mon, Dec 8, 2025 at 9:39 PM Tom Lane <[email protected]> wrote:
>> >>
>> >> Shruthi Gowda <[email protected]> writes:
>> >> > The ECPG application crashes with a segmentation fault when calling
>> >> > specific deallocation or prepared statement functions without an
>> >> > established database connection. This is caused by a missing NULL check on
>> >> > the connection handle before attempting to access it.
>> >>
>> >> Hmm ... poking around, I see several other places that aren't checking
>> >> the result of ecpg_get_connection. Shouldn't we tighten them all?
>> >>
>> >> regards, tom lane
>> >
>> >
>> > I agree. I’ve reviewed all occurrences of ecpg_get_connection() and noted that, in most instances, it is followed by ecpg_init(), which validates the connection and returns immediately if the connection is NULL.
>>
>> Why did you add this check instead of calling ecpg_init()?
>> Wouldn't it be better and sufficient to use ecpg_init() to validate
>> the connection?
>>
>> + con = ecpg_get_connection(connection_name);
>> + if (!con)
>> + {
>> + ecpg_raise(lineno, ECPG_NO_CONN, ECPG_SQLSTATE_CONNECTION_DOES_NOT_EXIST,
>> + connection_name ? connection_name : ecpg_gettext("NULL"));
>>
>
> Thanks for the feedback, Fujii. I agree—using ecpg_init() is a more consistent approach and aligns with how this is handled in other parts of the code.
> I have updated the patch to use ecpg_init() for validation. Please find the revised version attached.
> The patch works for MASTER and all the back branches.
>
> Thanks & Regards,
>
> Shruthi K C
>
> EnterpriseDB: http://www.enterprisedb.com
Thanks Shruthi for the updated patch.
Please add a crash test case in your patch. If possible, please add a
test for connection=NULL for ECPGdeallocate_all,
ECPGprepared_statement and ECPGget_desc.
--
Thanks and Regards
Mahendra Singh Thalor
EnterpriseDB: http://www.enterprisedb.com
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected]
Subject: Re: [BUG] CRASH: ECPGprepared_statement() and ECPGdeallocate_all() when connection is NULL
In-Reply-To: <CAKYtNAqjJbzV+ZJDqA-s0fHSLen6msc=A0SfrTS1ub1KKH9haQ@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox