On Wed, Apr 29, 2020 at 5:13 AM Marc Simpson <[email protected]> wrote:
>
> Hi folks,
>
> It seems that I can reliably segfault recent Pike 8.1 installs when
> using sprintf-style SQLite queries:
>
> $ echo '
> create table demo(a, b);
> insert into demo(a, b) values(1, "abc")' | sqlite3 demo.db
>
> $ pike
> Pike v8.1 release 13 running Hilfe v3.5 [...]
> > Sql.Sql db = Sql.Sql("sqlite://demo.db");
> > db->query("select * from demo");
> (1) Result: ({ /* 1 element */
> ([ /* 2 elements */
> "a": "1",
> "b": "abc"
> ])
> })
> > db->query("select * from demo where a = :a", ([":a": 1 ]));
> (2) Result: ({ /* 1 element */
> ([ /* 2 elements */
> "a": "1",
> "b": "abc"
> ])
> })
> > db->query("select * from demo where a = %d", 1);
> Segmentation fault
>
> This occurs on both macOS and Linux; on macOS, segfaults are observed
> when the SQLite module is linked against either MacPorts' SQLite 3 or
> the system wide dylib in /usr/lib.
>
> Note that query() with a mapping argument doesn't segfault;
> furthermore, no such segfault occurs under Pike v8.0 release 702.
>
> Please let me know whether this is reproducible (and/or whether more
> information is required).
>
Reproduced on a very recent build of Pike. Can be done in a more
self-contained way using an in-memory database:
Pike v8.1 release 13 running Hilfe v3.5 (Incremental Pike Frontend)
Ok.
> Sql.Sql db = Sql.Sql("sqlite://:memory:");
> db->query("create table demo (a, b)");
(1) Result: 0
> db->query("insert into demo values (1, 'abc')");
(2) Result: 0
> db->query("select * from demo where a = :a", ([":a": 1]));
(3) Result: ({ /* 1 element */
([ /* 2 elements */
"a": "1",
"b": "abc"
])
})
> db->query("select * from demo where a = %d", 1);
Segmentation fault
Will do some bisection.
ChrisA
