Uploaded image for project: 'MariaDB Connector/Python'
  1. MariaDB Connector/Python
  2. CONPY-306

Crash if MariaDB returns invalid utf8mb3 characters

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 1.1.12
    • 1.1.13
    • DBAPI 2.0
    • None
    • 3.13

    Description

      Unfortunately MariaDB server allows to store invalid utf8mb3 characters. This might end up in a possible crash of C/Python during fetch, since PyUnicode_GET_LENGTH doesn't perform any validation checks.

      Instead of using the more secure function PyUnicode_GetLength (it does validate the Object) we shouldn't calculate length at all - this would also avoid to "overwrite" previous exception.

      How to repeat:

       
      		 
      import mariadb
      		 
       
      		 
      conn= mariadb.connect(db="test")
      		 
      cursor= conn.cursor(binary=True)
      		 
      cursor.execute("CREATE OR REPLACE TABLE t1 (a varchar(20) charset utf8mb3)")
      		 
      cursor.execute("INSERT INTO t1 VALUES (0xEDA080)")
      		 
      conn.commit()
      		 
       
      		 
      cursor.execute("SELECT a FROM t1")
      		 
      row= cursor.fetchone()

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. CONPY-238 Querying mysql.slow_log table might cause UnicodeDecodeError

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              georg Georg Richter
              georg Georg Richter
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.