[CONJ-201] Prepared Statement with ? parameters after last ) causes string index out of bounds error Created: 2015-09-18  Updated: 2015-10-06  Resolved: 2015-10-06

Status: Closed
Project: MariaDB Connector/J
Component/s: Other
Affects Version/s: 1.2.2
Fix Version/s: 1.2.3

Type: Bug Priority: Blocker
Reporter: Matthew Madson Assignee: Diego Dupin
Resolution: Fixed Votes: 0
Labels: None
Environment:

MySQL 5.6.22 Community Server
Win64 x86_64
java version "1.7.0_71"
Java(TM) SE Runtime Environment (build 1.7.0_71-b14)
Java HotSpot(TM) 64-Bit Server VM (build 24.71-b01, mixed mode)

Issue Links:
Relates
relates to CONJ-200 java.lang.StringIndexOutOfBoundsExcep... Closed

 Description   

Sample Query:

insert into `SOME_TABLE` (`ID`, `FOO`, `BAR`, `BAZ`) values (?, ?, ?) on duplicate key update `SOME_TABLE`.`FOO` = ?, `SOME_TABLE`.`BAR` = ?, `SOME_TABLE`.`BAZ` = ?

Problem:

connection.prepareStatement(sql);

Throws the following exception:

Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: -1
 
	at java.lang.String.substring(Unknown Source)
 
	at org.mariadb.jdbc.internal.common.query.MySQLParameterizedQuery.<init>(MySQLParameterizedQuery.java:83)
 
	at org.mariadb.jdbc.MySQLPreparedStatement.<init>(MySQLPreparedStatement.java:90)
 
	at org.mariadb.jdbc.MySQLConnection.prepareStatement(MySQLConnection.java:181)
 
...

The problem appears to be on line 83 of MySQLParameterizedQuery:

rewriteRepeatLastPart = lastPart.substring(0, lastPart.indexOf(")")).getBytes("UTF-8");

For the above query, the lastPart is an empty string and lastPart.indexOf(")") returns -1, thus lastPart.substring(0,-1) throws an exception.

I'm not sure what you are trying to do here, so I can't provide a fix but it's definitely a blocker for me.

 Comments   
Comment by Sam Ottenhoff [ 2015-10-02 ]

We just recently ran into this bug with the Sakai open-source learning management system. The " on duplicate key update " is a fairly common pattern:

https://github.com/sakaiproject/sakai/search?utf8=%E2%9C%93&q=%22on+duplicate+key%22

Our stack trace:

2015-10-01 10:54:49,937 WARN http-bio-8080-exec-3 org.sakaiproject.content.impl.DbContentService - sql == insert into CONTENT_DROPBOX_CHANGES (DROPBOX_ID, IN_COLLECTION, LAST_UPDATE) values (? , ? , ?) on duplicate key update IN_COLLECTION = ?, LAST_UPDATE = ?
java.lang.RuntimeException: SqlService.dbWrite failure
at org.sakaiproject.db.impl.BasicSqlService.dbWriteCount(BasicSqlService.java:1299)
at org.sakaiproject.db.impl.BasicSqlService.dbWrite(BasicSqlService.java:1143)
at org.sakaiproject.db.impl.BasicSqlService.dbWrite(BasicSqlService.java:1059)
....
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1911)
at org.mariadb.jdbc.internal.common.query.MySQLParameterizedQuery.<init>(MySQLParameterizedQuery.java:83)

Comment by Diego Dupin [ 2015-10-05 ]

similar problem

Comment by Diego Dupin [ 2015-10-05 ]

This bug is corrected in 1.3.0 (in beta actually), but this cannot wait the release of the 1.3.0.
a new version 1.2.3 will correct this fix quickly.

Generated at Thu Feb 08 03:13:55 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.