CSEscapeBug.java
|
Blocks |
|||
| blocks |
|
Informatica Bulk Write Adapter | Closed |
[MCOL-1652] DELETE with a non-INT WHERE condition on an INT column fails Created: 2018-08-15 Updated: 2022-11-05 Resolved: 2022-11-05 |
|
| Status: | Closed |
| Project: | MariaDB ColumnStore |
| Component/s: | DMLProc |
| Affects Version/s: | 1.1.5 |
| Fix Version/s: | Icebox |
| Type: | Bug | Priority: | Minor |
| Reporter: | Jens Röwekamp (Inactive) | Assignee: | Unassigned |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | None | ||
| Environment: |
Ubuntu 18.04 |
||
| Attachments: |
CSEscapeBug.java
|
||||||||
| Issue Links: |
|
||||||||
| Description |
|
If I delete an escaped statement that contains a single quotation mark through Java PreparedStatements it is deleted in InnoDB tables but not in ColumnStore tables. The injection seems fine though. I attached Java example code to reproduce the bug. Please change the server credentials according to your setup. Error string that is not deleted in CS:
Output of the demo:
|
| Comments |
| Comment by Jens Röwekamp (Inactive) [ 2018-08-15 ] |
|
Seems to be the WHERE clause. UPDATE statements against above mentioned String are also effected. |
| Comment by Andrew Hutchings (Inactive) [ 2018-12-17 ] |
|
The query is triggering "ERROR 1815 (HY000): Internal error: CAL0002: Delete Failed: Error from ExeMgr 201", this translates to "JobListFactory makeJoblist error: value is not numerical." and the java code supplied doesn't have proper error handling. It is because our DELETE code can't cast the text data into an int. Whilst this is something we should fix I would argue that the Java code also needs fixing. |
| Comment by Todd Stoffel (Inactive) [ 2022-11-05 ] |
|
This item is being closed because it was well passed the expiration date with no activity. If you suspect this was done in error please create a new ticket. |