Thread: patch for JDBC PreparedStatement

patch for JDBC PreparedStatement

From
Alexander Litvinov
Date:
Hello,

I don't know the correct way to post patches so I will try this.

I have found the following bug:
When I try to insert strings using class PreparedStatement from JDBC with
non-printable chars it sometimes fail. During my investigations I have found
that current version of PreparedStatement quotes only ' (ampersand) and \
(slash). I have made some changes and now PreparedStatement change all
non-printable (possible some printable too) chars to \xxx where xxx is octal
code of char.

folder : src/interfaces/jdbc/org/postgresql/jdbc2
file : PreparedStatement.java

Attachment

Re: patch for JDBC PreparedStatement

From
Barry Lind
Date:
I do not understand the need for this patch.  Can you more clearly
explain the problem you think exists in the current code that you are
trying to fix?  I don't understand why this patch is needed and I don't
think it should be applied until more clarification is provided.

A specific test case would be great.

thanks,
--Barry


Alexander Litvinov wrote:
> Hello,
>
> I don't know the correct way to post patches so I will try this.
>
> I have found the following bug:
> When I try to insert strings using class PreparedStatement from JDBC with
> non-printable chars it sometimes fail. During my investigations I have found
> that current version of PreparedStatement quotes only ' (ampersand) and \
> (slash). I have made some changes and now PreparedStatement change all
> non-printable (possible some printable too) chars to \xxx where xxx is octal
> code of char.
>
> folder : src/interfaces/jdbc/org/postgresql/jdbc2
> file : PreparedStatement.java
>
>
> ------------------------------------------------------------------------
>
> --- PreparedStatement.java.orig    Fri Feb 16 22:45:00 2001
> +++ PreparedStatement.java    Tue Jul 17 15:32:09 2001
> @@ -285,13 +285,22 @@
>                int i;
>
>                sbuf.append('\'');
> -              for (i = 0 ; i < x.length() ; ++i)
> -                {
> -                  char c = x.charAt(i);
> -                  if (c == '\\' || c == '\'')
> -                    sbuf.append((char)'\\');
> -                  sbuf.append(c);
> -                }
> +            for (i = 0 ; i < x.length() ; ++i)
> +          {
> +        char c = x.charAt(i);
> +        if (c == '\\' || c == '\'') {
> +          sbuf.append((char)'\\');
> +          sbuf.append(c);
> +        }
> +        else if (Character.isLetterOrDigit(c) || c == ' ' || c == ',' || c == '.' || c == '@' || c == '-' || c ==
'+'|| c =='/' || c == '%') 
> +          sbuf.append(c);
> +        else {
> +          String oct = Integer.toOctalString(c);
> +          if (oct.length() == 1) sbuf.append("\\00" + oct);
> +          else if (oct.length() == 2) sbuf.append("\\0" + oct);
> +          else if (oct.length() == 3) sbuf.append("\\" + oct);
> +        }
> +          }
>                sbuf.append('\'');
>                set(parameterIndex, sbuf.toString());
>              }
>
>
> ------------------------------------------------------------------------
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html
>
> PreparedStatement.java.patch
>
> Content-Type:
>
> text/x-diff
> Content-Encoding:
>
> base64
>
>
> ------------------------------------------------------------------------
> Part 1.3
>
> Content-Type:
>
> text/plain
> Content-Encoding:
>
> binary
>
>



Re: patch for JDBC PreparedStatement

From
Denis Perchine
Date:
Hello,

> I do not understand the need for this patch.  Can you more clearly
> explain the problem you think exists in the current code that you are
> trying to fix?  I don't understand why this patch is needed and I don't
> think it should be applied until more clarification is provided.

He is talking about need to put into the text field any char except 0.
When you call setString, you can pass it any string containing any char
except 0. When you try to pass a string which contains some of non-printable
chars you get errors.

> A specific test case would be great.

We will create it today.

> thanks,
> --Barry
>
> Alexander Litvinov wrote:
> > Hello,
> >
> > I don't know the correct way to post patches so I will try this.
> >
> > I have found the following bug:
> > When I try to insert strings using class PreparedStatement from JDBC with
> > non-printable chars it sometimes fail. During my investigations I have
> > found that current version of PreparedStatement quotes only ' (ampersand)
> > and \ (slash). I have made some changes and now PreparedStatement change
> > all non-printable (possible some printable too) chars to \xxx where xxx
> > is octal code of char.
> >
> > folder : src/interfaces/jdbc/org/postgresql/jdbc2
> > file : PreparedStatement.java
> >
> >
> > ------------------------------------------------------------------------
> >
> > --- PreparedStatement.java.orig    Fri Feb 16 22:45:00 2001
> > +++ PreparedStatement.java    Tue Jul 17 15:32:09 2001
> > @@ -285,13 +285,22 @@
> >                int i;
> >
> >                sbuf.append('\'');
> > -              for (i = 0 ; i < x.length() ; ++i)
> > -                {
> > -                  char c = x.charAt(i);
> > -                  if (c == '\\' || c == '\'')
> > -                    sbuf.append((char)'\\');
> > -                  sbuf.append(c);
> > -                }
> > +            for (i = 0 ; i < x.length() ; ++i)
> > +          {
> > +        char c = x.charAt(i);
> > +        if (c == '\\' || c == '\'') {
> > +          sbuf.append((char)'\\');
> > +          sbuf.append(c);
> > +        }
> > +        else if (Character.isLetterOrDigit(c) || c == ' ' || c == ',' || c ==
> > '.' || c == '@' || c == '-' || c == '+' || c =='/' || c == '%') +
> > sbuf.append(c);
> > +        else {
> > +          String oct = Integer.toOctalString(c);
> > +          if (oct.length() == 1) sbuf.append("\\00" + oct);
> > +          else if (oct.length() == 2) sbuf.append("\\0" + oct);
> > +          else if (oct.length() == 3) sbuf.append("\\" + oct);
> > +        }
> > +          }
> >                sbuf.append('\'');
> >                set(parameterIndex, sbuf.toString());
> >              }
> >
> >
> > ------------------------------------------------------------------------
> >
> >
> > ---------------------------(end of broadcast)---------------------------
> > TIP 5: Have you checked our extensive FAQ?
> >
> > http://www.postgresql.org/users-lounge/docs/faq.html
> >
> > PreparedStatement.java.patch
> >
> > Content-Type:
> >
> > text/x-diff
> > Content-Encoding:
> >
> > base64
> >
> >
> > ------------------------------------------------------------------------
> > Part 1.3
> >
> > Content-Type:
> >
> > text/plain
> > Content-Encoding:
> >
> > binary
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster

--
Sincerely Yours,
Denis Perchine

----------------------------------
E-Mail: dyp@perchine.com
HomePage: http://www.perchine.com/dyp/
FidoNet: 2:5000/120.5
----------------------------------