[libpostgresql-jdbc-java] 01/05: After running the statement passed to executeUpdate, we check to see if it was a SELECT and complain because it is not a query method. The code was not checking all of the results if it was passed a multi- statement query string. This resulted in the surprising and silent partial execution of SELECT statements.

Emmanuel Bourg ebourg-guest at moszumanska.debian.org
Mon Jan 9 10:20:21 UTC 2017 

This is an automated email from the git hooks/post-receive script.

ebourg-guest pushed a commit to tag REL8_1_415
in repository libpostgresql-jdbc-java.

commit dd898f899a266ca712e63c0e82e2fffc069b57c8
Author: Kris Jurka <books at ejurka.com>
Date:   Sat Sep 26 15:21:45 2009 +0000

    After running the statement passed to executeUpdate, we check to see
    if it was a SELECT and complain because it is not a query method.  The
    code was not checking all of the results if it was passed a multi-
    statement query string.  This resulted in the surprising and silent
    partial execution of SELECT statements.
    
    As reported by Joseph Shraibman.
---
 org/postgresql/jdbc2/AbstractJdbc2Statement.java | 31 +++++++++++++++++++-----
 org/postgresql/test/jdbc2/StatementTest.java     | 20 ++++++++++++++-
 2 files changed, 44 insertions(+), 7 deletions(-)

diff --git a/org/postgresql/jdbc2/AbstractJdbc2Statement.java b/org/postgresql/jdbc2/AbstractJdbc2Statement.java
index 3ca25db..75ff896 100644
--- a/org/postgresql/jdbc2/AbstractJdbc2Statement.java
+++ b/org/postgresql/jdbc2/AbstractJdbc2Statement.java
@@ -3,7 +3,7 @@
 * Copyright (c) 2004-2005, PostgreSQL Global Development Group
 *
 * IDENTIFICATION
-*   $PostgreSQL: pgjdbc/org/postgresql/jdbc2/AbstractJdbc2Statement.java,v 1.84.2.13 2008/04/02 17:06:21 jurka Exp $
+*   $PostgreSQL: pgjdbc/org/postgresql/jdbc2/AbstractJdbc2Statement.java,v 1.84.2.14 2009/05/27 23:55:43 jurka Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -283,9 +283,19 @@ public abstract class AbstractJdbc2Statement implements BaseStatement
             executeWithFlags(p_sql, 0);                
             return 0;
         }
-        if (executeWithFlags(p_sql, QueryExecutor.QUERY_NO_RESULTS))
-            throw new PSQLException(GT.tr("A result was returned when none was expected."),
+
+        executeWithFlags(p_sql, QueryExecutor.QUERY_NO_RESULTS);
+
+        ResultWrapper iter = result;
+        while (iter != null) {
+            if (iter.getResultSet() != null) {
+                throw new PSQLException(GT.tr("A result was returned when none was expected."),
                     				  PSQLState.TOO_MANY_RESULTS);
+
+            }
+            iter = iter.getNext();
+        }
+
         return getUpdateCount();
     }
 
@@ -305,9 +315,18 @@ public abstract class AbstractJdbc2Statement implements BaseStatement
             executeWithFlags(0);
             return 0;
         }
-        if (executeWithFlags(QueryExecutor.QUERY_NO_RESULTS))
-            throw new PSQLException(GT.tr("A result was returned when none was expected."),
-                                    PSQLState.TOO_MANY_RESULTS);
+
+        executeWithFlags(QueryExecutor.QUERY_NO_RESULTS);
+
+        ResultWrapper iter = result;
+        while (iter != null) {
+            if (iter.getResultSet() != null) {
+                throw new PSQLException(GT.tr("A result was returned when none was expected."),
+                    				  PSQLState.TOO_MANY_RESULTS);
+
+            }
+            iter = iter.getNext();
+        }
 
         return getUpdateCount();
     }
diff --git a/org/postgresql/test/jdbc2/StatementTest.java b/org/postgresql/test/jdbc2/StatementTest.java
index 431f58c..2aba154 100644
--- a/org/postgresql/test/jdbc2/StatementTest.java
+++ b/org/postgresql/test/jdbc2/StatementTest.java
@@ -3,7 +3,7 @@
 * Copyright (c) 2004-2005, PostgreSQL Global Development Group
 *
 * IDENTIFICATION
-*   $PostgreSQL: pgjdbc/org/postgresql/test/jdbc2/StatementTest.java,v 1.17.2.2 2006/02/01 18:52:30 jurka Exp $
+*   $PostgreSQL: pgjdbc/org/postgresql/test/jdbc2/StatementTest.java,v 1.17.2.3 2006/07/07 01:12:35 jurka Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -360,4 +360,22 @@ public class StatementTest extends TestCase
         } catch (SQLException sqle) { }
     }
 
+    public void testExecuteUpdateFailsOnSelect() throws SQLException
+    {
+        Statement stmt = con.createStatement();
+        try {
+            stmt.executeUpdate("SELECT 1");
+            fail("Should have thrown an error.");
+        } catch (SQLException sqle) { }
+    }
+
+    public void testExecuteUpdateFailsOnMultiStatementSelect() throws SQLException
+    {
+        Statement stmt = con.createStatement();
+        try {
+            stmt.executeUpdate("/* */; SELECT 1");
+            fail("Should have thrown an error.");
+        } catch (SQLException sqle) { }
+    }
+
 }

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/libpostgresql-jdbc-java.git

More information about the pkg-java-commits mailing list