[libpostgresql-jdbc-java] 01/03: After running the statement passed to executeUpdate, we check to see if it was a SELECT and complain because it is not a query method. The code was not checking all of the results if it was passed a multi- statement query string. This resulted in the surprising and silent partial execution of SELECT statements.

Emmanuel Bourg ebourg-guest at moszumanska.debian.org
Mon Jan 9 10:19:49 UTC 2017 

This is an automated email from the git hooks/post-receive script.

ebourg-guest pushed a commit to tag REL8_0_325
in repository libpostgresql-jdbc-java.

commit 16d19502fd0c5cd7a8d9f555f37c42b61e129d01
Author: Kris Jurka <books at ejurka.com>
Date:   Sat Sep 26 15:21:51 2009 +0000

    After running the statement passed to executeUpdate, we check to see
    if it was a SELECT and complain because it is not a query method.  The
    code was not checking all of the results if it was passed a multi-
    statement query string.  This resulted in the surprising and silent
    partial execution of SELECT statements.
    
    As reported by Joseph Shraibman.
---
 org/postgresql/jdbc2/AbstractJdbc2Statement.java | 30 ++++++++++++++++++------
 org/postgresql/test/jdbc2/StatementTest.java     | 20 +++++++++++++++-
 2 files changed, 42 insertions(+), 8 deletions(-)

diff --git a/org/postgresql/jdbc2/AbstractJdbc2Statement.java b/org/postgresql/jdbc2/AbstractJdbc2Statement.java
index 4a0f552..d770b7c 100644
--- a/org/postgresql/jdbc2/AbstractJdbc2Statement.java
+++ b/org/postgresql/jdbc2/AbstractJdbc2Statement.java
@@ -3,7 +3,7 @@
 * Copyright (c) 2004-2005, PostgreSQL Global Development Group
 *
 * IDENTIFICATION
-*   $PostgreSQL: pgjdbc/org/postgresql/jdbc2/AbstractJdbc2Statement.java,v 1.68.2.16 2008/04/02 17:06:32 jurka Exp $
+*   $PostgreSQL: pgjdbc/org/postgresql/jdbc2/AbstractJdbc2Statement.java,v 1.68.2.17 2009/05/27 23:55:51 jurka Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -261,9 +261,17 @@ public abstract class AbstractJdbc2Statement implements BaseStatement
             throw new PSQLException(GT.tr("Can''t use query methods that take a query string on a PreparedStatement."),
                                     PSQLState.WRONG_OBJECT_TYPE);
 
-        if (executeWithFlags(p_sql, QueryExecutor.QUERY_NO_RESULTS))
-            throw new PSQLException(GT.tr("A result was returned when none was expected."),
-                                    PSQLState.TOO_MANY_RESULTS);
+        executeWithFlags(p_sql, QueryExecutor.QUERY_NO_RESULTS);
+
+        ResultWrapper iter = result;
+        while (iter != null) {
+            if (iter.getResultSet() != null) {
+                throw new PSQLException(GT.tr("A result was returned when none was expected."),
+                    				  PSQLState.TOO_MANY_RESULTS);
+
+            }
+            iter = iter.getNext();
+        }
 
         return getUpdateCount();
     }
@@ -279,9 +287,17 @@ public abstract class AbstractJdbc2Statement implements BaseStatement
      */
     public int executeUpdate() throws SQLException
     {
-        if (executeWithFlags(QueryExecutor.QUERY_NO_RESULTS))
-            throw new PSQLException(GT.tr("A result was returned when none was expected."),
-                                    PSQLState.TOO_MANY_RESULTS);
+        executeWithFlags(QueryExecutor.QUERY_NO_RESULTS);
+
+        ResultWrapper iter = result;
+        while (iter != null) {
+            if (iter.getResultSet() != null) {
+                throw new PSQLException(GT.tr("A result was returned when none was expected."),
+                    				  PSQLState.TOO_MANY_RESULTS);
+
+            }
+            iter = iter.getNext();
+        }
 
         return getUpdateCount();
     }
diff --git a/org/postgresql/test/jdbc2/StatementTest.java b/org/postgresql/test/jdbc2/StatementTest.java
index 79e8606..82895e7 100644
--- a/org/postgresql/test/jdbc2/StatementTest.java
+++ b/org/postgresql/test/jdbc2/StatementTest.java
@@ -3,7 +3,7 @@
 * Copyright (c) 2004-2005, PostgreSQL Global Development Group
 *
 * IDENTIFICATION
-*   $PostgreSQL: pgjdbc/org/postgresql/test/jdbc2/StatementTest.java,v 1.15.2.4 2006/02/01 18:52:41 jurka Exp $
+*   $PostgreSQL: pgjdbc/org/postgresql/test/jdbc2/StatementTest.java,v 1.15.2.5 2006/07/07 01:12:48 jurka Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -360,4 +360,22 @@ public class StatementTest extends TestCase
         } catch (SQLException sqle) { }
     }
 
+    public void testExecuteUpdateFailsOnSelect() throws SQLException
+    {
+        Statement stmt = con.createStatement();
+        try {
+            stmt.executeUpdate("SELECT 1");
+            fail("Should have thrown an error.");
+        } catch (SQLException sqle) { }
+    }
+
+    public void testExecuteUpdateFailsOnMultiStatementSelect() throws SQLException
+    {
+        Statement stmt = con.createStatement();
+        try {
+            stmt.executeUpdate("/* */; SELECT 1");
+            fail("Should have thrown an error.");
+        } catch (SQLException sqle) { }
+    }
+
 }

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/libpostgresql-jdbc-java.git

More information about the pkg-java-commits mailing list