Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • pike pike
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 121
    • Issues 121
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 0
    • Merge requests 0
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • pikelang
  • pikepike
  • Issues
  • #4651
Closed
Open
Created Dec 18, 2008 by Peter Bortas@zinoOwner

pass variable contains null character to postgres may cause SQL error

Imported from http://bugzilla.roxen.com/bugzilla/show_bug.cgi?id=4651

Reported by Eiichiro ITANI, emu@ceres.dti.ne.jp

I'm not sure this is bug, or wrong usage of tag. It cause SQL error to throw query postgres with array variable.

Suppose test.html contains these lines.

<emit source="sql" host="postgres-server"
  query="SELECT :v AS v" bindings="v=form.v">
  &_.v;
</emit>

Then, accessing

http://host/test.html?v=1&v=2

causes error

RXML run error: Query failed: ERROR: unterminated quoted string at or near "'1" LINE 1: SELECT '1 ^

|

That error happened because null character directry passed to postgres server. Of course, I should check and sanitize form.v to be plain string.

And I also noticed, accessing

http://host/test.html?v=abc%00def

this would make reply just "abc". I checked query log of postgres, and found that query as follows:

BEGIN DECLARE _pikecursor CURSOR FOR SELECT 'abc' as v FETCH 64 IN _pikecursor FETCH 64 IN _pikecursor COMMIT

Characters after null chopped.

Aren't they quoting problem of postgresql binding?

Assignee
Assign to
Time tracking