search

Stephen-McDaniel / rpostgresql

This repository is an export of the final version from the retired Google Code system (code.google.com/p/rpostgresql).
0 stars 0 forks source link

Buffer overflow when numeric condition is given for a character variable #6

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Supposing that variable "foo" is of character type, and the following query
will execute correctly:

   dbGetQuery(con,"SELECT * FROM table WHERE foo='00'")

Then the following will crash R:

   dbGetQuery(con,"SELECT * FROM table WHERE foo=0")

The attached file contains the output that appeared after a crash of this type.

The error occured using R 2.9.1 on Ubuntu Jaunty 9.04, 64-bit version.

Original issue reported on code.google.com by pefr...@gmail.com on 24 Jul 2009 at 10:51

Attachments:

GoogleCodeExporter commented 9 years ago

Original comment by ne...@neiltiffin.com on 30 Sep 2009 at 5:15

GoogleCodeExporter commented 9 years ago 

I see really no good way to improve this -- the error is in the SQL logic of 
your 
statement and short of parsing the statement, what exactly could we do?

Dirk

Original comment by dirk.eddelbuettel on 3 Oct 2009 at 10:22

GoogleCodeExporter commented 9 years ago 
Also, I can't even replicate this -- a test script is in SVN and will be part 
of the 
next release.

Original comment by dirk.eddelbuettel on 10 Oct 2009 at 3:56

GoogleCodeExporter commented 9 years ago 
I'm calling this Fixed as the try() block around it seems to prevent the issue 
from 
arising.

Original comment by dirk.eddelbuettel on 14 Oct 2009 at 11:16

GoogleCodeExporter commented 9 years ago 
Correction -- this does indeed fail for Neil on Pg 8.4 and for me once I use 8.3
instead of 8.2.  Reopening with Status: Accepted.

Original comment by dirk.eddelbuettel on 14 Oct 2009 at 3:43

GoogleCodeExporter commented 9 years ago 
Fixed in r143.

Original comment by ne...@neiltiffin.com on 12 Sep 2010 at 4:52