[td-314] check for sql str length

f343d6d3 · Haojun Liao · d05eaa5c · f343d6d3 · f343d6d3
显示空白变更内容
内联并排

Showing with 19 addition and 13 deletion

src/client/src/tscAsync.c src/client/src/tscAsync.c +3 -3

src/client/src/tscSql.c src/client/src/tscSql.c +16 -10

未找到文件。
--- a/src/client/src/tscAsync.c
+++ b/src/client/src/tscAsync.c
@@ -56,8 +56,8 @@ void doAsyncQuery(STscObj* pObj, SSqlObj* pSql, void (*fp)(), void* param, const
    return;
  }
-  pSql->sqlstr = realloc(pSql->sqlstr, sqlLen + 1);
+  // todo check for OOM problem
+  pSql->sqlstr = calloc(1, sqlLen + 1);
  if (pSql->sqlstr == NULL) {
    tscError("%p failed to malloc sql string buffer", pSql);
    tscQueueAsyncError(fp, param, TSDB_CODE_CLI_OUT_OF_MEMORY);
@@ -95,7 +95,7 @@ void taos_query_a(TAOS *taos, const char *sqlstr, __async_cb_func_t fp, void *pa
  int32_t sqlLen = strlen(sqlstr);
  if (sqlLen > tsMaxSQLStringLen) {
-    tscError("sql string too long");
+    tscError("sql string exceeds max length:%d", tsMaxSQLStringLen);
    terrno = TSDB_CODE_INVALID_SQL;
    tscQueueAsyncError(fp, param, TSDB_CODE_INVALID_SQL);
    return;

--- a/src/client/src/tscSql.c
+++ b/src/client/src/tscSql.c
@@ -269,6 +269,15 @@ TAOS_RES* taos_query(TAOS *taos, const char *sqlstr) {
    return NULL;
  }
+  int32_t sqlLen = strlen(sqlstr);
+  if (sqlLen > tsMaxSQLStringLen) {
+    tscError("sql string exceeds max length:%d", tsMaxSQLStringLen);
+    terrno = TSDB_CODE_INVALID_SQL;
+    return NULL;
+  }
+  taosNotePrintTsc(sqlstr);
  SSqlObj* pSql = calloc(1, sizeof(SSqlObj));
  if (pSql == NULL) {
    tscError("failed to malloc sqlObj");
@@ -276,7 +285,6 @@ TAOS_RES* taos_query(TAOS *taos, const char *sqlstr) {
    return NULL;
  }
-  size_t sqlLen = strlen(sqlstr);
  doAsyncQuery(pObj, pSql, waitForQueryRsp, taos, sqlstr, sqlLen);
  // wait for the callback function to post the semaphore
@@ -510,22 +518,20 @@ int taos_select_db(TAOS *taos, const char *db) {
 }
 void taos_free_result(TAOS_RES *res) {
-  if (res == NULL) return;
  SSqlObj *pSql = (SSqlObj *)res;
-  SSqlRes *pRes = &pSql->res;
+  tscTrace("%p start to free result", res);
-  SSqlCmd *pCmd = &pSql->cmd;
-  tscTrace("%p start to free result", pSql);
+  if (pSql == NULL || pSql->signature != pSql) {
-  if (pSql->signature != pSql) {
    tscTrace("%p result has been freed", pSql);
    return;
  }
+  SSqlRes *pRes = &pSql->res;
+  SSqlCmd *pCmd = &pSql->cmd;
  // The semaphore can not be changed while freeing async sub query objects.
  if (pRes == NULL || pRes->qhandle == 0) {
-    tscTrace("%p SqlObj is freed by app, phandle is null", pSql);
+    tscTrace("%p SqlObj is freed by app, qhandle is null", pSql);
    tscFreeSqlObj(pSql);
    return;
  }