diff options
author | Marcel Krems <marcel@sarrazin.local> | 2019-09-15 01:15:16 +0200 |
---|---|---|
committer | Marcel Krems <m.krems@software-vision.eu> | 2020-08-24 13:50:55 +0200 |
commit | 41a716ebbfc9a8fcbf8ebca24da9638d3e9b9639 (patch) | |
tree | f5d317cdefeb57ac1e6a3be64785d5246c0fdd04 /tests/auto/sql/kernel/qsqlquery/tst_qsqlquery.cpp | |
parent | fce9ec05432073d1b24164814511eadb6beee737 (diff) |
QSqlite: Don't crash after binding too many placeholders
When you bind more values than the query has placeholders,
indexes will be empty which causes an out-of-bounds access in indexes.first.
We can't check the parameter count because of multiple placeholders with the same name,
so we check if the name is null.
Tested with SQLite and PostgreSQL
Pick-to: 5.15
Change-Id: Id5d4bd15d7ed16603f47b87d6e0bf811a20157d8
Reviewed-by: Andy Shaw <andy.shaw@qt.io>
Diffstat (limited to 'tests/auto/sql/kernel/qsqlquery/tst_qsqlquery.cpp')
-rw-r--r-- | tests/auto/sql/kernel/qsqlquery/tst_qsqlquery.cpp | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/tests/auto/sql/kernel/qsqlquery/tst_qsqlquery.cpp b/tests/auto/sql/kernel/qsqlquery/tst_qsqlquery.cpp index e75c98839b..8b057ec039 100644 --- a/tests/auto/sql/kernel/qsqlquery/tst_qsqlquery.cpp +++ b/tests/auto/sql/kernel/qsqlquery/tst_qsqlquery.cpp @@ -2255,6 +2255,16 @@ void tst_QSqlQuery::prepare_bind_exec() QCOMPARE(q.boundValues().at(1).toString(), utf8str); } + // Test binding more placeholders than the query contains placeholders + q.addBindValue(8); + q.addBindValue(9); + q.addBindValue(10); + QCOMPARE(q.boundValues().size(), 3); + QCOMPARE(q.boundValues().at(0).toInt(), 8); + QCOMPARE(q.boundValues().at(1).toInt(), 9); + QCOMPARE(q.boundValues().at(2).toInt(), 10); + QFAIL_SQL(q, exec()); + QVERIFY_SQL( q, exec( "SELECT * FROM " + qtest_prepare + " order by id" ) ); for ( i = 0; i < 6; ++i ) { |