[postgis-devel] Slight bug in shp2pgsql

strk at refractions.net strk at refractions.net
Thu Apr 14 05:56:42 PDT 2005 

Thanks Gino, I've applied the patch.
BTW, latest revision did not have the bug in the second (escaping)
loop, but just in the first scan (counting occurrences).

--strk;

On Thu, Apr 14, 2005 at 02:40:04PM +0200, Gino Lucrezi wrote:
> I was converting a shape file with a strange text attribute, and it resulted in invalid SQL
> 
> I investigated, and found two small issues in shp2pgsql.c
> 
> The problem happens if a string starts with a single quote and has no other quotes in it. It's a very strange case, but it is perfectly legal.
> 
> In this case, shp2pgsql won't escape this lonely quote, due to a slight mistake in a while loop, which essentially starts at the second character of the string.
> 
> Moreover, if there are further quotes in the string, it might overrun its buffer (by just one byte, so it's probably not going to make a mess, but...)
> 
> In the process, I discovered that there was similar (incorrect) code in a procedure to escape tabs.
> 
> This is the kind of (wrong) SQL code which would be generated:
> 
> INSERT INTO "prova" (gid,"nome","the_geom") VALUES ('0',''abc','0101000000D006DCDD5E534241501CB678F4E95141');
> 
> Obviously, it should have been:
> INSERT INTO "prova" (gid,"nome","the_geom") VALUES ('0','\'abc','0101000000D006DCDD5E534241501CB678F4E95141');
> 
> I'm enclosing the shape file I used for my tests, even though it's trivial.
> 
> Here is the diff in the code:
> 
> --- loader/shp2pgsql.c.org      2005-04-14 13:59:48.934223144 +0200
> +++ loader/shp2pgsql.c  2005-04-14 14:38:33.000000000 +0200
> @@ -165,8 +165,9 @@
> 
>         ptr = str;
> 
> -       while (*ptr++) {
> +       while (*ptr) {
>                 if ( *ptr == '\t' || *ptr == '\\' ) toescape++;
> +               ptr++;
>         }
> 
>         if (toescape == 0) return str;
> @@ -217,8 +218,9 @@
> 
>         ptr = str;
> 
> -       while (*ptr++) {
> +       while (*ptr) {
>                 if ( *ptr == '\'' || *ptr == '\\' ) toescape++;
> +               ptr++;
>         }
> 
>         if (toescape == 0) return str;
> 
> 
> 
> This shouldn't trigger a new RC, obviously...
> 
> Gino Lucrezi
> Penta Consulting Services Srl


> _______________________________________________
> postgis-devel mailing list
> postgis-devel at postgis.refractions.net
> http://postgis.refractions.net/mailman/listinfo/postgis-devel

More information about the postgis-devel mailing list