-1

I'm using a mysql snippet that connects to my mysql database (locally) in ANSI C. Everything is working perfectly, but I've been trying to create a function that connects to my database and inserts a new record based on some variables. I'm using sprintf to snag those variables and piece them together to form my SQL query.

Problem

Once I have my variables and my SQL ready, I send it over to mysql_query. Unfortunately, this does not work as expected, the program crashes and reports a buffer overflow.

Here are pieces of the overall function that may help explain the problem.

#include <mysql.h>
#include <string.h>
#include <stdio.h>

char *table = "test_table"; // table is called test_table
char *column = "value"; // column is called value
char *value = "working"; // what value we are inserting
char *query; // what we are sending to mysql_query

sprintf(query, "INSERT INTO %s (%s) VALUES ('%s')", table, column, value);

if (mysql_query(conn, query)) {
  fprintf(stderr, "%s\n", mysql_error(conn));
  return;
}

Purpose

The purpose of the overall function is so I don't have to keep rewriting SQL insert or update statements in my program. I want to call to one function and pass a few parameters that identify the table, columns and the values of said columns.

Any help would be most appreciated. I'm a bit rusty in C these days.

Question

Why is mysql_query not able to send the string?

Changes

This worked based on the comments. 

const char *query[MAX_STRING_LENGTH];

sprintf((char *)query, "INSERT INTO %s (%s) VALUES ('%s')", table, column, value);

if (mysql_query(conn, (const char *)query)) {
Deduplicator
  • 44,692
  • 7
  • 66
  • 118
Fastidious
  • 1,249
  • 4
  • 25
  • 43
  • Is there a question that I can't see in your "question"? Or did you forget it? – Mats Petersson Aug 24 '13 at 22:08
  • 1
    You never allocate memory for `query`. It doesn't point to any valid location. I suggest you read a good beginners' C programming guide before trying to mess with SQL, because there will be [little Bobby tables](http://bobby-tables.com) all over the place. –  Aug 24 '13 at 22:08
  • And I'm guessing that this code crashes because `query` is a pointer that points to "nowhere". – Mats Petersson Aug 24 '13 at 22:08
  • Thanks for the input guys. Makes perfect sense. I originally allocated memory, but i got a few warnings. I should have specified that. – Fastidious Aug 24 '13 at 22:35

1 Answers1

1

You have no backing storage for query.

It's either set to NULL or some indeterminate value, depending on its storage duration, neither of which will end well :-)

Quick fix is to change it to

char query[1000];

though any coder worth their salary would also check to ensure buffer overflow didn't occur.

paxdiablo
  • 854,327
  • 234
  • 1,573
  • 1,953
  • No problem, I've removed my now-obsolete comment. –  Aug 24 '13 at 22:16
  • I didn't want to paste the entire function, but yes, it is inside the function. – Fastidious Aug 24 '13 at 22:18
  • I originally set, const char query[MAX_STRING_LENGTH];. This compiles and works with warnings. It also updates the database as your quick fix does. But, mysql_query warns it expect const. Then sprintf warns that it discards const. – Fastidious Aug 24 '13 at 22:24
  • 1
    @Fastidious, that's a different issue, one that can probably be fixed with casting.But even being warned about const-ness is better than crashing :-) – paxdiablo Aug 24 '13 at 22:27
  • What about "const char *query", "char query_ready[MAX_STRING_LENGTH]" and "query = query_ready;"? This compiled without warning when changing sprintf(query,...) to query_ready. No warning, no crash and worked. – Fastidious Aug 24 '13 at 22:32
  • 1
    @Fastidious, that looks okay. You could probably use casting to avoid a second variable but, if it works, go for it. The cost of a second pointer variable is close enough to zero that it doesn't matter. – paxdiablo Aug 24 '13 at 22:38
  • Updated the description to reflect my attempt. I'll wait a bit and see if you respond. Then I'll accept this answer because this ideally made it not crash and work as well lead me to the new change listed above. – Fastidious Aug 24 '13 at 22:38
  • Thanks again paxdiablo! I wrote it again, but casted this time and it worked like a charm without the second variable. – Fastidious Aug 24 '13 at 23:45