Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > C Programming > sprintf segfaults

Reply
Thread Tools

sprintf segfaults

 
 
Robert Mens
Guest
Posts: n/a
 
      10-25-2003
Alright, here's my code:

int mysql_user_login(char * username, char * password)
{
MYSQL_RES *res_set;
char * sql_query;
sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND
password=%s", username, password);
if(mysql_query (conn, sql_query) != 0 )
{
print_error (conn, "mysql_query() failed");
return 1;
}else{
return 0;
}
}

Why does it segfault?

btw my compiler says:
mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer
type

Thanks in advance,

Robert

--
ln[dot]tenalp[at]snem_trebor
read reversed and fill dot&at for email
 
Reply With Quote
 
 
 
 
Christopher Benson-Manica
Guest
Posts: n/a
 
      10-25-2003
Robert Mens <(E-Mail Removed)> spoke thus:

> char * sql_query;
> sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND


> Why does it segfault?


Because you declared sql_query as a character pointer, and then failed to
allocate any space for it to point at. Either use a static character array
(quite possibly what you want) or look at malloc().

> btw my compiler says:
> mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer
> type


Look at the prototype for sprintf, and then think about what the type of
&sql_query is. It does not fit the prototype - this will cause a segfault all
by itself, even after you fix your first problem above.

--
Christopher Benson-Manica | I *should* know what I'm talking about - if I
ataru(at)cyberspace.org | don't, I need to know. Flames welcome.
 
Reply With Quote
 
 
 
 
j
Guest
Posts: n/a
 
      10-25-2003

"Christopher Benson-Manica" <(E-Mail Removed)> wrote in message
news:bnef3b$aq2$(E-Mail Removed)...
> Robert Mens <(E-Mail Removed)> spoke thus:
>
> > char * sql_query;
> > sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND

>
> > Why does it segfault?

>
> Because you declared sql_query as a character pointer, and then failed to
> allocate any space for it to point at. Either use a static character

array
> (quite possibly what you want) or look at malloc().
>


If the length of what user and password point to is unknown, and since the
OP is using sprintf, then he should go with a dynamic buffer.

To OP: (althought off-topic for this newsgroup)
Check your MySQL API documentation for ``mysql_real_escape_string'',
assuming that you haven't escaped the contents to which username and
password point to, you would want to, to prevent SQL Injection.

> > btw my compiler says:
> > mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible

pointer
> > type

>
> Look at the prototype for sprintf, and then think about what the type of
> &sql_query is. It does not fit the prototype - this will cause a segfault

all
> by itself, even after you fix your first problem above.
>
> --
> Christopher Benson-Manica | I *should* know what I'm talking about - if I
> ataru(at)cyberspace.org | don't, I need to know. Flames welcome.



 
Reply With Quote
 
Kelsey Bjarnason
Guest
Posts: n/a
 
      10-25-2003
On Sat, 25 Oct 2003 20:19:28 +0200, Robert Mens wrote:

> Alright, here's my code:
>
> int mysql_user_login(char * username, char * password)
> {
> MYSQL_RES *res_set;
> char * sql_query;
> sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND
> password=%s", username, password);
> if(mysql_query (conn, sql_query) != 0 )
> {
> print_error (conn, "mysql_query() failed");
> return 1;
> }else{
> return 0;
> }
> }
>
> Why does it segfault?
>
> btw my compiler says:
> mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer
> type


This should be a big hint. What type does sprintf want for its first
parameter? A pointer-to-char, right? But you're passing a pointer to
pointer to char: a char **. Lose the &.

However... that's just problem 1. Problem 2 is, sql_query doesn't
actually point at any memory to store the printed buffer in, so the print
is writing God knows where, with bad results. Allocate some memory, use a
static buffer of appropriate size, whatever. If you do allocate it on the
fly, remember to free it as needed as well.


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
fixing random segfaults Skeleton Man Perl 0 06-04-2006 03:35 PM
axis cpp questions ...?wsdl segfaults Rob Yampolsky Java 0 05-03-2005 03:50 PM
Statically-linked binary SegFaults David Douthitt C Programming 1 05-20-2004 09:47 PM
Weird segfaults Naveen Parihar C++ 3 04-06-2004 06:18 AM
make test segfaults with "--enable-shared" on Python 2.3.3 Berthold Hoellmann Python 10 01-03-2004 10:31 PM



Advertisments