[sr-dev] git:master:897f58fd: sqlops: add a limit of maximum 32 result containers

Daniel-Constantin Mierla miconda at gmail.com
Wed Aug 14 09:55:45 CEST 2019


Module: kamailio
Branch: master
Commit: 897f58fd48c68d88df7967c1390a23f8b9069a61
URL: https://github.com/kamailio/kamailio/commit/897f58fd48c68d88df7967c1390a23f8b9069a61

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2019-08-14T09:53:17+02:00

sqlops: add a limit of maximum 32 result containers

- prevent use of too much memory by defining too many result containers
- related to GH #2032

---

Modified: src/modules/sqlops/sql_api.c
Modified: src/modules/sqlops/sqlops.c

---

Diff:  https://github.com/kamailio/kamailio/commit/897f58fd48c68d88df7967c1390a23f8b9069a61.diff
Patch: https://github.com/kamailio/kamailio/commit/897f58fd48c68d88df7967c1390a23f8b9069a61.patch

---

diff --git a/src/modules/sqlops/sql_api.c b/src/modules/sqlops/sql_api.c
index 54c123f85e..748d77320e 100644
--- a/src/modules/sqlops/sql_api.c
+++ b/src/modules/sqlops/sql_api.c
@@ -35,6 +35,8 @@
 
 #include "sql_api.h"
 
+#define SQLOPS_RESULT_MAXSIZE 32
+
 sql_con_t *_sql_con_root = NULL;
 sql_result_t *_sql_result_root = NULL;
 
@@ -209,17 +211,25 @@ sql_result_t* sql_get_result(str *name)
 {
 	sql_result_t *sr;
 	unsigned int resid;
+	int i;
 
 	resid = core_case_hash(name, 0, 0);
 
 	sr = _sql_result_root;
+	i = 0;
 	while(sr)
 	{
 		if(sr->resid==resid && sr->name.len==name->len
 				&& strncmp(sr->name.s, name->s, name->len)==0)
 			return sr;
+		i++;
 		sr = sr->next;
 	}
+	if(i>SQLOPS_RESULT_MAXSIZE)
+	{
+		LM_ERR("too many result containers defined\n");
+		return NULL;
+	}
 	sr = (sql_result_t*)pkg_malloc(sizeof(sql_result_t) + name->len);
 	if(sr==NULL)
 	{
@@ -736,7 +746,7 @@ int sqlops_do_query(str *scon, str *squery, str *sres)
 		res = sql_get_result(sres);
 		if(res==NULL)
 		{
-			LM_ERR("invalid result [%.*s]\n", sres->len, sres->s);
+			LM_ERR("invalid result container [%.*s]\n", sres->len, sres->s);
 			goto error;
 		}
 	}
@@ -764,7 +774,7 @@ int sqlops_get_value(str *sres, int i, int j, sql_val_t **val)
 	res = sql_get_result(sres);
 	if(res==NULL)
 	{
-		LM_ERR("invalid result [%.*s]\n", sres->len, sres->s);
+		LM_ERR("invalid result container [%.*s]\n", sres->len, sres->s);
 		goto error;
 	}
 	if(i>=res->nrows)
@@ -800,7 +810,7 @@ int sqlops_is_null(str *sres, int i, int j)
 	res = sql_get_result(sres);
 	if(res==NULL)
 	{
-		LM_ERR("invalid result [%.*s]\n", sres->len, sres->s);
+		LM_ERR("invalid result container [%.*s]\n", sres->len, sres->s);
 		goto error;
 	}
 	if(i>=res->nrows)
@@ -836,7 +846,7 @@ int sqlops_get_column(str *sres, int i, str *col)
 	res = sql_get_result(sres);
 	if(res==NULL)
 	{
-		LM_ERR("invalid result [%.*s]\n", sres->len, sres->s);
+		LM_ERR("invalid result container [%.*s]\n", sres->len, sres->s);
 		goto error;
 	}
 	if(i>=res->ncols)
@@ -866,7 +876,7 @@ int sqlops_num_columns(str *sres)
 	res = sql_get_result(sres);
 	if(res==NULL)
 	{
-		LM_ERR("invalid result [%.*s]\n", sres->len, sres->s);
+		LM_ERR("invalid result container [%.*s]\n", sres->len, sres->s);
 		goto error;
 	}
 	return res->ncols;
@@ -890,7 +900,7 @@ int sqlops_num_rows(str *sres)
 	res = sql_get_result(sres);
 	if(res==NULL)
 	{
-		LM_ERR("invalid result [%.*s]\n", sres->len, sres->s);
+		LM_ERR("invalid result container [%.*s]\n", sres->len, sres->s);
 		goto error;
 	}
 	return res->nrows;
@@ -914,7 +924,7 @@ void sqlops_reset_result(str *sres)
 	res = sql_get_result(sres);
 	if(res==NULL)
 	{
-		LM_ERR("invalid result [%.*s]\n", sres->len, sres->s);
+		LM_ERR("invalid result container [%.*s]\n", sres->len, sres->s);
 		return;
 	}
 	sql_reset_result(res);
diff --git a/src/modules/sqlops/sqlops.c b/src/modules/sqlops/sqlops.c
index 1b16c06ed7..3943b1b81a 100644
--- a/src/modules/sqlops/sqlops.c
+++ b/src/modules/sqlops/sqlops.c
@@ -205,7 +205,7 @@ int sql_res_param(modparam_t type, void *val)
 	res = sql_get_result(&s);
 	if(res==NULL)
 	{
-		LM_ERR("invalid result [%s]\n", s.s);
+		LM_ERR("invalid result container [%s]\n", s.s);
 		goto error;
 	}
 	return 0;
@@ -335,7 +335,7 @@ static int fixup_sql_query(void** param, int param_no)
 		res = sql_get_result(&s);
 		if(res==NULL)
 		{
-			LM_ERR("invalid result [%s]\n", s.s);
+			LM_ERR("invalid result container [%s]\n", s.s);
 			return E_UNSPEC;
 		}
 		*param = (void*)res;
@@ -458,7 +458,7 @@ static int fixup_sql_rfree(void** param, int param_no)
 		res = sql_get_result(&s);
 		if(res==NULL)
 		{
-			LM_ERR("invalid result [%s]\n", s.s);
+			LM_ERR("invalid result container [%s]\n", s.s);
 			return E_UNSPEC;
 		}
 		*param = (void*)res;




More information about the sr-dev mailing list