segmentation fault in sqlite api call

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

segmentation fault in sqlite api call

Ratheendran R
Hi,

I am a embedded engineer and new to sqlite,we want to use sqlite for our
local storage instead of file i/o.

I have created a table with key and value records of char type,now if I try
store a value with string length more than 50 char I get segmentation
fault,please see the code below and let me know if I can improve it.

sqlite3 *mod_init() {

    /* Open database */
    //rc = sqlite3_open("test.db", &dbObj->db);
    lastError = sqlite3_open_v2("test.db", &db, SQLITE_OPEN_READWRITE |
SQLITE_OPEN_CREATE | SQLITE_OPEN_SHAREDCACHE|SQLITE_OPEN_NOMUTEX , NULL);
    if( lastError ) {
        fprintf(stderr, "Can't open database: %s\n",
sqlite3_errmsg(dbObj->db));
    free(query);
    return(0);
    } else {
        fprintf(stdout, "Opened database successfully\n");
    }
    memset(query,0,200);
    strcpy(query,"CREATE TABLE IF NOT EXISTS cosmos_db("  \
    "key   TEXT PRIMARY KEY       NOT NULL," \
    "value        VARCHAR(100));");

    /* Execute SQL statement */
    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);


    if( lastError != SQLITE_OK ){
        fprintf(stderr, "SQL error: %s\n", zErrMsg);
        sqlite3_free(zErrMsg);
    } else {
        fprintf(stdout, "Table created successfully\n");
    }
return db;
}



int mydef_set(cf_db_t *dbObj,char *key, char **value)
{
    char *zErrMsg = 0;
    int rc;
    sprintf(query,"INSERT OR REPLACE INTO cosmos_db (key,value) values
('%s', '%s');",key,*value);
    /* Execute SQL statement */
    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
    if( lastError != SQLITE_OK ) {
                  fprintf(stderr, "SQL error: %s\n", zErrMsg);
                  sqlite3_free(zErrMsg);
           } else {
                  fprintf(stdout, "Update done successfully\n");
           }
    return lastError;
}


int main()
{
    sqlite3 *db;
    db=mod_init();
        mydef_set(db,"sssi","Hitjkahzdsdhdjksdhjsdhsjfhjsdhfjhsjd bcn
bsdbgfhjsdgcsdfcbscbshdfgchdsfbbsdfcsfg");
}

Thanks,
Ratheendran
_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
Reply | Threaded
Open this post in threaded view
|

Re: segmentation fault in sqlite api call

Olivier Mascia
Hi,

mydef_set probably overflows your 'query' variable of which you don't show declaration but I guess it is 200 bytes seeing your memset(query,0,200); strcpy(query, ...

This above and why this char** buffer in mydef_set prototype?
Think about what your intent was. Compare to what you did (right) for key parameter.

Try to stop writing software that sprintf things to fixed sized buffers. Especially when the purpose is to dynamically build SQL statements. Learn about using parameters in your SQL statement, prepare once and execute many, supplying values for the parameters at each run (step).

Hope it will help.
--
Best Regards, Meilleures salutations, Met vriendelijke groeten,
Olivier Mascia

> Le 21 oct. 2018 à 18:54, Ratheendran R <[hidden email]> a écrit :
>
> Hi,
>
> I am a embedded engineer and new to sqlite,we want to use sqlite for our
> local storage instead of file i/o.
>
> I have created a table with key and value records of char type,now if I try
> store a value with string length more than 50 char I get segmentation
> fault,please see the code below and let me know if I can improve it.
>
> sqlite3 *mod_init() {
>
>    /* Open database */
>    //rc = sqlite3_open("test.db", &dbObj->db);
>    lastError = sqlite3_open_v2("test.db", &db, SQLITE_OPEN_READWRITE |
> SQLITE_OPEN_CREATE | SQLITE_OPEN_SHAREDCACHE|SQLITE_OPEN_NOMUTEX , NULL);
>    if( lastError ) {
>        fprintf(stderr, "Can't open database: %s\n",
> sqlite3_errmsg(dbObj->db));
>    free(query);
>    return(0);
>    } else {
>        fprintf(stdout, "Opened database successfully\n");
>    }
>    memset(query,0,200);
>    strcpy(query,"CREATE TABLE IF NOT EXISTS cosmos_db("  \
>    "key   TEXT PRIMARY KEY       NOT NULL," \
>    "value        VARCHAR(100));");
>
>    /* Execute SQL statement */
>    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
>
>
>    if( lastError != SQLITE_OK ){
>        fprintf(stderr, "SQL error: %s\n", zErrMsg);
>        sqlite3_free(zErrMsg);
>    } else {
>        fprintf(stdout, "Table created successfully\n");
>    }
> return db;
> }
>
>
>
> int mydef_set(cf_db_t *dbObj,char *key, char **value)
> {
>    char *zErrMsg = 0;
>    int rc;
>    sprintf(query,"INSERT OR REPLACE INTO cosmos_db (key,value) values
> ('%s', '%s');",key,*value);
>    /* Execute SQL statement */
>    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
>    if( lastError != SQLITE_OK ) {
>                  fprintf(stderr, "SQL error: %s\n", zErrMsg);
>                  sqlite3_free(zErrMsg);
>           } else {
>                  fprintf(stdout, "Update done successfully\n");
>           }
>    return lastError;
> }
>
>
> int main()
> {
>    sqlite3 *db;
>    db=mod_init();
>        mydef_set(db,"sssi","Hitjkahzdsdhdjksdhjsdhsjfhjsdhfjhsjd bcn
> bsdbgfhjsdgcsdfcbscbshdfgchdsfbbsdfcsfg");
> }
>
> Thanks,
> Ratheendran
> _______________________________________________
> sqlite-users mailing list
> [hidden email]
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users



_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
Reply | Threaded
Open this post in threaded view
|

Re: segmentation fault in sqlite api call

Larry Brasfield
In reply to this post by Ratheendran R
The code you provided declares and defines a pointer, named ‘db’ in main(), which is used with the SQLite API but never made to point to a valid object in memory or even to allocated memory.  Hence your segmentation fault.

_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
Reply | Threaded
Open this post in threaded view
|

Re: segmentation fault in sqlite api call

Peter da Silva-2
In reply to this post by Ratheendran R
You're passing a char * to a routine that expects a char **, and then
immediately trying to indirect through it, which means it's taking the
text, treating it as a pointer, and passing the random data it's pointing
to as a string to sqlite.

On Sun., 21 Oct. 2018, 11:55 Ratheendran R, <[hidden email]> wrote:

> Hi,
>
> I am a embedded engineer and new to sqlite,we want to use sqlite for our
> local storage instead of file i/o.
>
> I have created a table with key and value records of char type,now if I try
> store a value with string length more than 50 char I get segmentation
> fault,please see the code below and let me know if I can improve it.
>
> sqlite3 *mod_init() {
>
>     /* Open database */
>     //rc = sqlite3_open("test.db", &dbObj->db);
>     lastError = sqlite3_open_v2("test.db", &db, SQLITE_OPEN_READWRITE |
> SQLITE_OPEN_CREATE | SQLITE_OPEN_SHAREDCACHE|SQLITE_OPEN_NOMUTEX , NULL);
>     if( lastError ) {
>         fprintf(stderr, "Can't open database: %s\n",
> sqlite3_errmsg(dbObj->db));
>     free(query);
>     return(0);
>     } else {
>         fprintf(stdout, "Opened database successfully\n");
>     }
>     memset(query,0,200);
>     strcpy(query,"CREATE TABLE IF NOT EXISTS cosmos_db("  \
>     "key   TEXT PRIMARY KEY       NOT NULL," \
>     "value        VARCHAR(100));");
>
>     /* Execute SQL statement */
>     lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
>
>
>     if( lastError != SQLITE_OK ){
>         fprintf(stderr, "SQL error: %s\n", zErrMsg);
>         sqlite3_free(zErrMsg);
>     } else {
>         fprintf(stdout, "Table created successfully\n");
>     }
> return db;
> }
>
>
>
> int mydef_set(cf_db_t *dbObj,char *key, char **value)
> {
>     char *zErrMsg = 0;
>     int rc;
>     sprintf(query,"INSERT OR REPLACE INTO cosmos_db (key,value) values
> ('%s', '%s');",key,*value);
>     /* Execute SQL statement */
>     lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
>     if( lastError != SQLITE_OK ) {
>                   fprintf(stderr, "SQL error: %s\n", zErrMsg);
>                   sqlite3_free(zErrMsg);
>            } else {
>                   fprintf(stdout, "Update done successfully\n");
>            }
>     return lastError;
> }
>
>
> int main()
> {
>     sqlite3 *db;
>     db=mod_init();
>         mydef_set(db,"sssi","Hitjkahzdsdhdjksdhjsdhsjfhjsdhfjhsjd bcn
> bsdbgfhjsdgcsdfcbscbshdfgchdsfbbsdfcsfg");
> }
>
> Thanks,
> Ratheendran
> _______________________________________________
> sqlite-users mailing list
> [hidden email]
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
>
_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
Reply | Threaded
Open this post in threaded view
|

Re: segmentation fault in sqlite api call

Keith Medcalf
In reply to this post by Ratheendran R

You have a vast number of undeclared variables that are pointing into super-crash-land:

sqlite3 *mod_init()

  db is undeclared
  dbObj is undeclared
  lastError is undeclared
  query is undeclared
  zErrMsg is undeclared

int mydef_set(cf_db_t *dbObj,char *key, char **value)

  type cf_db_t is undeclared
  query is undeclared
  db is undeclared
  lastError is undeclared
  char **value does not match passed type
 
int main()

  in call to mydef_set
   parameter 1 (sqlite3*) does not match expected (cf_db_t*)
   parameter 2 (char*) does not match expected (char**)

---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.

>-----Original Message-----
>From: sqlite-users [mailto:sqlite-users-
>[hidden email]] On Behalf Of Ratheendran R
>Sent: Sunday, 21 October, 2018 10:55
>To: [hidden email]
>Subject: [sqlite] segmentation fault in sqlite api call
>
>Hi,
>
>I am a embedded engineer and new to sqlite,we want to use sqlite for
>our
>local storage instead of file i/o.
>
>I have created a table with key and value records of char type,now if
>I try
>store a value with string length more than 50 char I get segmentation
>fault,please see the code below and let me know if I can improve it.
>
>sqlite3 *mod_init() {
>
>    /* Open database */
>    //rc = sqlite3_open("test.db", &dbObj->db);
>    lastError = sqlite3_open_v2("test.db", &db, SQLITE_OPEN_READWRITE
>|
>SQLITE_OPEN_CREATE | SQLITE_OPEN_SHAREDCACHE|SQLITE_OPEN_NOMUTEX ,
>NULL);
>    if( lastError ) {
>        fprintf(stderr, "Can't open database: %s\n",
>sqlite3_errmsg(dbObj->db));
>    free(query);
>    return(0);
>    } else {
>        fprintf(stdout, "Opened database successfully\n");
>    }
>    memset(query,0,200);
>    strcpy(query,"CREATE TABLE IF NOT EXISTS cosmos_db("  \
>    "key   TEXT PRIMARY KEY       NOT NULL," \
>    "value        VARCHAR(100));");
>
>    /* Execute SQL statement */
>    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
>
>
>    if( lastError != SQLITE_OK ){
>        fprintf(stderr, "SQL error: %s\n", zErrMsg);
>        sqlite3_free(zErrMsg);
>    } else {
>        fprintf(stdout, "Table created successfully\n");
>    }
>return db;
>}
>
>
>
>int mydef_set(cf_db_t *dbObj,char *key, char **value)
>{
>    char *zErrMsg = 0;
>    int rc;
>    sprintf(query,"INSERT OR REPLACE INTO cosmos_db (key,value)
>values
>('%s', '%s');",key,*value);
>    /* Execute SQL statement */
>    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
>    if( lastError != SQLITE_OK ) {
>                  fprintf(stderr, "SQL error: %s\n", zErrMsg);
>                  sqlite3_free(zErrMsg);
>           } else {
>                  fprintf(stdout, "Update done successfully\n");
>           }
>    return lastError;
>}
>
>
>int main()
>{
>    sqlite3 *db;
>    db=mod_init();
>        mydef_set(db,"sssi","Hitjkahzdsdhdjksdhjsdhsjfhjsdhfjhsjd bcn
>bsdbgfhjsdgcsdfcbscbshdfgchdsfbbsdfcsfg");
>}
>
>Thanks,
>Ratheendran
>_______________________________________________
>sqlite-users mailing list
>[hidden email]
>http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users



_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
Reply | Threaded
Open this post in threaded view
|

Re: segmentation fault in sqlite api call

Ratheendran R
In reply to this post by Olivier Mascia
Thanks Olivier Mascia for the tips and suggestion I will definitely try out.

sorry for the code with the double pointer which has raised lot of
confusion I ensured this fault raised is not beacuse of any of my pointer
usage .

I am having a workaround with key/value memory allocation in heap and
double pointer seen was its residue, I am wondering why this fault occurs
for stack allocation.

int mydef_set(sqlite3 *db,char *key, char **value)
{
    char *zErrMsg = 0;
    int rc;
    char query[200]
    sprintf(query,"INSERT OR REPLACE INTO cosmos_db (key,value) values
('%s', '%s');",key,*value);
    /* Execute SQL statement */
    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
    if( lastError != SQLITE_OK ) {
                  fprintf(stderr, "SQL error: %s\n", zErrMsg);
                  sqlite3_free(zErrMsg);
           } else {
                  fprintf(stdout, "Update done successfully\n");
           }
    return lastError;
}


int main()
{


    sqlite3 *db;
    db=mod_init();
    char *val=malloc(1000);
        //strcpy(val,
        char dest[]="axzchsdjzcjsdjdcfsjhgfcshgsdfgsfg h
dbhjbbssdfsdsgffjhdsgfjg";
        strcpy(val,dest);

        mydef_set(db,"sssi",&val);

}


Ratheendran





On Sun, Oct 21, 2018 at 10:46 PM Olivier Mascia <[hidden email]> wrote:

> Hi,
>
> mydef_set probably overflows your 'query' variable of which you don't show
> declaration but I guess it is 200 bytes seeing your memset(query,0,200);
> strcpy(query, ...
>
> This above and why this char** buffer in mydef_set prototype?
> Think about what your intent was. Compare to what you did (right) for key
> parameter.
>
> Try to stop writing software that sprintf things to fixed sized buffers.
> Especially when the purpose is to dynamically build SQL statements. Learn
> about using parameters in your SQL statement, prepare once and execute
> many, supplying values for the parameters at each run (step).
>
> Hope it will help.
> --
> Best Regards, Meilleures salutations, Met vriendelijke groeten,
> Olivier Mascia
>
> > Le 21 oct. 2018 à 18:54, Ratheendran R <[hidden email]> a
> écrit :
> >
> > Hi,
> >
> > I am a embedded engineer and new to sqlite,we want to use sqlite for our
> > local storage instead of file i/o.
> >
> > I have created a table with key and value records of char type,now if I
> try
> > store a value with string length more than 50 char I get segmentation
> > fault,please see the code below and let me know if I can improve it.
> >
> > sqlite3 *mod_init() {
> >
> >    /* Open database */
> >    //rc = sqlite3_open("test.db", &dbObj->db);
> >    lastError = sqlite3_open_v2("test.db", &db, SQLITE_OPEN_READWRITE |
> > SQLITE_OPEN_CREATE | SQLITE_OPEN_SHAREDCACHE|SQLITE_OPEN_NOMUTEX , NULL);
> >    if( lastError ) {
> >        fprintf(stderr, "Can't open database: %s\n",
> > sqlite3_errmsg(dbObj->db));
> >    free(query);
> >    return(0);
> >    } else {
> >        fprintf(stdout, "Opened database successfully\n");
> >    }
> >    memset(query,0,200);
> >    strcpy(query,"CREATE TABLE IF NOT EXISTS cosmos_db("  \
> >    "key   TEXT PRIMARY KEY       NOT NULL," \
> >    "value        VARCHAR(100));");
> >
> >    /* Execute SQL statement */
> >    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
> >
> >
> >    if( lastError != SQLITE_OK ){
> >        fprintf(stderr, "SQL error: %s\n", zErrMsg);
> >        sqlite3_free(zErrMsg);
> >    } else {
> >        fprintf(stdout, "Table created successfully\n");
> >    }
> > return db;
> > }
> >
> >
> >
> > int mydef_set(cf_db_t *dbObj,char *key, char **value)
> > {
> >    char *zErrMsg = 0;
> >    int rc;
> >    sprintf(query,"INSERT OR REPLACE INTO cosmos_db (key,value) values
> > ('%s', '%s');",key,*value);
> >    /* Execute SQL statement */
> >    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
> >    if( lastError != SQLITE_OK ) {
> >                  fprintf(stderr, "SQL error: %s\n", zErrMsg);
> >                  sqlite3_free(zErrMsg);
> >           } else {
> >                  fprintf(stdout, "Update done successfully\n");
> >           }
> >    return lastError;
> > }
> >
> >
> > int main()
> > {
> >    sqlite3 *db;
> >    db=mod_init();
> >        mydef_set(db,"sssi","Hitjkahzdsdhdjksdhjsdhsjfhjsdhfjhsjd bcn
> > bsdbgfhjsdgcsdfcbscbshdfgchdsfbbsdfcsfg");
> > }
> >
> > Thanks,
> > Ratheendran
> > _______________________________________________
> > sqlite-users mailing list
> > [hidden email]
> > http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
>
>
>
> _______________________________________________
> sqlite-users mailing list
> [hidden email]
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
>
_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
Reply | Threaded
Open this post in threaded view
|

Re: segmentation fault in sqlite api call

Olivier Mascia
Your query string is ~ 61 characters (did not count precisely), not including the key length not the value length. Are you sure the real tests you run do not overflow the fixed buffer char query[200] which can hold no more than 199 characters?  You would have huge problems as soon as strlen(key) + strlen(query) > ~139.

Besides, there is still no point passing a char** to mydef_set().
You might as well have:
> int mydef_set(sqlite3 *db,char *key, char *value)
and call it as:
> mydef_set(db,"sssi",val);

And the code for mod_init() copied from your initial email can't be the code you compile along the remaining bits of the sample you provided. That function expect db to be a global, yet it returns it after changing it, it frees a query which was nowhere declared/allocated,...

I sincerely think what you are looking at are weird bugs in your code, and you might be loosing precious time wondering what might go wrong in SQLite code : anything and everything if the caller plays fool.

If you want some more help from the community, I suggest you should write a short self-contained sample as you tried to do, but this time check that it compiles fine (what you showed until now can't possibly even compile), and run and produces the same problem as your real program then show it.  Please also tell what your platform is and how is SQLite linked to your code (static lib, dynamic lib, or compiled in along with your project code).

--
Best Regards, Meilleures salutations, Met vriendelijke groeten,
Olivier Mascia

> sqlite3 *mod_init() {
>
>    /* Open database */
>    //rc = sqlite3_open("test.db", &dbObj->db);
>    lastError = sqlite3_open_v2("test.db", &db, SQLITE_OPEN_READWRITE |
> SQLITE_OPEN_CREATE | SQLITE_OPEN_SHAREDCACHE|SQLITE_OPEN_NOMUTEX , NULL);
>    if( lastError ) {
>        fprintf(stderr, "Can't open database: %s\n",
> sqlite3_errmsg(dbObj->db));
>    free(query);
>    return(0);
>    } else {
>        fprintf(stdout, "Opened database successfully\n");
>    }
>    memset(query,0,200);
>    strcpy(query,"CREATE TABLE IF NOT EXISTS cosmos_db("  \
>    "key   TEXT PRIMARY KEY       NOT NULL," \
>    "value        VARCHAR(100));");
>
>    /* Execute SQL statement */
>    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
>
>
>    if( lastError != SQLITE_OK ){
>        fprintf(stderr, "SQL error: %s\n", zErrMsg);
>        sqlite3_free(zErrMsg);
>    } else {
>        fprintf(stdout, "Table created successfully\n");
>    }
> return db;
> }
>

> Le 22 oct. 2018 à 07:15, Ratheendran R <[hidden email]> a écrit :
>
> int mydef_set(sqlite3 *db,char *key, char **value)
> {
>    char *zErrMsg = 0;
>    int rc;
>    char query[200]
>    sprintf(query,"INSERT OR REPLACE INTO cosmos_db (key,value) values
> ('%s', '%s');",key,*value);
>    /* Execute SQL statement */
>    lastError = sqlite3_exec(db, query, 0, 0, &zErrMsg);
>    if( lastError != SQLITE_OK ) {
>                  fprintf(stderr, "SQL error: %s\n", zErrMsg);
>                  sqlite3_free(zErrMsg);
>           } else {
>                  fprintf(stdout, "Update done successfully\n");
>           }
>    return lastError;
> }
>
>
> int main()
> {
>
>
>    sqlite3 *db;
>    db=mod_init();
>    char *val=malloc(1000);
>        //strcpy(val,
>        char dest[]="axzchsdjzcjsdjdcfsjhgfcshgsdfgsfg h
> dbhjbbssdfsdsgffjhdsgfjg";
>        strcpy(val,dest);
>
>        mydef_set(db,"sssi",&val);
>
> }



_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users