sprintf segfaults

Discussion in 'C Programming' started by Robert Mens, Oct 25, 2003.

  1. Robert Mens

    Robert Mens Guest

    Alright, here's my code:

    int mysql_user_login(char * username, char * password)
    {
    MYSQL_RES *res_set;
    char * sql_query;
    sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND
    password=%s", username, password);
    if(mysql_query (conn, sql_query) != 0 )
    {
    print_error (conn, "mysql_query() failed");
    return 1;
    }else{
    return 0;
    }
    }

    Why does it segfault?

    btw my compiler says:
    mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer
    type

    Thanks in advance,

    Robert

    --
    ln[dot]tenalp[at]snem_trebor
    read reversed and fill dot&at for email
     
    Robert Mens, Oct 25, 2003
    #1
    1. Advertising

  2. Robert Mens <> spoke thus:

    > char * sql_query;
    > sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND


    > Why does it segfault?


    Because you declared sql_query as a character pointer, and then failed to
    allocate any space for it to point at. Either use a static character array
    (quite possibly what you want) or look at malloc().

    > btw my compiler says:
    > mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer
    > type


    Look at the prototype for sprintf, and then think about what the type of
    &sql_query is. It does not fit the prototype - this will cause a segfault all
    by itself, even after you fix your first problem above.

    --
    Christopher Benson-Manica | I *should* know what I'm talking about - if I
    ataru(at)cyberspace.org | don't, I need to know. Flames welcome.
     
    Christopher Benson-Manica, Oct 25, 2003
    #2
    1. Advertising

  3. Robert Mens

    j Guest

    "Christopher Benson-Manica" <> wrote in message
    news:bnef3b$aq2$...
    > Robert Mens <> spoke thus:
    >
    > > char * sql_query;
    > > sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND

    >
    > > Why does it segfault?

    >
    > Because you declared sql_query as a character pointer, and then failed to
    > allocate any space for it to point at. Either use a static character

    array
    > (quite possibly what you want) or look at malloc().
    >


    If the length of what user and password point to is unknown, and since the
    OP is using sprintf, then he should go with a dynamic buffer.

    To OP: (althought off-topic for this newsgroup)
    Check your MySQL API documentation for ``mysql_real_escape_string'',
    assuming that you haven't escaped the contents to which username and
    password point to, you would want to, to prevent SQL Injection.

    > > btw my compiler says:
    > > mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible

    pointer
    > > type

    >
    > Look at the prototype for sprintf, and then think about what the type of
    > &sql_query is. It does not fit the prototype - this will cause a segfault

    all
    > by itself, even after you fix your first problem above.
    >
    > --
    > Christopher Benson-Manica | I *should* know what I'm talking about - if I
    > ataru(at)cyberspace.org | don't, I need to know. Flames welcome.
     
    j, Oct 25, 2003
    #3
  4. On Sat, 25 Oct 2003 20:19:28 +0200, Robert Mens wrote:

    > Alright, here's my code:
    >
    > int mysql_user_login(char * username, char * password)
    > {
    > MYSQL_RES *res_set;
    > char * sql_query;
    > sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND
    > password=%s", username, password);
    > if(mysql_query (conn, sql_query) != 0 )
    > {
    > print_error (conn, "mysql_query() failed");
    > return 1;
    > }else{
    > return 0;
    > }
    > }
    >
    > Why does it segfault?
    >
    > btw my compiler says:
    > mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer
    > type


    This should be a big hint. What type does sprintf want for its first
    parameter? A pointer-to-char, right? But you're passing a pointer to
    pointer to char: a char **. Lose the &.

    However... that's just problem 1. Problem 2 is, sql_query doesn't
    actually point at any memory to store the printed buffer in, so the print
    is writing God knows where, with bad results. Allocate some memory, use a
    static buffer of appropriate size, whatever. If you do allocate it on the
    fly, remember to free it as needed as well.
     
    Kelsey Bjarnason, Oct 26, 2003
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rob Yampolsky

    axis cpp questions ...?wsdl segfaults

    Rob Yampolsky, May 3, 2005, in forum: Java
    Replies:
    0
    Views:
    488
    Rob Yampolsky
    May 3, 2005
  2. Naveen Parihar

    Weird segfaults

    Naveen Parihar, Apr 1, 2004, in forum: C++
    Replies:
    3
    Views:
    421
    John Harrison
    Apr 6, 2004
  3. Skeleton Man

    fixing random segfaults

    Skeleton Man, Jun 4, 2006, in forum: Perl
    Replies:
    0
    Views:
    2,033
    Skeleton Man
    Jun 4, 2006
  4. David Douthitt

    Statically-linked binary SegFaults

    David Douthitt, May 20, 2004, in forum: C Programming
    Replies:
    1
    Views:
    398
    Malcolm
    May 20, 2004
  5. Berthold Hoellmann
    Replies:
    10
    Views:
    521
    Berthold Höllmann
    Jan 3, 2004
Loading...

Share This Page