473,320 Members | 1,744 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

sprintf segfaults

Alright, here's my code:

int mysql_user_login(char * username, char * password)
{
MYSQL_RES *res_set;
char * sql_query;
sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND
password=%s", username, password);
if(mysql_query (conn, sql_query) != 0 )
{
print_error (conn, "mysql_query() failed");
return 1;
}else{
return 0;
}
}

Why does it segfault?

btw my compiler says:
mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer
type

Thanks in advance,

Robert

--
ln[dot]tenalp[at]snem_trebor
read reversed and fill dot&at for email
Nov 13 '05 #1
3 2096
Robert Mens <ro*********@hotmail.com> spoke thus:
char * sql_query;
sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND Why does it segfault?
Because you declared sql_query as a character pointer, and then failed to
allocate any space for it to point at. Either use a static character array
(quite possibly what you want) or look at malloc().
btw my compiler says:
mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer
type


Look at the prototype for sprintf, and then think about what the type of
&sql_query is. It does not fit the prototype - this will cause a segfault all
by itself, even after you fix your first problem above.

--
Christopher Benson-Manica | I *should* know what I'm talking about - if I
ataru(at)cyberspace.org | don't, I need to know. Flames welcome.
Nov 13 '05 #2
j

"Christopher Benson-Manica" <at***@nospam.cyberspace.org> wrote in message
news:bn**********@chessie.cirr.com...
Robert Mens <ro*********@hotmail.com> spoke thus:
char * sql_query;
sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND
Why does it segfault?


Because you declared sql_query as a character pointer, and then failed to
allocate any space for it to point at. Either use a static character

array (quite possibly what you want) or look at malloc().

If the length of what user and password point to is unknown, and since the
OP is using sprintf, then he should go with a dynamic buffer.

To OP: (althought off-topic for this newsgroup)
Check your MySQL API documentation for ``mysql_real_escape_string'',
assuming that you haven't escaped the contents to which username and
password point to, you would want to, to prevent SQL Injection.
btw my compiler says:
mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer type


Look at the prototype for sprintf, and then think about what the type of
&sql_query is. It does not fit the prototype - this will cause a segfault

all by itself, even after you fix your first problem above.

--
Christopher Benson-Manica | I *should* know what I'm talking about - if I
ataru(at)cyberspace.org | don't, I need to know. Flames welcome.

Nov 13 '05 #3
On Sat, 25 Oct 2003 20:19:28 +0200, Robert Mens wrote:
Alright, here's my code:

int mysql_user_login(char * username, char * password)
{
MYSQL_RES *res_set;
char * sql_query;
sprintf(&sql_query, "SELECT * FROM users WHERE username=%s AND
password=%s", username, password);
if(mysql_query (conn, sql_query) != 0 )
{
print_error (conn, "mysql_query() failed");
return 1;
}else{
return 0;
}
}

Why does it segfault?

btw my compiler says:
mysql.c:63: warning: passing arg 1 of `sprintf' from incompatible pointer
type


This should be a big hint. What type does sprintf want for its first
parameter? A pointer-to-char, right? But you're passing a pointer to
pointer to char: a char **. Lose the &.

However... that's just problem 1. Problem 2 is, sql_query doesn't
actually point at any memory to store the printed buffer in, so the print
is writing God knows where, with bad results. Allocate some memory, use a
static buffer of appropriate size, whatever. If you do allocate it on the
fly, remember to free it as needed as well.
Nov 13 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: marko | last post by:
I'm having big problems with php and mysql. php segfaults on certain mysql calls, with the following logs in apache error log: child pid 60386 exit signal Segmentation fault (11) and in the...
5
by: Naveen Parihar | last post by:
I've a binary that runs on most of our servers but segfaults on one of the servers. Further, even on this specific machine, the binary runs successfully sometimes but segfaults most of the time....
1
by: David Douthitt | last post by:
I have a binary statically linked application that was compiled against Red Hat 7.3 (presumably glibc 2.2.5). The application SegFaults when run in a Red Hat Advanced Server environment - with...
1
by: jimjim | last post by:
Hello, I was wondering about the implications of giving as an argument to sprintf a different data type from the one specified in the format argument. This type of question along with some...
4
by: Frank Millman | last post by:
Hi all I am using Python 2.4.1. I have machines running FC4, RH9, and MSW Server 2003 for testing. If I call sax.make_parser() from the interpreter or from a stand-alone program, it works...
12
by: Henryk | last post by:
Hey there, I have some problems with the following code snippet on a Virtex-4 PowerPC with a GCC based compiler char chData; sprintf(&chData, "%+05.0f", -0.038f); --I get "-000" ???...
9
by: Josh Zenker | last post by:
I've been working on an implementation of Dijkstra's algorithm on and off for the past few days. I thought I was close to being finished, but clearly I've done something wrong. I'm not a very...
15
by: krister | last post by:
Hello, I'm working in a quite large system that has some limitations. One of those is that I can't use printf() to get an output on a screen. I'm forced to use a special function, let's call it...
173
by: Ron Ford | last post by:
I'm looking for a freeware c99 compiler for windows. I had intended to use MS's Visual C++ Express and use its C capability. In the past with my MS products, I've simply needed to make .c the...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.