Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potential issue in PreparedStatementInformation::getSqlWithValues #548

Open
rgeierger opened this issue May 22, 2022 · 2 comments
Open

Potential issue in PreparedStatementInformation::getSqlWithValues #548

rgeierger opened this issue May 22, 2022 · 2 comments

Comments

@rgeierger
Copy link

rgeierger commented May 22, 2022
edited

I refer to the following line of code:

p6spy/src/main/java/com/p6spy/engine/common/PreparedStatementInformation.java

Line 53 in e0aa88e

if( statementQuery.charAt(pos) == '?' && currentParameter <= parameterValues.size()) {

Assume there is a prepared stement with 10 binding parameters - that is, a ? occurs 10 times in the query. I sometimes see in the Hibernate logs that not all parameters are always get bound to a value (for whatever reason - I'm currently investigating on this). Now let's assume Hibernate bound parameters 3 to 10 in my example query. That is, parameterValues.size()) will yield 8. In this case, the if-statment will no try to get parameter 9 and 10 from the parameterValues. IMHO, Line 53 should better skip the size()-check on parameterValueswhich simplifies the if-statement to:

if( statementQuery.charAt(pos) == '?') {

Kind regards, Roland - a passionate user of p6spy :)
@gavlyukovskiy
Copy link
Member

Now let's assume Hibernate bound parameters 3 to 10 in my example query. That is, parameterValues.size()) will yield 8. In this case, the if-statment will no try to get parameter 9 and 10 from the parameterValues

I'm not sure what do you mean by that? If parameterValues does not have parameters 9 and 10 then how can we "get" them?

IMHO, Line 53 should better skip the size()-check on parameterValues

Won't we get IndexOutOfBoundsException in this case then?

@rgeierger
Copy link
Author

rgeierger commented Jun 6, 2022
edited

No, we won't get an IndexOutOfBoundsException as paramterValues is a HashTable. If it does not contain a value for key object currentParameter, it returns NULL. You explicitly check for such NULL values in Line 56:

sb.append(value != null ? value.toString() : new Value().toString());

My point is: HashTable paramterValues can have a size of e.g. 8 (as in my example), but the key values (currentParameter) may stretch beyond the size (10 in my example). In this case, all parameters beyound the size will remain ?.

I can reproduce this behaviour with Oracle 12 driver. Maybe this screenshot from the Eclipse Variable window during a debugging sessions helps:

click here

You see an insert statment containing 34 columns. HashTable parameterVAlues has a size of 20, where the key object ranges from 0 to 30 (with missing values - e.g.3, 5 and 6 are missing). Is that illustrative?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gavlyukovskiy @rgeierger