#894 Fix negative buffer size on Firebird 2.5 if information response is 32KiB or greater

Author: mrotteveel

src/docs/asciidoc/release_notes.adoc

@@ -29,6 +29,18 @@ Changes per Jaybird 5 release.
 See also <<whats-new-in-jaybird-5>>.
 For known issues, consult <<known-issues>>.
 
+[#jaybird-5-0-10-changelog]
+=== Jaybird 5.0.10
+
+The following has been changed or fixed since Jaybird 5.0.9:
+
+* Fixed: Negative buffer size on Firebird 2.5 if information response is 32KiB or greater (https://github.com/FirebirdSQL/jaybird/issues/894[#894])
++
+The error occurs when preparing or executing statements with a lot of columns, especially select statements with columns that have long names and/or aliases for columns, tables and table owners.
+Symptoms include unexpected closed connections, and errors like "`__Unsupported or unexpected operation code <number> in processOperation__`" (with varying numbers) and "`__java.lang.NegativeArraySizeException: -1__`" (and other negative numbers).
++
+Only Firebird 2.5 is affected.
+
 [#jaybird-5-0-9-changelog]
 === Jaybird 5.0.9
 

src/main/org/firebirdsql/gds/impl/wire/XdrInputStream.java

@@ -118,13 +118,18 @@ public int skipFully(int numbytes) throws IOException {
      *         underlying input stream
      */
     public byte[] readBuffer() throws IOException {
-        int len = readInt();
-        byte[] buffer = new byte[len];
-        readFully(buffer, 0, len);
+        int len = fixupLength(readInt());
+        byte[] buffer = readRawBuffer(len);
         skipPadding(len);
         return buffer;
     }
 
+    private static int fixupLength(int len) {
+        // Older Firebird versions may return a 32-bit value that is a sign-extended 16-bit value.
+        // Firebird does something similar in remote/protocol.cpp (xdr_cstring_with_limit).
+        return len >>> 16 == 0xFFFF ? len & 0xFFFF : len;
+    }
+
     /**
      * Read in a raw array of bytes.
      *

src/test/org/firebirdsql/jdbc/FBPreparedStatementTest.java

@@ -20,6 +20,7 @@
 
 import org.firebirdsql.common.DataGenerator;
 import org.firebirdsql.common.FBTestProperties;
+import org.firebirdsql.common.extension.DatabaseUserExtension;
 import org.firebirdsql.common.extension.UsesDatabaseExtension;
 import org.firebirdsql.gds.ISCConstants;
 import org.firebirdsql.jaybird.props.PropertyNames;
@@ -44,6 +45,7 @@
 import java.sql.*;
 import java.util.*;
 import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.stream.IntStream;
 import java.util.stream.Stream;
 
 import static org.firebirdsql.common.DdlHelper.executeCreateTable;
@@ -68,6 +70,8 @@ class FBPreparedStatementTest {
 
     @RegisterExtension
     static final UsesDatabaseExtension.UsesDatabaseForAll usesDatabase = UsesDatabaseExtension.usesDatabaseForAll();
+    @RegisterExtension
+    final DatabaseUserExtension databaseUsers = DatabaseUserExtension.withDatabaseUser();
 
     //@formatter:off
     private static final String DROP_GENERATOR = "DROP GENERATOR test_generator";
@@ -1550,6 +1554,57 @@ void executeQueryWithExceptionShouldEndTransactionInAutocommit() throws Exceptio
         }
     }
 
+    /**
+     * Prepare a statement where the info size exceeds 32KiB.
+     * <p>
+     * Rationale: <a href="https://github.com/FirebirdSQL/jaybird/issues/894">#894</a>
+     * </p>
+     */
+    @Test
+    void prepareStatementWithInfoExceeding32K() throws Exception {
+        final String owner = "U234567890123456789012345678901";
+        databaseUsers.createUser(owner, owner);
+        if (getDefaultSupportInfo().isVersionEqualOrAbove(3, 0)) {
+            try (Statement stmt = con.createStatement()) {
+                stmt.execute("grant create table to user " + owner);
+            }
+        }
+        Map<String, String> connectionProps = new HashMap<>();
+        connectionProps.put("user", owner);
+        connectionProps.put("password", owner);
+        // On Firebird 3+, this results in an info response of ~256KiB;
+        // on Firebird 2.5 it requires multiple round trips
+        final int columnCount = 1500;
+        try (Connection connection = getConnectionViaDriverManager(connectionProps)) {
+            final String tableName = "T234567890123456789012345678901";
+            try (Statement stmt = connection.createStatement()) {
+                StringBuilder sb = new StringBuilder(50 + columnCount * 41);
+                sb.append("create table ").append(tableName).append('(');
+                IntStream.rangeClosed(1, columnCount).forEach(idx ->
+                        sb.append(String.format("C%030d smallint,", idx)));
+                // remove last comma
+                sb.setLength(sb.length() - 1);
+                sb.append(')');
+                stmt.execute(sb.toString());
+            }
+
+            try (PreparedStatement pstmt = connection.prepareStatement("select * from " + tableName)) {
+                ResultSetMetaData rsmd = pstmt.getMetaData();
+                assertEquals(columnCount, rsmd.getColumnCount(), "columnCount");
+                IntStream.rangeClosed(1, columnCount).forEach(idx -> {
+                    try {
+                        assertEquals(tableName, rsmd.getTableName(idx), "tableName");
+                        final String expectedName = String.format("C%030d", idx);
+                        assertEquals(expectedName, rsmd.getColumnName(idx), "columnName");
+                        assertEquals(expectedName, rsmd.getColumnLabel(idx), "columnLabel");
+                    } catch (SQLException e) {
+                        fail(e);
+                    }
+                });
+            }
+        }
+    }
+
     private void prepareTestData() throws SQLException {
         con.setAutoCommit(false);
         try (PreparedStatement pstmt = con.prepareStatement(INSERT_DATA)) {