API tools faq
paste
RicardasSim

attempt to use memcpy for sql query

RicardasSim
Feb 20th, 2026 (edited)
4,465
0
Never
5
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 4.21 KB | None | 0 0
raw download clone embed print report
  1. //-Wall -Wextra -Wpedantic -Wshadow -Wconversion
  2. #include <stdio.h>
  3. #include <stdlib.h>
  4. #include <string.h>
  5.  
  6. int main()
  7. {
  8.     printf("(0) %%\n");
  9.  
  10.     const char *p_str_1 = "''";
  11.  
  12.     printf("(1) %ld\n", strlen(p_str_1));
  13.  
  14.     const char *p_str_2 = "'%'";
  15.  
  16.     printf("(2) %ld\n", strlen(p_str_2));
  17.  
  18.     const char *p_str_3 = "'%%'";
  19.  
  20.     printf("(3) %ld\n", strlen(p_str_3));
  21.  
  22.     printf("(str2) %s\n", p_str_2);
  23.  
  24.     printf("(str3) %s\n", p_str_3);
  25.  
  26.     char *p_esc_str = "Pineapple";
  27.  
  28.     // the ';' character at the end is omitted on purpose
  29.     const char *p_sql_1 = "SELECT * FROM some_table WHERE some_column LIKE '%";
  30.     const char *p_sql_2 = "%'";
  31.  
  32.     size_t sql_1_len = strlen(p_sql_1);
  33.     size_t sql_2_len = strlen(p_sql_2);
  34.     size_t esc_str_len = strlen(p_esc_str);
  35.     size_t offset;
  36.  
  37.     char *p_sql = malloc( sql_1_len + esc_str_len + sql_2_len + 1 );
  38.  
  39.     if (!p_sql)
  40.     {
  41.         printf("Error: cannot allocate memory (1)\n");
  42.         return EXIT_FAILURE;
  43.     }
  44.  
  45.     memcpy(p_sql, p_sql_1, sql_1_len);
  46.     offset = sql_1_len;
  47.     memcpy(p_sql + offset, p_esc_str, esc_str_len);
  48.     offset += esc_str_len;
  49.     memcpy(p_sql + offset, p_sql_2, sql_2_len);
  50.     offset += sql_2_len;
  51.     p_sql[offset] = '\0';
  52.  
  53.     printf("attempt 1: %s\n", p_sql);
  54.  
  55.     free(p_sql);
  56.  
  57.     /**********/
  58.  
  59.     // the ';' character at the end is omitted on purpose
  60.     const char *p_sql_f = "SELECT * FROM some_table WHERE some_column LIKE '%%'";
  61.  
  62.     printf("Info: p_sql_f len: %ld\n", strlen(p_sql_f));
  63.  
  64.     p_sql = malloc( strlen(p_sql_f) + esc_str_len + 1 );
  65.  
  66.     if (!p_sql)
  67.     {
  68.         printf("Error: cannot allocate memory (2)\n");
  69.         return EXIT_FAILURE;
  70.     }
  71.  
  72.     // :)
  73.     size_t to_cp_len = 50;
  74.     memcpy(p_sql, p_sql_f, to_cp_len);
  75.     offset = to_cp_len;
  76.     size_t cp_offset = to_cp_len;
  77.     memcpy(p_sql + offset, p_esc_str, esc_str_len);
  78.     offset += esc_str_len;
  79.     to_cp_len = 2;
  80.     memcpy(p_sql + offset, p_sql_f + cp_offset, to_cp_len);
  81.     offset += to_cp_len;
  82.     p_sql[offset] = '\0';
  83.  
  84.     printf("attempt 2: %s\n", p_sql);
  85.  
  86.     free(p_sql);
  87.  
  88.     /**********/
  89.  
  90.     size_t buff_size = sql_1_len + esc_str_len + sql_2_len + 1;
  91.  
  92.     p_sql = malloc( buff_size );
  93.  
  94.     if (!p_sql)
  95.     {
  96.         printf("Error: cannot allocate memory (3)\n");
  97.         return EXIT_FAILURE;
  98.     }
  99.  
  100.     int n = snprintf(p_sql, sql_1_len + 1, "%s", p_sql_1);
  101.     offset = sql_1_len;
  102.     n += snprintf(p_sql + offset, esc_str_len + 1, "%s", p_esc_str);
  103.     offset += esc_str_len;
  104.     n += snprintf(p_sql + offset, sql_2_len + 1, "%s", p_sql_2);
  105.  
  106.     printf ("Info: n (1): %d\n", n);
  107.  
  108.     printf("with snprintf (1a): %s\n", p_sql);
  109.  
  110.     memset(p_sql, 0, buff_size);
  111.  
  112.     n = snprintf(p_sql, buff_size, "%s%s%s", p_sql_1, p_esc_str, p_sql_2);
  113.  
  114.     printf ("Info: n (2): %d\n", n);
  115.  
  116.     printf("with snprintf (1b): %s\n", p_sql);
  117.  
  118.     free(p_sql);
  119.  
  120.     /**********/
  121.  
  122.     const char *p_sql_template = "SELECT * FROM some_table WHERE some_column LIKE '%%%s%%'";
  123.     n = snprintf(NULL, 0, p_sql_template, p_esc_str) + 1;
  124.  
  125.     if (n < 0)
  126.     {
  127.         printf("Error: snprintf failed (1)\n");
  128.         return EXIT_FAILURE;
  129.     }
  130.  
  131.     size_t query_len = (size_t) n;
  132.  
  133.     p_sql = malloc( query_len );
  134.  
  135.     if (!p_sql)
  136.     {
  137.         printf("Error: cannot allocate memory (4)\n");
  138.         return EXIT_FAILURE;
  139.     }
  140.  
  141.     snprintf(p_sql, query_len, p_sql_template, p_esc_str);
  142.  
  143.     printf("with snprintf (2): %s\n", p_sql);
  144.  
  145.     free(p_sql);
  146.  
  147.     return EXIT_SUCCESS;
  148. }
  149.  
  150. /*
  151. Output:
  152. (0) %
  153. (1) 2
  154. (2) 3
  155. (3) 4
  156. (str2) '%'
  157. (str3) '%%'
  158. attempt 1: SELECT * FROM some_table WHERE some_column LIKE '%Pineapple%'
  159. Info: p_sql_f len: 52
  160. attempt 2: SELECT * FROM some_table WHERE some_column LIKE '%Pineapple%'
  161. Info: n (1): 61
  162. with snprintf (1a): SELECT * FROM some_table WHERE some_column LIKE '%Pineapple%'
  163. Info: n (2): 61
  164. with snprintf (1b): SELECT * FROM some_table WHERE some_column LIKE '%Pineapple%'
  165. with snprintf (2): SELECT * FROM some_table WHERE some_column LIKE '%Pineapple%'
  166.  
  167. Valgrind:
  168. HEAP SUMMARY:
  169. in use at exit: 0 bytes in 0 blocks
  170. total heap usage: 5 allocs, 5 frees, 1,272 bytes allocated
  171. All heap blocks were freed -- no leaks are possible
  172. */
  173.  
Advertisement
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!