From ae2b2c79f0ce0744f26a61128391e7b1ead89a50 Mon Sep 17 00:00:00 2001 From: Dave Cramer Date: Tue, 26 Nov 2019 11:41:49 -0500 Subject: [PATCH] fix: NPE when calling setNull on a PreparedStatement with no parameters --- .../org/postgresql/jdbc/PgPreparedStatement.java | 7 +++++++ .../postgresql/test/jdbc2/PreparedStatementTest.java | 12 ++++++++++++ 2 files changed, 19 insertions(+) diff --git a/pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java b/pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java index 3c5ee62687..9436b688f5 100644 --- a/pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java +++ b/pgjdbc/src/main/java/org/postgresql/jdbc/PgPreparedStatement.java @@ -183,6 +183,13 @@ public void closeImpl() throws SQLException { public void setNull(int parameterIndex, int sqlType) throws SQLException { checkClosed(); + if (parameterIndex < 1 || parameterIndex > preparedParameters.getInParameterCount()) { + throw new PSQLException( + GT.tr("The column index is out of range: {0}, number of columns: {1}.", + parameterIndex, preparedParameters.getInParameterCount()), + PSQLState.INVALID_PARAMETER_VALUE); + } + int oid; switch (sqlType) { case Types.SQLXML: diff --git a/pgjdbc/src/test/java/org/postgresql/test/jdbc2/PreparedStatementTest.java b/pgjdbc/src/test/java/org/postgresql/test/jdbc2/PreparedStatementTest.java index 012e31f164..a46abef568 100644 --- a/pgjdbc/src/test/java/org/postgresql/test/jdbc2/PreparedStatementTest.java +++ b/pgjdbc/src/test/java/org/postgresql/test/jdbc2/PreparedStatementTest.java @@ -1516,4 +1516,16 @@ public void close() throws SecurityException { log.setLevel(prevLevel); } } + + @Test + public void testNoParametersNPE() throws SQLException { + try { + PreparedStatement ps = con.prepareStatement("select 1"); + ps.setString(1, "null"); + } catch ( NullPointerException ex ) { + fail("Should throw a SQLException"); + } catch (SQLException ex) { + // ignore + } + } }