DEV Community

Aivars Kalvāns
Aivars Kalvāns

Posted on • Originally published at aivarsk.com on

Boolean Expressions of Fielded Buffers

Oracle Tuxedo has the Fboolev32 function for evaluating Boolean expressions in which the “variables” are the values of fields. The expressions are a subset of the C programming language with a nice addition of regular expression match operators:

  • expression %% expression yields a 1 if the first expression is fully matched by the second expression (the regular expression).
  • expression !% expression yields a 1 if the first expression is not matched by the second expression.

Since expressions do not have a subscript operator for strings, regular expressions are used to match the prefix, postfix, or the nth character:

import tuxedo as t
t.Fboolev32({"TA_STATUS": "OK123"}, "TA_STATUS %% 'OK.*'")

Enter fullscreen mode Exit fullscreen mode

These operators are something new to most developers and sometimes you get expressions like this one:

import tuxedo as t
t.Fboolev32({"TA_STATUS": "OK123"}, "TA_STATUS %! 'OK.*'")

Enter fullscreen mode Exit fullscreen mode

What will be the result? A crash of your process!

Instead of the !% operator, the developer typed in %! which is parsed as two operators:

  • % for the modulo operation
  • ! for negation

What happens next is:

  • 'OK.*' is a non-empty string and evaluates to 1
  • ! negates 1 and evaluates to 0
  • TA_STATUS is converted to a number, most likely a 0. But it does not matter
  • 0 % 0 is division by 0 and we get a SIGFPE signal deliver to the process

Most of the software out there does not have a SIGFPE signal handler installed and crash:

>>> import tuxedo as t
>>> t.Fboolev32({"TA_STATUS": "OK123"}, "TA_STATUS %! 'OK.*'")
Floating-point exception

Enter fullscreen mode Exit fullscreen mode

Now image if those Boolean expressions were written by the user… If you use Boolean expressions in your Oracle Tuxedo application, remember to install the SIGFPE handler.

Top comments (0)