Jump to: output_first_mismatch    outcomes_full_history    elapsed_time_chart
Show cross-report outcomes.

Annotation type Annotation details
2 @message
Authentification problem

AssertionError: assert   
  - -- Executed with role: NONE. Expressions that passes WITHOUT errors:
  + Statement failed, SQLSTATE = 42000
  + Execute statement error at attach :
  + 335544472 : Your user name and password are not defined. Ask your database administrator to set up a Firebird login.
  + Data source : Firebird::localhost:/var/tmp/qa_2024/test_1929/test.fdb
  + -At procedure 'SP_RUN_VULNERABLE_EXPRESSIONS' line: 22, col: 3
  + <null>
    -- count_of_passed:             0
  - -- gdscode list for blocked:    335544926
  + -- gdscode list for blocked:    <null>
  - -- Executed with role: RDB$ADMIN. Expressions that passes WITHOUT errors:
  + Statement failed, SQLSTATE = 42000
  + Execute statement error at attach :
  + 335544472 : Your user name and password are not defined. Ask your database administrator to set up a Firebird login.
  + Data source : Firebird::localhost:/var/tmp/qa_2024/test_1929/test.fdb
  + -At procedure 'SP_RUN_VULNERABLE_EXPRESSIONS' line: 22, col: 3
  + <null>
  - -- count_of_passed:             23
  + -- count_of_passed:             0
  - VULNERABLE_EXPR                 insert into RDB$BACKUP_HISTORY(RDB$BACKUP_ID , RDB$TIMESTAMP , RDB$BACKUP_LEVEL , RDB$GUID , RDB$SCN , RDB$FILE_NAME) values(null, null, null, null, null, null) returning rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 delete from RDB$DB_CREATORS t  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 insert into RDB$DB_CREATORS(RDB$USER , RDB$USER_TYPE) values(null, null) returning rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER = 'C'  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER = null  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER_TYPE = 32767  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER_TYPE = null  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$FUNCTIONS t  set t.RDB$FUNCTION_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$PACKAGES t  set t.RDB$PACKAGE_BODY_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$PACKAGES t  set t.RDB$PACKAGE_HEADER_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$PROCEDURES t  set t.RDB$PROCEDURE_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$RELATIONS t  set t.RDB$VIEW_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TRIGGERS t  set t.RDB$TRIGGER_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 insert into RDB$TYPES(RDB$FIELD_NAME , RDB$TYPE , RDB$TYPE_NAME , RDB$DESCRIPTION , RDB$SYSTEM_FLAG) values(null, null, null, null, null) returning rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$DESCRIPTION = 'test_for_blob' where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$DESCRIPTION = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$FIELD_NAME = 'C' where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$FIELD_NAME = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$SYSTEM_FLAG = 32767 where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE = 32767 where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE_NAME = 'C' where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE_NAME = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
  - -- gdscode list for blocked:    335544926
  + -- gdscode list for blocked:    <null>

LOG DETAILS:

2024-05-12 19:15:52.532
2024-05-12 19:15:52.536 act = <firebird.qa.plugin.Action object at [hex]>
2024-05-12 19:15:52.541 dba_privileged_user = <firebird.qa.plugin.User object at [hex]>
2024-05-12 19:15:52.546 non_privileged_user = <firebird.qa.plugin.User object at [hex]>
2024-05-12 19:15:52.551 capsys = <_pytest.capture.CaptureFixture object at [hex]>
2024-05-12 19:15:52.555
2024-05-12 19:15:52.560 @pytest.mark.version('>=3.0')
2024-05-12 19:15:52.565 def test_1(act: Action, dba_privileged_user: User, non_privileged_user: User, capsys):
2024-05-12 19:15:52.569 # Run prepare script
2024-05-12 19:15:52.574 prep_script = (act.files_dir / 'core_4731.sql').read_text()
2024-05-12 19:15:52.579 prep_script = prep_script % {'dba_privileged_name': dba_privileged_user.name,
2024-05-12 19:15:52.584 'non_privileged_name': non_privileged_user.name}
2024-05-12 19:15:52.589 act.isql(switches=['-q'], input=prep_script, combine_output = True)
2024-05-12 19:15:52.594 assert act.clean_stdout == ''
2024-05-12 19:15:52.599 act.reset()
2024-05-12 19:15:52.604
2024-05-12 19:15:52.610 # Remove all attachments that can stay alive after preparing DB because of ExtConnPoolLifeTime > 0:
2024-05-12 19:15:52.615 with act.connect_server() as srv:
2024-05-12 19:15:52.621 srv.database.shutdown(database=act.db.db_path, mode=ShutdownMode.FULL,
2024-05-12 19:15:52.626 method=ShutdownMethod.FORCED, timeout=0)
2024-05-12 19:15:52.631 srv.database.bring_online(database=act.db.db_path)
2024-05-12 19:15:52.635 #
2024-05-12 19:15:52.640 test_script = f"""
2024-05-12 19:15:52.645 -- ###################################################################################
2024-05-12 19:15:52.650 --                 R U N    A S   N O N - P R I V I L E G E D    U S E R
2024-05-12 19:15:52.655 -- ###################################################################################
2024-05-12 19:15:52.660 execute procedure sp_run_vulnerable_expressions('{non_privileged_user.name}', '123', 'NONE');
2024-05-12 19:15:52.665
2024-05-12 19:15:52.671 -- Note: as of build 3.0.31810, we can SKIP restoring of 'pure-state' of RDB$ tables
2024-05-12 19:15:52.677 -- after this SP because non-privileged user can NOT change enything.
2024-05-12 19:15:52.682 -- All his attempts should FAIL, system tables should be in unchanged state.
2024-05-12 19:15:52.686
2024-05-12 19:15:52.691 set list off;
2024-05-12 19:15:52.696 set heading off;
2024-05-12 19:15:52.701
2024-05-12 19:15:52.705 select '-- Executed with role: '||trim(( select actual_role from vulnerable_on_sys_tables rows 1 ))
2024-05-12 19:15:52.710 ||'. Expressions that passes WITHOUT errors:' as msg
2024-05-12 19:15:52.715 from rdb$database
2024-05-12 19:15:52.719 ;
2024-05-12 19:15:52.724
2024-05-12 19:15:52.729 commit; -- 11-04-2018, do not remove!
2024-05-12 19:15:52.734 set transaction no wait;
2024-05-12 19:15:52.739
2024-05-12 19:15:52.743 set list on;
2024-05-12 19:15:52.748 select count(*) as "-- count_of_passed: "
2024-05-12 19:15:52.753 from v_passed;
2024-05-12 19:15:52.758
2024-05-12 19:15:52.762 set list on;
2024-05-12 19:15:52.767 select * from v_passed;
2024-05-12 19:15:52.773
2024-05-12 19:15:52.778 set list on;
2024-05-12 19:15:52.783 select distinct vulnerable_gdscode as "-- gdscode list for blocked:"
2024-05-12 19:15:52.787 from vulnerable_on_sys_tables
2024-05-12 19:15:52.792 where vulnerable_gdscode is distinct from -1;
2024-05-12 19:15:52.797
2024-05-12 19:15:52.802 -- #########################################################################################
2024-05-12 19:15:52.809 -- R U N    A S   U S E R    W H O    I S    G R A N T E D     W I T H     R B D $ A D M I N
2024-05-12 19:15:52.816 -- #########################################################################################
2024-05-12 19:15:52.822 execute procedure sp_run_vulnerable_expressions('{dba_privileged_user.name}', '123', 'RDB$ADMIN');
2024-05-12 19:15:52.827
2024-05-12 19:15:52.832 set list off;
2024-05-12 19:15:52.838 set heading off;
2024-05-12 19:15:52.844
2024-05-12 19:15:52.850 select '-- Executed with role: '||trim(( select actual_role from vulnerable_on_sys_tables rows 1 ))
2024-05-12 19:15:52.855 ||'. Expressions that passes WITHOUT errors:' as msg
2024-05-12 19:15:52.862 from rdb$database
2024-05-12 19:15:52.869 ;
2024-05-12 19:15:52.875 commit; -- 11-04-2018, do not remove!
2024-05-12 19:15:52.881
2024-05-12 19:15:52.887 set list on;
2024-05-12 19:15:52.892 select count(*) as "-- count_of_passed: "
2024-05-12 19:15:52.899 from v_passed;
2024-05-12 19:15:52.905
2024-05-12 19:15:52.911 set list on;
2024-05-12 19:15:52.918 select * from v_passed;
2024-05-12 19:15:52.924
2024-05-12 19:15:52.932 set list on;
2024-05-12 19:15:52.936 select distinct vulnerable_gdscode as "-- gdscode list for blocked:"
2024-05-12 19:15:52.941 from vulnerable_on_sys_tables
2024-05-12 19:15:52.945 where vulnerable_gdscode is distinct from -1;
2024-05-12 19:15:52.950
2024-05-12 19:15:52.954 ----------------
2024-05-12 19:15:52.959 commit;
2024-05-12 19:15:52.964
2024-05-12 19:15:52.968 connect '{act.db.dsn}' user '{act.db.user}' password '{act.db.password}';
2024-05-12 19:15:52.973
2024-05-12 19:15:52.978 --                                    ||||||||||||||||||||||||||||
2024-05-12 19:15:52.983 -- ###################################|||  FB 4.0+, SS and SC  |||##############################
2024-05-12 19:15:52.988 --                                    ||||||||||||||||||||||||||||
2024-05-12 19:15:52.994 -- If we check SS or SC and ExtConnPoolLifeTime > 0 (config parameter FB 4.0+) then current
2024-05-12 19:15:53.000 -- DB (bugs.core_NNNN.fdb) will be 'captured' by firebird.exe process and fbt_run utility
2024-05-12 19:15:53.005 -- will not able to drop this database at the final point of test.
2024-05-12 19:15:53.012 -- Moreover, DB file will be hold until all activity in firebird.exe completed and AFTER this
2024-05-12 19:15:53.019 -- we have to wait for <ExtConnPoolLifeTime> seconds after it (discussion and small test see
2024-05-12 19:15:53.025 -- in the letter to hvlad and dimitr 13.10.2019 11:10).
2024-05-12 19:15:53.032 -- This means that one need to kill all connections to prevent from exception on cleanup phase:
2024-05-12 19:15:53.037 -- SQLCODE: -901 / lock time-out on wait transaction / object <this_test_DB> is in use
2024-05-12 19:15:53.042 -- #############################################################################################
2024-05-12 19:15:53.046 delete from mon$attachments where mon$attachment_id != current_connection;
2024-05-12 19:15:53.051 commit;
2024-05-12 19:15:53.056 """
2024-05-12 19:15:53.061
2024-05-12 19:15:53.066 act.expected_stdout = fb3x_expected_out if act.is_version('<4') else fb4x_expected_out
2024-05-12 19:15:53.071 act.isql(switches=['-q'], input=test_script, combine_output = True)
2024-05-12 19:15:53.075 >       assert act.clean_stdout == act.clean_expected_stdout
2024-05-12 19:15:53.082 E       AssertionError: assert
2024-05-12 19:15:53.086 E         - -- Executed with role: NONE. Expressions that passes WITHOUT errors:
2024-05-12 19:15:53.091 E         + Statement failed, SQLSTATE = 42000
2024-05-12 19:15:53.096 E         + Execute statement error at attach :
2024-05-12 19:15:53.101 E         + 335544472 : Your user name and password are not defined. Ask your database administrator to set up a Firebird login.
2024-05-12 19:15:53.105 E         + Data source : Firebird::localhost:/var/tmp/qa_2024/test_1929/test.fdb
2024-05-12 19:15:53.110 E         + -At procedure 'SP_RUN_VULNERABLE_EXPRESSIONS' line: 22, col: 3
2024-05-12 19:15:53.115 E         + <null>
2024-05-12 19:15:53.120 E           -- count_of_passed:             0
2024-05-12 19:15:53.124 E         - -- gdscode list for blocked:    335544926
2024-05-12 19:15:53.134 E         + -- gdscode list for blocked:    <null>
2024-05-12 19:15:53.143 E         - -- Executed with role: RDB$ADMIN. Expressions that passes WITHOUT errors:
2024-05-12 19:15:53.147 E         + Statement failed, SQLSTATE = 42000
2024-05-12 19:15:53.152 E         + Execute statement error at attach :
2024-05-12 19:15:53.156 E         + 335544472 : Your user name and password are not defined. Ask your database administrator to set up a Firebird login.
2024-05-12 19:15:53.161 E         + Data source : Firebird::localhost:/var/tmp/qa_2024/test_1929/test.fdb
2024-05-12 19:15:53.166 E         + -At procedure 'SP_RUN_VULNERABLE_EXPRESSIONS' line: 22, col: 3
2024-05-12 19:15:53.170 E         + <null>
2024-05-12 19:15:53.174 E         - -- count_of_passed:             23
2024-05-12 19:15:53.185 E         + -- count_of_passed:             0
2024-05-12 19:15:53.194 E         - VULNERABLE_EXPR                 insert into RDB$BACKUP_HISTORY(RDB$BACKUP_ID , RDB$TIMESTAMP , RDB$BACKUP_LEVEL , RDB$GUID , RDB$SCN , RDB$FILE_NAME) values(null, null, null, null, null, null) returning rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.199 E         - VULNERABLE_EXPR                 delete from RDB$DB_CREATORS t  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.204 E         - VULNERABLE_EXPR                 insert into RDB$DB_CREATORS(RDB$USER , RDB$USER_TYPE) values(null, null) returning rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.209 E         - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER = 'C'  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.214 E         - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER = null  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.236 E         - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER_TYPE = 32767  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.242 E         - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER_TYPE = null  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.247 E         - VULNERABLE_EXPR                 update RDB$FUNCTIONS t  set t.RDB$FUNCTION_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.253 E         - VULNERABLE_EXPR                 update RDB$PACKAGES t  set t.RDB$PACKAGE_BODY_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.259 E         - VULNERABLE_EXPR                 update RDB$PACKAGES t  set t.RDB$PACKAGE_HEADER_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.264 E         - VULNERABLE_EXPR                 update RDB$PROCEDURES t  set t.RDB$PROCEDURE_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.270 E         - VULNERABLE_EXPR                 update RDB$RELATIONS t  set t.RDB$VIEW_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.276 E         - VULNERABLE_EXPR                 update RDB$TRIGGERS t  set t.RDB$TRIGGER_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.282 E         - VULNERABLE_EXPR                 insert into RDB$TYPES(RDB$FIELD_NAME , RDB$TYPE , RDB$TYPE_NAME , RDB$DESCRIPTION , RDB$SYSTEM_FLAG) values(null, null, null, null, null) returning rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.288 E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$DESCRIPTION = 'test_for_blob' where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.293 E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$DESCRIPTION = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.298 E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$FIELD_NAME = 'C' where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.304 E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$FIELD_NAME = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.311 E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$SYSTEM_FLAG = 32767 where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.317 E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE = 32767 where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.322 E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.327 E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE_NAME = 'C' where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.332 E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE_NAME = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
2024-05-12 19:15:53.337 E         - -- gdscode list for blocked:    335544926
2024-05-12 19:15:53.347 E         + -- gdscode list for blocked:    <null>
2024-05-12 19:15:53.356
2024-05-12 19:15:53.361 tests/bugs/core_4731_test.py:230: AssertionError
2024-05-12 19:15:53.367 ---------------------------- Captured stdout setup -----------------------------
2024-05-12 19:15:53.378 Cached db: db-12.0-None-None-NONE.fdb [page_size=None, sql_dialect=None, charset='NONE'
2024-05-12 19:15:53.386 DROP user: TMP_C4731_COOLDBA PLUGIN: Srp
2024-05-12 19:15:53.391 CREATE user: TMP_C4731_COOLDBA PLUGIN: Srp
2024-05-12 19:15:53.396 DROP user: TMP_C4731_MANAGER PLUGIN: Srp
2024-05-12 19:15:53.401 CREATE user: TMP_C4731_MANAGER PLUGIN: Srp
3 #text
act = <firebird.qa.plugin.Action pytest object at [hex]>
dba_privileged_user = <firebird.qa.plugin.User pytest object at [hex]>
non_privileged_user = <firebird.qa.plugin.User pytest object at [hex]>
capsys = <_pytest.capture.CaptureFixture pytest object at [hex]>

    @pytest.mark.version('>=3.0')
    def test_1(act: Action, dba_privileged_user: User, non_privileged_user: User, capsys):
        # Run prepare script
        prep_script = (act.files_dir / 'core_4731.sql').read_text()
        prep_script = prep_script % {'dba_privileged_name': dba_privileged_user.name,
                                     'non_privileged_name': non_privileged_user.name}
        act.isql(switches=['-q'], input=prep_script, combine_output = True)
        assert act.clean_stdout == ''
        act.reset()
    
        # Remove all attachments that can stay alive after preparing DB because of ExtConnPoolLifeTime > 0:
        with act.connect_server() as srv:
            srv.database.shutdown(database=act.db.db_path, mode=ShutdownMode.FULL,
                                  method=ShutdownMethod.FORCED, timeout=0)
            srv.database.bring_online(database=act.db.db_path)
        #
        test_script = f"""
            -- ###################################################################################
            --                 R U N    A S   N O N - P R I V I L E G E D    U S E R
            -- ###################################################################################
            execute procedure sp_run_vulnerable_expressions('{non_privileged_user.name}', '123', 'NONE');
    
            -- Note: as of build 3.0.31810, we can SKIP restoring of 'pure-state' of RDB$ tables
            -- after this SP because non-privileged user can NOT change enything.
            -- All his attempts should FAIL, system tables should be in unchanged state.
    
            set list off;
            set heading off;
    
            select '-- Executed with role: '||trim(( select actual_role from vulnerable_on_sys_tables rows 1 ))
                       ||'. Expressions that passes WITHOUT errors:' as msg
            from rdb$database
            ;
    
            commit; -- 11-04-2018, do not remove!
            set transaction no wait;
    
            set list on;
            select count(*) as "-- count_of_passed: "
            from v_passed;
    
            set list on;
            select * from v_passed;
    
            set list on;
            select distinct vulnerable_gdscode as "-- gdscode list for blocked:"
            from vulnerable_on_sys_tables
            where vulnerable_gdscode is distinct from -1;
    
            -- #########################################################################################
            -- R U N    A S   U S E R    W H O    I S    G R A N T E D     W I T H     R B D $ A D M I N
            -- #########################################################################################
            execute procedure sp_run_vulnerable_expressions('{dba_privileged_user.name}', '123', 'RDB$ADMIN');
    
            set list off;
            set heading off;
    
            select '-- Executed with role: '||trim(( select actual_role from vulnerable_on_sys_tables rows 1 ))
                       ||'. Expressions that passes WITHOUT errors:' as msg
            from rdb$database
            ;
            commit; -- 11-04-2018, do not remove!
    
            set list on;
            select count(*) as "-- count_of_passed: "
            from v_passed;
    
            set list on;
            select * from v_passed;
    
            set list on;
            select distinct vulnerable_gdscode as "-- gdscode list for blocked:"
            from vulnerable_on_sys_tables
            where vulnerable_gdscode is distinct from -1;
    
            ----------------
            commit;
    
            connect '{act.db.dsn}' user '{act.db.user}' password '{act.db.password}';
    
            --                                    ||||||||||||||||||||||||||||
            -- ###################################|||  FB 4.0+, SS and SC  |||##############################
            --                                    ||||||||||||||||||||||||||||
            -- If we check SS or SC and ExtConnPoolLifeTime > 0 (config parameter FB 4.0+) then current
            -- DB (bugs.core_NNNN.fdb) will be 'captured' by firebird.exe process and fbt_run utility
            -- will not able to drop this database at the final point of test.
            -- Moreover, DB file will be hold until all activity in firebird.exe completed and AFTER this
            -- we have to wait for <ExtConnPoolLifeTime> seconds after it (discussion and small test see
            -- in the letter to hvlad and dimitr 13.10.2019 11:10).
            -- This means that one need to kill all connections to prevent from exception on cleanup phase:
            -- SQLCODE: -901 / lock time-out on wait transaction / object <this_test_DB> is in use
            -- #############################################################################################
            delete from mon$attachments where mon$attachment_id != current_connection;
            commit;
        """
    
        act.expected_stdout = fb3x_expected_out if act.is_version('<4') else fb4x_expected_out
        act.isql(switches=['-q'], input=test_script, combine_output = True)
>       assert act.clean_stdout == act.clean_expected_stdout
E       AssertionError: assert   
E         - -- Executed with role: NONE. Expressions that passes WITHOUT errors:
E         + Statement failed, SQLSTATE = 42000
E         + Execute statement error at attach :
E         + 335544472 : Your user name and password are not defined. Ask your database administrator to set up a Firebird login.
E         + Data source : Firebird::localhost:/var/tmp/qa_2024/test_1929/test.fdb
E         + -At procedure 'SP_RUN_VULNERABLE_EXPRESSIONS' line: 22, col: 3
E         + <null>
E           -- count_of_passed:             0
E         - -- gdscode list for blocked:    335544926
E         + -- gdscode list for blocked:    <null>
E         - -- Executed with role: RDB$ADMIN. Expressions that passes WITHOUT errors:
E         + Statement failed, SQLSTATE = 42000
E         + Execute statement error at attach :
E         + 335544472 : Your user name and password are not defined. Ask your database administrator to set up a Firebird login.
E         + Data source : Firebird::localhost:/var/tmp/qa_2024/test_1929/test.fdb
E         + -At procedure 'SP_RUN_VULNERABLE_EXPRESSIONS' line: 22, col: 3
E         + <null>
E         - -- count_of_passed:             23
E         + -- count_of_passed:             0
E         - VULNERABLE_EXPR                 insert into RDB$BACKUP_HISTORY(RDB$BACKUP_ID , RDB$TIMESTAMP , RDB$BACKUP_LEVEL , RDB$GUID , RDB$SCN , RDB$FILE_NAME) values(null, null, null, null, null, null) returning rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 delete from RDB$DB_CREATORS t  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 insert into RDB$DB_CREATORS(RDB$USER , RDB$USER_TYPE) values(null, null) returning rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER = 'C'  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER = null  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER_TYPE = 32767  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$DB_CREATORS t  set t.RDB$USER_TYPE = null  rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$FUNCTIONS t  set t.RDB$FUNCTION_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$PACKAGES t  set t.RDB$PACKAGE_BODY_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$PACKAGES t  set t.RDB$PACKAGE_HEADER_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$PROCEDURES t  set t.RDB$PROCEDURE_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$RELATIONS t  set t.RDB$VIEW_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TRIGGERS t  set t.RDB$TRIGGER_SOURCE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 insert into RDB$TYPES(RDB$FIELD_NAME , RDB$TYPE , RDB$TYPE_NAME , RDB$DESCRIPTION , RDB$SYSTEM_FLAG) values(null, null, null, null, null) returning rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$DESCRIPTION = 'test_for_blob' where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$DESCRIPTION = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$FIELD_NAME = 'C' where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$FIELD_NAME = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$SYSTEM_FLAG = 32767 where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE = 32767 where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE_NAME = 'C' where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - VULNERABLE_EXPR                 update RDB$TYPES t  set t.RDB$TYPE_NAME = null where coalesce(rdb$system_flag,0)=0 rows 1 returning t.rdb$db_key; -- length of returned rdb$dbkey=8
E         - -- gdscode list for blocked:    335544926
E         + -- gdscode list for blocked:    <null>

tests/bugs/core_4731_test.py:230: AssertionError
Full history of outcomes and elapsed time, ms:
NN SNAP_INFO CS_outcome SS_outcome CS_run_time SS_run_time CS_run_beg CS_run_end SS_run_beg SS_run_end
1 3.0.13.33809 2025.05.06 28ad0 P P 11275 7330 2025.06.26 16:21:39.064 2025.06.26 16:21:50.339 2025.06.26 15:33:03.541 2025.06.26 15:33:10.871
2 3.0.13.33808 2025.04.25 28426 P P 14726 9405 2025.05.06 13:42:43.619 2025.05.06 13:42:58.345 2025.05.06 12:44:58.466 2025.05.06 12:45:07.871
3 3.0.13.33803 2025.02.25 08ebd P P 14541 9325 2025.04.25 16:57:40.467 2025.04.25 16:57:55.008 2025.04.25 16:00:24.086 2025.04.25 16:00:33.411
4 3.0.13.33796 2025.01.29 0ab85 P P 1097 548 2025.02.25 15:30:30.146 2025.02.25 15:30:31.243 2025.02.25 14:33:20.214 2025.02.25 14:33:20.762
5 3.0.13.33796 2025.01.14 99b3b P P 1106 569 2025.01.28 17:44:16.164 2025.01.28 17:44:17.270 2025.01.28 16:45:55.825 2025.01.28 16:45:56.394
6 3.0.13.33795 2024.11.24 b8847 P P 1168 577 2025.01.13 15:21:57.676 2025.01.13 15:21:58.844 2025.01.13 14:24:17.917 2025.01.13 14:24:18.494
7 3.0.13.33794 2024.10.15 abe09 P P 863 462 2024.11.23 06:29:43.009 2024.11.23 06:29:43.872 2024.11.23 05:46:03.857 2024.11.23 05:46:04.319
8 3.0.13.33793 2024.10.04 82ccc P P 1000 503 2024.10.14 04:25:38.620 2024.10.14 04:25:39.620 2024.10.14 03:37:36.711 2024.10.14 03:37:37.214
9 3.0.13.33792 2024.08.31 d8791 P P 1093 532 2024.10.03 09:32:00.535 2024.10.03 09:32:01.628 2024.10.03 08:40:42.992 2024.10.03 08:40:43.524
10 3.0.13.33787 2024.08.17 2e0d6 P P 2936 1514 2024.08.25 15:17:22.643 2024.08.25 15:17:25.579 2024.08.25 13:25:40.944 2024.08.25 13:25:42.458
11 3.0.13.33787 2024.08.09 df740 P P 1320 653 2024.08.16 12:46:57.570 2024.08.16 12:46:58.890 2024.08.16 11:49:14.141 2024.08.16 11:49:14.794
12 3.0.12.33746 2024.07.15 11dd4 P P 1202 685 2024.08.09 12:43:44.351 2024.08.09 12:43:45.553 2024.08.09 11:44:15.312 2024.08.09 11:44:15.997
13 3.0.12.33746 2024.06.11 8a5eb P P 805 454 2024.07.15 10:34:47.238 2024.07.15 10:34:48.043 2024.07.15 09:45:41.592 2024.07.15 09:45:42.046
14 3.0.12.33744 2024.05.09 9cf37 F P 730 377 2024.05.12 15:42:23.635 2024.05.12 15:42:24.365 2024.05.12 14:57:35.403 2024.05.12 14:57:35.780
15 3.0.12.33744 2024.04.20 af6b2 P P 790 326 2024.05.08 16:57:59.728 2024.05.08 16:58:00.518 2024.05.08 16:15:30.803 2024.05.08 16:15:31.129

Elapsed time, ms. Chart for last 15 runs:

Last commits information (all timestamps in UTC):