diff options
| author | Erlend E. Aasland <erlend@python.org> | 2024-05-20 13:44:42 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-20 13:44:42 (GMT) |
| commit | af359cee75e4806650f2b9b948e398d89ceb9555 (patch) | |
| tree | 4263c7bc391f47e6adc7f24aec889488ccc2117d | |
| parent | 0883fd22e6d4a3e360b48f30f6afa34553b3786a (diff) | |
| download | cpython-af359cee75e4806650f2b9b948e398d89ceb9555.zip cpython-af359cee75e4806650f2b9b948e398d89ceb9555.tar.gz cpython-af359cee75e4806650f2b9b948e398d89ceb9555.tar.bz2 | |
gh-118928: sqlite3: correctly bail if sequences of params are used with named placeholders (#119197)
| -rw-r--r-- | Misc/NEWS.d/next/Library/2024-05-19-23-09-36.gh-issue-118928.SznMX1.rst | 2 | ||||
| -rw-r--r-- | Modules/_sqlite/cursor.c | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Library/2024-05-19-23-09-36.gh-issue-118928.SznMX1.rst b/Misc/NEWS.d/next/Library/2024-05-19-23-09-36.gh-issue-118928.SznMX1.rst new file mode 100644 index 0000000..61b1927 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2024-05-19-23-09-36.gh-issue-118928.SznMX1.rst @@ -0,0 +1,2 @@ +Fix an error where incorrect bindings in :mod:`sqlite3` queries could lead +to a crash. Patch by Erlend E. Aasland. diff --git a/Modules/_sqlite/cursor.c b/Modules/_sqlite/cursor.c index 5d4b77b..0fbd408 100644 --- a/Modules/_sqlite/cursor.c +++ b/Modules/_sqlite/cursor.c @@ -675,6 +675,7 @@ bind_parameters(pysqlite_state *state, pysqlite_Statement *self, "supplied a sequence which requires nameless (qmark) " "placeholders.", i+1, name); + return; } if (PyTuple_CheckExact(parameters)) { |