summaryrefslogtreecommitdiffstats
path: root/Modules/_sqlite
diff options
context:
space:
mode:
authorSerhiy Storchaka <storchaka@gmail.com>2014-09-11 10:30:48 (GMT)
committerSerhiy Storchaka <storchaka@gmail.com>2014-09-11 10:30:48 (GMT)
commit2c16df269af5986e2eb79bda36dc8f0f34324a7e (patch)
tree071ad3f0c0cde46cbfcd1a28463ab87c101b0cbd /Modules/_sqlite
parentc2edcdd194356b26873e5304216c313e847b4159 (diff)
parent42d67af87fc2b1d297cce1cd8d762461e009f0a0 (diff)
downloadcpython-2c16df269af5986e2eb79bda36dc8f0f34324a7e.zip
cpython-2c16df269af5986e2eb79bda36dc8f0f34324a7e.tar.gz
cpython-2c16df269af5986e2eb79bda36dc8f0f34324a7e.tar.bz2
Issue #21147: sqlite3 now raises an exception if the request contains a null
character instead of truncate it. Based on patch by Victor Stinner.
Diffstat (limited to 'Modules/_sqlite')
-rw-r--r--Modules/_sqlite/connection.c3
-rw-r--r--Modules/_sqlite/statement.c4
2 files changed, 6 insertions, 1 deletions
diff --git a/Modules/_sqlite/connection.c b/Modules/_sqlite/connection.c
index 882424b..535464d 100644
--- a/Modules/_sqlite/connection.c
+++ b/Modules/_sqlite/connection.c
@@ -1261,7 +1261,8 @@ PyObject* pysqlite_connection_call(pysqlite_Connection* self, PyObject* args, Py
if (rc == PYSQLITE_TOO_MUCH_SQL) {
PyErr_SetString(pysqlite_Warning, "You can only execute one statement at a time.");
} else if (rc == PYSQLITE_SQL_WRONG_TYPE) {
- PyErr_SetString(pysqlite_Warning, "SQL is of wrong type. Must be string or unicode.");
+ if (PyErr_ExceptionMatches(PyExc_TypeError))
+ PyErr_SetString(pysqlite_Warning, "SQL is of wrong type. Must be string.");
} else {
(void)pysqlite_statement_reset(statement);
_pysqlite_seterror(self->db, NULL);
diff --git a/Modules/_sqlite/statement.c b/Modules/_sqlite/statement.c
index 66b4a52..34babfd 100644
--- a/Modules/_sqlite/statement.c
+++ b/Modules/_sqlite/statement.c
@@ -63,6 +63,10 @@ int pysqlite_statement_create(pysqlite_Statement* self, pysqlite_Connection* con
rc = PYSQLITE_SQL_WRONG_TYPE;
return rc;
}
+ if (strlen(sql_cstr) != (size_t)sql_cstr_len) {
+ PyErr_SetString(PyExc_ValueError, "the query contains a null character");
+ return PYSQLITE_SQL_WRONG_TYPE;
+ }
self->in_weakreflist = NULL;
Py_INCREF(sql);
generated by cgit v0.12 at 2025-02-12 19:56:57 (GMT)