diff options
Diffstat (limited to 'Modules/_sqlite/statement.c')
| -rw-r--r-- | Modules/_sqlite/statement.c | 44 |
1 files changed, 30 insertions, 14 deletions
diff --git a/Modules/_sqlite/statement.c b/Modules/_sqlite/statement.c index 471a067..e870633 100644 --- a/Modules/_sqlite/statement.c +++ b/Modules/_sqlite/statement.c @@ -27,7 +27,6 @@ #include "microprotocols.h" #include "prepare_protocol.h" #include "util.h" -#include "sqlitecompat.h" /* prototypes */ static int pysqlite_check_remaining_sql(const char* tail); @@ -64,6 +63,10 @@ int pysqlite_statement_create(pysqlite_Statement* self, pysqlite_Connection* con rc = PYSQLITE_SQL_WRONG_TYPE; return rc; } + if (strlen(sql_cstr) != (size_t)sql_cstr_len) { + PyErr_SetString(PyExc_ValueError, "the query contains a null character"); + return PYSQLITE_SQL_WRONG_TYPE; + } self->in_weakreflist = NULL; Py_INCREF(sql); @@ -91,7 +94,6 @@ int pysqlite_statement_create(pysqlite_Statement* self, pysqlite_Connection* con int pysqlite_statement_bind_parameter(pysqlite_Statement* self, int pos, PyObject* parameter) { int rc = SQLITE_OK; - const char* buffer; char* string; Py_ssize_t buflen; parameter_type paramtype; @@ -133,19 +135,31 @@ int pysqlite_statement_bind_parameter(pysqlite_Statement* self, int pos, PyObjec break; case TYPE_UNICODE: string = _PyUnicode_AsStringAndSize(parameter, &buflen); - if (string != NULL) - rc = sqlite3_bind_text(self->st, pos, string, buflen, SQLITE_TRANSIENT); - else - rc = -1; + if (string == NULL) + return -1; + if (buflen > INT_MAX) { + PyErr_SetString(PyExc_OverflowError, + "string longer than INT_MAX bytes"); + return -1; + } + rc = sqlite3_bind_text(self->st, pos, string, (int)buflen, SQLITE_TRANSIENT); break; - case TYPE_BUFFER: - if (PyObject_AsCharBuffer(parameter, &buffer, &buflen) == 0) { - rc = sqlite3_bind_blob(self->st, pos, buffer, buflen, SQLITE_TRANSIENT); - } else { + case TYPE_BUFFER: { + Py_buffer view; + if (PyObject_GetBuffer(parameter, &view, PyBUF_SIMPLE) != 0) { PyErr_SetString(PyExc_ValueError, "could not convert BLOB to buffer"); - rc = -1; + return -1; } + if (view.len > INT_MAX) { + PyErr_SetString(PyExc_OverflowError, + "BLOB longer than INT_MAX bytes"); + PyBuffer_Release(&view); + return -1; + } + rc = sqlite3_bind_blob(self->st, pos, view.buf, (int)view.len, SQLITE_TRANSIENT); + PyBuffer_Release(&view); break; + } case TYPE_UNKNOWN: rc = -1; } @@ -177,7 +191,7 @@ void pysqlite_statement_bind_parameters(pysqlite_Statement* self, PyObject* para int i; int rc; int num_params_needed; - int num_params; + Py_ssize_t num_params; Py_BEGIN_ALLOW_THREADS num_params_needed = sqlite3_bind_parameter_count(self->st); @@ -193,7 +207,9 @@ void pysqlite_statement_bind_parameters(pysqlite_Statement* self, PyObject* para num_params = PySequence_Size(parameters); } if (num_params != num_params_needed) { - PyErr_Format(pysqlite_ProgrammingError, "Incorrect number of bindings supplied. The current statement uses %d, and there are %d supplied.", + PyErr_Format(pysqlite_ProgrammingError, + "Incorrect number of bindings supplied. The current " + "statement uses %d, and there are %zd supplied.", num_params_needed, num_params); return; } @@ -249,7 +265,7 @@ void pysqlite_statement_bind_parameters(pysqlite_Statement* self, PyObject* para current_param = PyDict_GetItemString(parameters, binding_name); Py_XINCREF(current_param); } else { - current_param = PyMapping_GetItemString(parameters, (char*)binding_name); + current_param = PyMapping_GetItemString(parameters, binding_name); } if (!current_param) { PyErr_Format(pysqlite_ProgrammingError, "You did not supply a value for binding %d.", i); |