Issue 41662: Bugs in binding parameters in sqlite3

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/85828

classification

Title:	Bugs in binding parameters in sqlite3
Type:	behavior	Stage:	resolved
Components:	Extension Modules	Versions:	Python 3.10, Python 3.9, Python 3.8

process

Status:	closed	Resolution:	fixed
Dependencies:		Superseder:
Assigned To:		Nosy List:	BTaskaya, ghaering, methane, miss-islington, serhiy.storchaka
Priority:	normal	Keywords:	patch

Created on 2020-08-29 13:05 by serhiy.storchaka, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Pull Requests
URL	Status	Linked	Edit
PR 21998	merged	serhiy.storchaka, 2020-08-29 13:11
PR 22289	merged	miss-islington, 2020-09-17 07:36
PR 22290	merged	miss-islington, 2020-09-17 07:36

Messages (4)
msg376062 - (view)	Author: Serhiy Storchaka (serhiy.storchaka) *	Date: 2020-08-29 13:05
There are few bugs in the code for binding parameters specified in the sqlite3 module: 1. If argument "parameters" is a list, PyList_GET_ITEM() is called in a loop, but the size of the list is read only once before loop. Since the list can be changed during iteration, it can cause reading past the end of the list. 2. If argument "parameters" is a custom sequence, all exceptions raised in __len__() (including KeybordInterrupt) are overridden by a ProgrammingError.
msg377038 - (view)	Author: Serhiy Storchaka (serhiy.storchaka) *	Date: 2020-09-17 07:35
New changeset 0b419b791077414bbc011a412698ebb362b63761 by Serhiy Storchaka in branch 'master': bpo-41662: Fix bugs in binding parameters in sqlite3 (GH-21998) https://github.com/python/cpython/commit/0b419b791077414bbc011a412698ebb362b63761
msg377042 - (view)	Author: miss-islington (miss-islington)	Date: 2020-09-17 07:57
New changeset f76a3889d1fc6c5514323866a047b642c6da4e9b by Miss Islington (bot) in branch '3.9': bpo-41662: Fix bugs in binding parameters in sqlite3 (GH-21998) https://github.com/python/cpython/commit/f76a3889d1fc6c5514323866a047b642c6da4e9b
msg379641 - (view)	Author: Inada Naoki (methane) *	Date: 2020-10-26 05:46
New changeset a053a7ecfef006b834a9957468fa461dafb332db by Miss Skeleton (bot) in branch '3.8': bpo-41662: Fix bugs in binding parameters in sqlite3 (GH-21998) https://github.com/python/cpython/commit/a053a7ecfef006b834a9957468fa461dafb332db

History
Date	User	Action	Args
2022-04-11 14:59:35	admin	set	github: 85828
2020-10-26 05:46:15	methane	set	nosy: + methane messages: + msg379641
2020-09-17 08:51:18	serhiy.storchaka	set	status: open -> closed resolution: fixed stage: patch review -> resolved
2020-09-17 07:57:21	miss-islington	set	messages: + msg377042
2020-09-17 07:36:26	miss-islington	set	pull_requests: + pull_request21343
2020-09-17 07:36:17	miss-islington	set	nosy: + miss-islington pull_requests: + pull_request21342
2020-09-17 07:35:48	serhiy.storchaka	set	messages: + msg377038
2020-08-29 13:11:43	serhiy.storchaka	set	keywords: + patch stage: patch review pull_requests: + pull_request21104
2020-08-29 13:05:08	serhiy.storchaka	create