Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sqlite3_column_bytes() should be called after sqlite3_column_blob() #87415

Closed
erlend-aasland opened this issue Feb 18, 2021 · 5 comments
Closed

sqlite3_column_bytes() should be called after sqlite3_column_blob() #87415

erlend-aasland opened this issue Feb 18, 2021 · 5 comments
Labels
3.10 only security fixes stdlib Python modules in the Lib dir type-feature A feature request or enhancement

Comments

@erlend-aasland
Copy link
Contributor

BPO 43249
Nosy @berkerpeksag, @serhiy-storchaka, @erlend-aasland, @felixxm
PRs
  • bpo-43249: sqlite3_column_bytes() must follow sqlite_column_blob() #24562
  • bpo-43249: Improve scoping #24565
  • bpo-43368: Fix fetching empty bytes on SQLite. #24706
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = <Date 2021-02-18.17:13:44.996>
created_at = <Date 2021-02-18.11:14:23.860>
labels = ['type-feature', 'library', '3.10']
title = 'sqlite3_column_bytes() should be called after sqlite3_column_blob()'
updated_at = <Date 2021-03-02.12:18:11.676>
user = 'https://github.com/erlend-aasland'

    bugs.python.org fields:

    activity = <Date 2021-03-02.12:18:11.676>
actor = 'felixxm'
assignee = 'none'
closed = True
closed_date = <Date 2021-02-18.17:13:44.996>
closer = 'berker.peksag'
components = ['Library (Lib)']
creation = <Date 2021-02-18.11:14:23.860>
creator = 'erlendaasland'
dependencies = []
files = []
hgrepos = []
issue_num = 43249
keywords = ['patch']
message_count = 5.0
messages = ['387212', '387216', '387221', '387241', '387247']
nosy_count = 4.0
nosy_names = ['berker.peksag', 'serhiy.storchaka', 'erlendaasland', 'felixxm']
pr_nums = ['24562', '24565', '24706']
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'enhancement'
url = 'https://bugs.python.org/issue43249'
versions = ['Python 3.10']
    @erlend-aasland
    Copy link
    Contributor Author

    sqlite3_column_bytes() should be called _after_ sqlite3_column_blob(). There two calls to sqlite3_column_blob() are both preceeded by calls to sqlite3_column_bytes(). Currently it does not do any harm, but it is bad API usage.

    I suggest to fix the two cases, and add a comment in the source code as a reminder.

    Berker?

    Quoting from https://sqlite.org/c3ref/column_blob.html:
    The safest policy is to invoke these routines in one of the following ways:

    • sqlite3_column_text() followed by sqlite3_column_bytes()
    • sqlite3_column_blob() followed by sqlite3_column_bytes()
    • sqlite3_column_text16() followed by sqlite3_column_bytes16()

    In other words, you should call sqlite3_column_text(), sqlite3_column_blob(), or sqlite3_column_text16() first to force the result into the desired format, then invoke sqlite3_column_bytes() or sqlite3_column_bytes16() to find the size of the result.

    @erlend-aasland erlend-aasland added 3.10 only security fixes stdlib Python modules in the Lib dir type-feature A feature request or enhancement labels Feb 18, 2021
    @berkerpeksag
    Copy link
    Member

    Good catch! Sounds good to me but I'd say designing APIs relying on call order is bad too :)

    @erlend-aasland
    Copy link
    Contributor Author

    Sounds good to me but I'd say designing APIs relying on call order is bad too :)

    Yes, it's too easy to mess up things with this part of the SQLite API :) I'll throw up a PR.

    BTW (small digression):
    I really want to refactor _pysqlite_fetch_one_row() so it uses two helpers (for example _fetch_nth_column_with_converter() and _fetch_nth_column()). It will be easier to maintain, and it's way easier to read. The coverage for this function is close to 100%, so it should be pretty safe to refactor it.

    @berkerpeksag
    Copy link
    Member

    New changeset 47feb1f by Erlend Egeberg Aasland in branch 'master':
    bpo-43249: sqlite3_column_bytes() must follow sqlite_column_blob() (GH-24562)
    47feb1f

    @berkerpeksag
    Copy link
    Member

    New changeset cc96231 by Erlend Egeberg Aasland in branch 'master':
    bpo-43249: Improve scoping in _pysqlite_fetch_one_row() (GH-24565)
    cc96231

    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    3.10 only security fixes stdlib Python modules in the Lib dir type-feature A feature request or enhancement
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    2 participants
    @berkerpeksag @erlend-aasland