Merge pull request #549 from gwenn/non-utf-8

Do not assume `sqlite3_column_text` is valid UTF-8.
This commit is contained in:
gwenn 2019-07-27 09:36:27 +02:00 committed by GitHub
commit 1d8c2a6ac6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 22 additions and 20 deletions

View File

@ -216,7 +216,7 @@ impl InnerConnection {
pub fn prepare<'a>(&mut self, conn: &'a Connection, sql: &str) -> Result<Statement<'a>> {
let mut c_stmt = MaybeUninit::uninit();
let (c_sql, len, _) = str_for_sqlite(sql)?;
let (c_sql, len, _) = str_for_sqlite(sql.as_bytes())?;
let r = unsafe {
if cfg!(feature = "unlock_notify") {
let mut rc;

View File

@ -248,9 +248,9 @@ fn str_to_cstring(s: &str) -> Result<CString> {
/// The `sqlite3_destructor_type` item is always `SQLITE_TRANSIENT` unless
/// the string was empty (in which case it's `SQLITE_STATIC`, and the ptr is
/// static).
fn str_for_sqlite(s: &str) -> Result<(*const c_char, c_int, ffi::sqlite3_destructor_type)> {
fn str_for_sqlite(s: &[u8]) -> Result<(*const c_char, c_int, ffi::sqlite3_destructor_type)> {
let len = len_as_c_int(s.len())?;
if memchr::memchr(0, s.as_bytes()).is_none() {
if memchr::memchr(0, s).is_none() {
let (ptr, dtor_info) = if len != 0 {
(s.as_ptr() as *const c_char, ffi::SQLITE_TRANSIENT())
} else {

View File

@ -86,6 +86,7 @@ impl Sql {
self.push_real(r);
}
ValueRef::Text(s) => {
let s = std::str::from_utf8(s)?;
self.push_string_literal(s);
}
_ => {

View File

@ -622,10 +622,7 @@ impl Statement<'_> {
CStr::from_ptr(text as *const c_char)
};
// sqlite3_column_text returns UTF8 data, so our unwrap here should be fine.
let s = s
.to_str()
.expect("sqlite3_column_text returned invalid UTF-8");
let s = s.to_bytes();
ValueRef::Text(s)
}
ffi::SQLITE_BLOB => {

View File

@ -17,7 +17,7 @@ impl ToSql for Value {
impl FromSql for Value {
fn column_result(value: ValueRef<'_>) -> FromSqlResult<Self> {
match value {
ValueRef::Text(s) => serde_json::from_str(s),
ValueRef::Text(s) => serde_json::from_slice(s),
ValueRef::Blob(b) => serde_json::from_slice(b),
_ => return Err(FromSqlError::InvalidType),
}

View File

@ -14,10 +14,12 @@ impl ToSql for Url {
impl FromSql for Url {
fn column_result(value: ValueRef<'_>) -> FromSqlResult<Self> {
match value {
ValueRef::Text(s) => Url::parse(s),
_ => return Err(FromSqlError::InvalidType),
ValueRef::Text(s) => {
let s = std::str::from_utf8(s).map_err(|e| FromSqlError::Other(Box::new(e)))?;
Url::parse(s).map_err(|e| FromSqlError::Other(Box::new(e)))
}
_ => Err(FromSqlError::InvalidType),
}
.map_err(|err| FromSqlError::Other(Box::new(err)))
}
}

View File

@ -14,7 +14,7 @@ pub enum ValueRef<'a> {
/// The value is a floating point number.
Real(f64),
/// The value is a text string.
Text(&'a str),
Text(&'a [u8]),
/// The value is a blob of data
Blob(&'a [u8]),
}
@ -54,7 +54,9 @@ impl<'a> ValueRef<'a> {
/// `Err(Error::InvalidColumnType)`.
pub fn as_str(&self) -> FromSqlResult<&'a str> {
match *self {
ValueRef::Text(t) => Ok(t),
ValueRef::Text(t) => {
std::str::from_utf8(t).map_err(|e| FromSqlError::Other(Box::new(e)))
}
_ => Err(FromSqlError::InvalidType),
}
}
@ -75,7 +77,10 @@ impl From<ValueRef<'_>> for Value {
ValueRef::Null => Value::Null,
ValueRef::Integer(i) => Value::Integer(i),
ValueRef::Real(r) => Value::Real(r),
ValueRef::Text(s) => Value::Text(s.to_string()),
ValueRef::Text(s) => {
let s = std::str::from_utf8(s).expect("invalid UTF-8");
Value::Text(s.to_string())
}
ValueRef::Blob(b) => Value::Blob(b.to_vec()),
}
}
@ -83,7 +88,7 @@ impl From<ValueRef<'_>> for Value {
impl<'a> From<&'a str> for ValueRef<'a> {
fn from(s: &str) -> ValueRef<'_> {
ValueRef::Text(s)
ValueRef::Text(s.as_bytes())
}
}
@ -99,7 +104,7 @@ impl<'a> From<&'a Value> for ValueRef<'a> {
Value::Null => ValueRef::Null,
Value::Integer(i) => ValueRef::Integer(i),
Value::Real(r) => ValueRef::Real(r),
Value::Text(ref s) => ValueRef::Text(s),
Value::Text(ref s) => ValueRef::Text(s.as_bytes()),
Value::Blob(ref b) => ValueRef::Blob(b),
}
}
@ -125,10 +130,7 @@ impl<'a> ValueRef<'a> {
);
let s = CStr::from_ptr(text as *const c_char);
// sqlite3_value_text returns UTF8 data, so our unwrap here should be fine.
let s = s
.to_str()
.expect("sqlite3_value_text returned invalid UTF-8");
let s = s.to_bytes();
ValueRef::Text(s)
}
ffi::SQLITE_BLOB => {