From 7b8051dc7ea087d3346ba71fcfc10a62310fe39a Mon Sep 17 00:00:00 2001
From: Gwenael Treguier <gwen@cas75-5-78-192-41-37.fbxo.proxad.net>
Date: Thu, 6 Aug 2015 21:15:30 +0200
Subject: [PATCH] Check Rust str length before binding.

---
 src/types.rs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/types.rs b/src/types.rs
index 1d30b30..f55a80e 100644
--- a/src/types.rs
+++ b/src/types.rs
@@ -102,8 +102,12 @@ raw_to_impl!(c_double, sqlite3_bind_double);
 
 impl<'a> ToSql for &'a str {
     unsafe fn bind_parameter(&self, stmt: *mut sqlite3_stmt, col: c_int) -> c_int {
+        let length = self.len();
+        if length > ::std::i32::MAX as usize {
+            return ffi::SQLITE_TOOBIG;
+        }
         match str_to_cstring(self) {
-            Ok(c_str) => ffi::sqlite3_bind_text(stmt, col, c_str.as_ptr(), -1,
+            Ok(c_str) => ffi::sqlite3_bind_text(stmt, col, c_str.as_ptr(), length as c_int,
                                                 ffi::SQLITE_TRANSIENT()),
             Err(_)    => ffi::SQLITE_MISUSE,
         }