generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-07 19:44:45 +02:00
Code Issues Projects Releases Wiki Activity

SQLite not handling parameter count mismatch correctly #2020

Browse Source
This commit is contained in:
Alex Fabijanic
2017-11-29 19:39:45 -06:00
parent de692354b4
commit 21704830f1
2 changed files with 24 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
Data/SQLite/src/SQLiteStatementImpl.cpp
View File

@@ -88,7 +88,7 @@ void SQLiteStatementImpl::compileImpl()
if (pStmt) sqlite3_finalize(pStmt);
pStmt = 0;
std::string errMsg = sqlite3_errmsg(_pDB);
Utility::throwException(rc, errMsg);
Utility::throwException(_pDB, rc, errMsg);
}
else if (rc == SQLITE_OK && pStmt)
{
@@ -158,13 +158,13 @@ void SQLiteStatementImpl::bindImpl()
sqlite3_reset(_pStmt);
int paramCount = sqlite3_bind_parameter_count(_pStmt);
BindIt bindEnd = bindings().end();
if (0 == paramCount || bindEnd == _bindBegin)
if (0 == paramCount)
{
_canBind = false;
return;
}
BindIt bindEnd = bindings().end();
std::size_t availableCount = 0;
Bindings::difference_type bindCount = 0;
Bindings::iterator it = _bindBegin;
@@ -175,6 +175,9 @@ void SQLiteStatementImpl::bindImpl()
else break;
}
if (availableCount < paramCount)
throw ParameterCountMismatchException();
/**/
Bindings::difference_type remainingBindCount = bindEnd - _bindBegin;
if (bindCount < remainingBindCount)
{
@@ -183,7 +186,7 @@ void SQLiteStatementImpl::bindImpl()
}
else if (bindCount > remainingBindCount)
throw ParameterCountMismatchException();
/**/
std::size_t boundRowCount;
if (_bindBegin != bindings().end())
{
@@ -245,7 +248,7 @@ bool SQLiteStatementImpl::hasNext()
_affectedRowCount += sqlite3_changes(_pDB);
if (_nextResponse != SQLITE_ROW && _nextResponse != SQLITE_OK && _nextResponse != SQLITE_DONE)
Utility::throwException(_nextResponse);
Utility::throwException(_pDB, _nextResponse);
_pExtractor->reset();//clear the cached null indicators
@@ -273,7 +276,7 @@ std::size_t SQLiteStatementImpl::next()
if (_affectedRowCount == POCO_SQLITE_INV_ROW_CNT) _affectedRowCount = 0;
if (extracts.begin() != extracts.end())
{
_affectedRowCount += (*extracts.begin())->numOfRowsHandled();
_affectedRowCount += static_cast<int>((*extracts.begin())->numOfRowsHandled());
}
}
else if (SQLITE_DONE == _nextResponse)
@@ -282,7 +285,7 @@ std::size_t SQLiteStatementImpl::next()
}
else
{
Utility::throwException(_nextResponse, std::string("Iterator Error: trying to access the next value"));
Utility::throwException(_pDB, _nextResponse, std::string("Iterator Error: trying to access the next value"));
}
return 1u;