[tarantool-patches] [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[tarantool-patches] [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Kirill Shcherbatov]

Removed ?N binding, changed $V to $N semantics to match
other vendors standarts.

Closes #2948
---
 src/box/sql/expr.c           | 13 +++++++-----
 test/sql-tap/e_expr.test.lua | 50 +++-----------------------------------------
 test/sql/iproto.result       | 33 +++++++++++++++++++++++++----
 test/sql/iproto.test.lua     | 14 +++++++++++--
 4 files changed, 52 insertions(+), 58 deletions(-)

diff --git a/src/box/sql/expr.c b/src/box/sql/expr.c
index 1b51823..cd2f549 100644
--- a/src/box/sql/expr.c
+++ b/src/box/sql/expr.c
@@ -1073,11 +1073,11 @@ sqlite3ExprFunction(Parse * pParse, ExprList * pList, Token * pToken)
  * Wildcards consisting of a single "?" are assigned the next sequential
  * variable number.
  *
- * Wildcards of the form "?nnn" are assigned the number "nnn".  We make
+ * Wildcards of the form "$nnn" are assigned the number "nnn".  We make
  * sure "nnn" is not too big to avoid a denial of service attack when
  * the SQL statement comes from an external source.
  *
- * Wildcards of the form ":aaa", "@aaa", or "$aaa" are assigned the same number
+ * Wildcards of the form ":aaa", "@aaa", are assigned the same number
  * as the previous instance of the same wildcard.  Or if this is the first
  * instance of the wildcard, the next sequential variable number is
  * assigned.
@@ -1104,7 +1104,10 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
 	} else {
 		int doAdd = 0;
 		if (z[0] == '?') {
-			/* Wildcard of the form "?nnn".  Convert "nnn" to an integer and
+			sqlite3ErrorMsg(pParse, "Unsupported variable format");
+			return;
+		} else if (z[0] == '$') {
+			/* Wildcard of the form "$nnn".  Convert "nnn" to an integer and
 			 * use it as the variable number
 			 */
 			i64 i;
@@ -1129,7 +1132,7 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
 				doAdd = 1;
 			}
 		} else {
-			/* Wildcards like ":aaa", "$aaa" or "@aaa".  Reuse the same variable
+			/* Wildcards like ":aaa", or "@aaa".  Reuse the same variable
 			 * number as the prior appearance of the same name, or if the name
 			 * has never appeared before, reuse the same variable number
 			 */
@@ -3828,7 +3831,7 @@ sqlite3ExprCodeTarget(Parse * pParse, Expr * pExpr, int target)
 				const char *z =
 				    sqlite3VListNumToName(pParse->pVList,
 							  pExpr->iColumn);
-				assert(pExpr->u.zToken[0] == '?'
+				assert(pExpr->u.zToken[0] == '$'
 				       || strcmp(pExpr->u.zToken, z) == 0);
 				pParse->pVList[0] = 0;	/* Indicate VList may no longer be enlarged */
 				sqlite3VdbeAppendP4(v, (char *)z, P4_STATIC);
diff --git a/test/sql-tap/e_expr.test.lua b/test/sql-tap/e_expr.test.lua
index d0f6895..90cd15f 100755
--- a/test/sql-tap/e_expr.test.lua
+++ b/test/sql-tap/e_expr.test.lua
@@ -1,6 +1,6 @@
 #!/usr/bin/env tarantool
 test = require("sqltester")
-test:plan(14750)
+test:plan(14749)
 
 --!./tcltestrunner.lua
 -- 2010 July 16
@@ -1188,48 +1188,6 @@ if (0>0) then
         X(492, "X!cmd", [=[["do_test",[["tn"],".res"],[["list","set","",["res"]]],["result"]]]=])
     end
 
-    -- EVIDENCE-OF: R-33509-39458 A question mark followed by a number NNN
-    -- holds a spot for the NNN-th parameter. NNN must be between 1 and
-    -- SQLITE_MAX_VARIABLE_NUMBER.
-    --
-    mvn = SQLITE_MAX_VARIABLE_NUMBER
-    parameter_test("e_expr-11.1", string.format([[
-      SELECT ?1, ?123, ?%s, ?123, ?4
-    ]], SQLITE_MAX_VARIABLE_NUMBER), string.format("1 ?1  123 ?123 %s ?%s 4 ?4", mvn, mvn), "-1 -123 -"..mvn.." -123 -4")
-    errmsg = "variable number must be between ?1 and ?"..SQLITE_MAX_VARIABLE_NUMBER..""
-    for _ in X(0, "X!foreach", [=[["tn param_number",[["list","2","0","3",[["expr",[["SQLITE_MAX_VARIABLE_NUMBER"],"+1"]]],"4",[["expr",[["SQLITE_MAX_VARIABLE_NUMBER"],"+2"]]],"5","12345678903456789034567890234567890","6","2147483648","7","2147483649","8","4294967296","9","4294967297","10","9223372036854775808","11","9223372036854775809","12","18446744073709551616","13","18446744073709551617"]]]]=]) do
-        test:do_catchsql_test(
-            "e_expr-11.1."..tn,
-            "SELECT ?"..param_number.."", {
-                1, errmsg
-            })
-
-    end
-    -- EVIDENCE-OF: R-33670-36097 A question mark that is not followed by a
-    -- number creates a parameter with a number one greater than the largest
-    -- parameter number already assigned.
-    --
-    -- EVIDENCE-OF: R-42938-07030 If this means the parameter number is
-    -- greater than SQLITE_MAX_VARIABLE_NUMBER, it is an error.
-    --
-    parameter_test("e_expr-11.2.1", "SELECT ?", "1 {}", -1)
-    parameter_test("e_expr-11.2.2", "SELECT ?, ?", "1 {} 2 {}", "-1 -2")
-    parameter_test("e_expr-11.2.3", "SELECT ?5, ?", "5 ?5 6 {}", "-5 -6")
-    parameter_test("e_expr-11.2.4", "SELECT ?, ?5", "1 {} 5 ?5", "-1 -5")
-    parameter_test("e_expr-11.2.5", "SELECT ?, ?456, ?", [[
-      1 {} 456 ?456 457 {}
-    ]], "-1 -456 -457")
-    parameter_test("e_expr-11.2.5", "SELECT ?, ?456, ?4, ?", [[
-      1 {} 456 ?456 4 ?4 457 {}
-    ]], "-1 -456 -4 -457")
-    for _ in X(0, "X!foreach", [=[["tn sql",[["list","1",["SELECT ?",["mvn"],", ?"],"2",["SELECT ?",[["expr",[["mvn"],"-5"]]],", ?, ?, ?, ?, ?, ?"],"3",["SELECT ?",[["expr",["mvn"]]],", ?5, ?6, ?"]]]]]=]) do
-        test:do_catchsql_test(
-            "e_expr-11.3."..tn,
-            sql, {
-                1, "too many SQL variables"
-            })
-
-    end
     -- EVIDENCE-OF: R-11620-22743 A colon followed by an identifier name
     -- holds a spot for a named parameter with the name :AAAA.
     --
@@ -1287,7 +1245,6 @@ if (0>0) then
     -- error.
     --
     parameter_test("e_expr-11.6.1", "SELECT ?, @abc", "1 {} 2 @abc", "-1 -2")
-    parameter_test("e_expr-11.6.2", "SELECT ?123, :a1", "123 ?123 124 :a1", "-123 -124")
     parameter_test("e_expr-11.6.3", "SELECT $a, ?8, ?, $b, ?2, $c", [[
       1 $a 8 ?8 9 {} 10 $b 2 ?2 11 $c
     ]], "-1 -8 -9 -10 -2 -11")
@@ -1503,11 +1460,10 @@ local test_cases12 ={
     {8, "CURRENT_TIMESTAMP"},
 
     {9, "?"},
-    {10, "?123"},
     {11, "@hello"},
     {12, ":world"},
-    {13, "$tcl"},
-    {14, "$tcl(array)"},
+    {13, ":tcl"},
+    {14, ":tcl(array)"},
 
     {15, "cname"},
     {16, "tblname.cname"},
diff --git a/test/sql/iproto.result b/test/sql/iproto.result
index b251c80..4305eb9 100644
--- a/test/sql/iproto.result
+++ b/test/sql/iproto.result
@@ -164,7 +164,7 @@ parameters = {}
 parameters[1] = {}
 ---
 ...
-parameters[1]['$value3'] = 1
+parameters[1][':value3'] = 1
 ---
 ...
 parameters[2] = 2
@@ -188,10 +188,10 @@ parameters[6] = {}
 parameters[6]['@value2'] = 6
 ---
 ...
-cn:execute('select $value3, ?, :value1, ?, ?, @value2, ?, $value3', parameters)
+cn:execute('select :value3, ?, :value1, ?, ?, @value2, ?, :value3', parameters)
 ---
-- metadata: [{'name': $value3}, {'name': '?'}, {'name': ':value1'}, {'name': '?'},
-    {'name': '?'}, {'name': '@value2'}, {'name': '?'}, {'name': '$value3'}]
+- metadata: [{'name': ':value3'}, {'name': '?'}, {'name': ':value1'}, {'name': '?'},
+    {'name': '?'}, {'name': '@value2'}, {'name': '?'}, {'name': ':value3'}]
   rows:
   - [1, 2, 3, 4, 5, 6, null, 1]
 ...
@@ -422,6 +422,31 @@ cn:execute('drop table if exists test3')
 ---
 - rowcount: 0
 ...
+--
+-- gh-2948: sql: remove unnecessary templates for binding parameters
+--
+cn:execute('select ?1, ?2, ?3', {1, 2, 3})
+---
+- error: 'Failed to execute SQL statement: Unsupported variable format'
+...
+parameters = {}
+---
+...
+parameters[1] = 11
+---
+...
+parameters[2] = 22
+---
+...
+parameters[3] = 33
+---
+...
+cn:execute('select $2, $1, $3', parameters)
+---
+- metadata: [{'name': $2}, {'name': '$1'}, {'name': '$3'}]
+  rows:
+  - [22, 11, 33]
+...
 -- gh-2602 obuf_alloc breaks the tuple in different slabs
 _ = space:replace{1, 1, string.rep('a', 4 * 1024 * 1024)}
 ---
diff --git a/test/sql/iproto.test.lua b/test/sql/iproto.test.lua
index 9d7c825..cbeaddd 100644
--- a/test/sql/iproto.test.lua
+++ b/test/sql/iproto.test.lua
@@ -60,7 +60,7 @@ cn:execute('select ?, :value1, @value2', parameters)
 
 parameters = {}
 parameters[1] = {}
-parameters[1]['$value3'] = 1
+parameters[1][':value3'] = 1
 parameters[2] = 2
 parameters[3] = {}
 parameters[3][':value1'] = 3
@@ -68,7 +68,7 @@ parameters[4] = 4
 parameters[5] = 5
 parameters[6] = {}
 parameters[6]['@value2'] = 6
-cn:execute('select $value3, ?, :value1, ?, ?, @value2, ?, $value3', parameters)
+cn:execute('select :value3, ?, :value1, ?, ?, @value2, ?, :value3', parameters)
 
 -- Try not-integer types.
 msgpack = require('msgpack')
@@ -161,6 +161,16 @@ cn:execute('insert into test3 values (1, 1, 1), (2, 2, 2), (3, 3, 3)')
 cn:execute('drop table test3')
 cn:execute('drop table if exists test3')
 
+--
+-- gh-2948: sql: remove unnecessary templates for binding parameters
+--
+cn:execute('select ?1, ?2, ?3', {1, 2, 3})
+parameters = {}
+parameters[1] = 11
+parameters[2] = 22
+parameters[3] = 33
+cn:execute('select $2, $1, $3', parameters)
+
 -- gh-2602 obuf_alloc breaks the tuple in different slabs
 _ = space:replace{1, 1, string.rep('a', 4 * 1024 * 1024)}
 res = cn:execute('select * from test')
-- 
2.7.4

[tarantool-patches] Re: [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Vladislav Shpilevoy]

Hello. Thanks for the patch! See my 7 comments below.

On 16/05/2018 20:14, Kirill Shcherbatov wrote:
> Removed ?N binding, changed $V to $N semantics to match
> other vendors standarts.
> 
> Closes #2948
> ---

1. Put the branch and issue links here please.

>   src/box/sql/expr.c           | 13 +++++++-----
>   test/sql-tap/e_expr.test.lua | 50 +++-----------------------------------------
>   test/sql/iproto.result       | 33 +++++++++++++++++++++++++----
>   test/sql/iproto.test.lua     | 14 +++++++++++--
>   4 files changed, 52 insertions(+), 58 deletions(-)
> 
> diff --git a/src/box/sql/expr.c b/src/box/sql/expr.c
> index 1b51823..cd2f549 100644
> --- a/src/box/sql/expr.c
> +++ b/src/box/sql/expr.c
> @@ -1073,11 +1073,11 @@ sqlite3ExprFunction(Parse * pParse, ExprList * pList, Token * pToken)
>    * Wildcards consisting of a single "?" are assigned the next sequential
>    * variable number.
>    *
> - * Wildcards of the form "?nnn" are assigned the number "nnn".  We make
> + * Wildcards of the form "$nnn" are assigned the number "nnn".  We make

2. I still can grep ?nnn in sqliteLimit.h.

>    * sure "nnn" is not too big to avoid a denial of service attack when
>    * the SQL statement comes from an external source.
>    *
> - * Wildcards of the form ":aaa", "@aaa", or "$aaa" are assigned the same number
> + * Wildcards of the form ":aaa", "@aaa", are assigned the same number

3. I still see tests on $aaa here: sql-tap/e_expr.test.lua.

4. When you fix comments, please, align them by 66 symbols.

> @@ -1104,7 +1104,10 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
>   	} else {
>   		int doAdd = 0;
>   		if (z[0] == '?') {
> -			/* Wildcard of the form "?nnn".  Convert "nnn" to an integer and
> +			sqlite3ErrorMsg(pParse, "Unsupported variable format");

5. This function always must take valid variable, it is guaranteed by a parser. Please,
do this check in parse.y. ?nnn - is syntax error.

> +			return;
> +		} else if (z[0] == '$') {

6. Error message in this 'if' body still outputs '?NNN'

7. I found, that :NNN works too, including SQLite. Please, remove it too.
It works because SQLite interprets any symbols except '$' and '?' as prefix for
name or number parameter.

Example:
tarantool> cn:execute('select * from test where id = :1', {1})
---
- metadata: [{'name': ID}, {'name': 'A'}, {'name': 'B'}]
   rows:
   - [1, 2, '3']
...

We must forbid it.

[tarantool-patches] Re: [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Kirill Shcherbatov]

On 16.05.2018 21:28, Vladislav Shpilevoy wrote:
> Hello. Thanks for the patch! See my 7 comments below.
> 
> On 16/05/2018 20:14, Kirill Shcherbatov wrote:
>> Removed ?N binding, changed $V to $N semantics to match
>> other vendors standarts.
>>
>> Closes #2948
>> ---
> 
> 1. Put the branch and issue links here please.

Branch: http://github.com/tarantool/tarantool/tree/gh-2948-unnecessary-bindings
Issue: https://github.com/tarantool/tarantool/issues/2948

> 2. I still can grep ?nnn in sqliteLimit.h.

--- a/src/box/sql/sqliteLimit.h
+++ b/src/box/sql/sqliteLimit.h
@@ -39,7 +39,7 @@
-	 * The maximum value of a ?nnn wildcard that the parser will accept.
+	 * The maximum value of a $nnn wildcard that the parser will accept.

> 3. I still see tests on $aaa here: sql-tap/e_expr.test.lua.
> 4. When you fix comments, please, align them by 66 symbols.

iff --git a/test/sql-tap/e_expr.test.lua b/test/sql-tap/e_expr.test.lua
index 90cd15f..75f5c3c 100755
--- a/test/sql-tap/e_expr.test.lua
+++ b/test/sql-tap/e_expr.test.lua
@@ -1,6 +1,6 @@
 #!/usr/bin/env tarantool
 test = require("sqltester")
-test:plan(14749)
+test:plan(14747)
 
 --!./tcltestrunner.lua
 -- 2010 July 16
@@ -156,11 +156,11 @@ for _, op1 in ipairs(oplist) do
             local B = val[2]
             local C = val[3]
             local testname = string.format("e_expr-1.%s.%s.%s", opname[op1], opname[op2], tn)
-            -- If $op2 groups more tightly than $op1, then the result
-            -- of executing $sql1 whould be the same as executing $sql3.
-            -- If $op1 groups more tightly, or if $op1 and $op2 have
-            -- the same precedence, then executing $sql1 should return
-            -- the same value as $sql2.
+            -- If ?op2 groups more tightly than ?op1, then the result
+            -- of executing ?sql1 whould be the same as executing ?sql3.
+            -- If ?op1 groups more tightly, or if ?op1 and ?op2 have
+            -- the same precedence, then executing ?sql1 should return
+            -- the same value as ?sql2.
             --
             local sql1 = string.format("SELECT %s %s %s %s %s", A, op1, B, op2, C)
             local sql2 = string.format("SELECT (%s %s %s) %s %s", A, op1, B, op2, C)
@@ -1214,55 +1214,13 @@ if (0>0) then
       SELECT @เอศขูเอล
     ]], "1 @เอศขูเอล", -1)
     parameter_test("e_expr-11.3.6", "SELECT @€", "1 @€", -1)
-    -- EVIDENCE-OF: R-62610-51329 A dollar-sign followed by an identifier
-    -- name also holds a spot for a named parameter with the name $AAAA.
-    --
-    -- EVIDENCE-OF: R-55025-21042 The identifier name in this case can
-    -- include one or more occurrences of "::" and a suffix enclosed in
-    -- "(...)" containing any text at all.
-    --
-    -- Note: Looks like an identifier cannot consist entirely of "::"
-    -- characters or just a suffix. Also, the other named variable characters
-    -- (: and @) work the same way internally. Why not just document it that way?
-    --
-    parameter_test("e_expr-11.4.1", "SELECT $AAAA", "1 $AAAA", -1)
-    parameter_test("e_expr-11.4.2", "SELECT $123", "1 $123", -1)
-    parameter_test("e_expr-11.4.3", "SELECT $__", "1 $__", -1)
-    parameter_test("e_expr-11.4.4", "SELECT $_$_", "1 $_$_", -1)
-    parameter_test("e_expr-11.4.5", [[
-      SELECT $เอศขูเอล
-    ]], "1 $เอศขูเอล", -1)
-    parameter_test("e_expr-11.4.6", "SELECT $€", "1 $€", -1)
-    parameter_test("e_expr-11.5.1", "SELECT $::::a(++--++)", "1 $::::a(++--++)", -1)
-    parameter_test("e_expr-11.5.2", "SELECT $::a()", "1 $::a()", -1)
-    parameter_test("e_expr-11.5.3", "SELECT $::1(::#$)", "1 $::1(::#$)", -1)
-    -- EVIDENCE-OF: R-11370-04520 Named parameters are also numbered. The
-    -- number assigned is one greater than the largest parameter number
-    -- already assigned.
-    --
-    -- EVIDENCE-OF: R-42620-22184 If this means the parameter would be
-    -- assigned a number greater than SQLITE_MAX_VARIABLE_NUMBER, it is an
-    -- error.
-    --
-    parameter_test("e_expr-11.6.1", "SELECT ?, @abc", "1 {} 2 @abc", "-1 -2")
-    parameter_test("e_expr-11.6.3", "SELECT $a, ?8, ?, $b, ?2, $c", [[
-      1 $a 8 ?8 9 {} 10 $b 2 ?2 11 $c
-    ]], "-1 -8 -9 -10 -2 -11")
-    for _ in X(0, "X!foreach", [=[["tn sql",[["list","1",["SELECT ?",["mvn"],", $::a"],"2",["SELECT ?",["mvn"],", ?4, @a1"],"3",["SELECT ?",[["expr",[["mvn"],"-2"]]],", :bag, @123, $x"]]]]]=]) do
-        test:do_catchsql_test(
-            "e_expr-11.7."..tn,
-            sql, {
-                1, "too many SQL variables"
-            })
-
-    end
     -- EVIDENCE-OF: R-14068-49671 Parameters that are not assigned values
     -- using sqlite3_bind() are treated as NULL.
     --
     test:do_test(
         "e_expr-11.7.1",
         function()
-            stmt = sqlite3_prepare_v2("db", " SELECT ?, :a, @b, $d ", -1)
+            stmt = sqlite3_prepare_v2("db", " SELECT ?, :a, @b, ?d ", -1)
             sqlite3_step(stmt)
             return { sqlite3_column_type(stmt, 0), sqlite3_column_type(stmt, 1), sqlite3_column_type(stmt, 2), sqlite3_column_type(stmt, 3) }
         end, {
@@ -1506,7 +1464,6 @@ local test_cases12 ={
 
     {49, "CAST ( EXPR AS integer )"},
     {50, "CAST ( EXPR AS 'abcd' )"},
-    {51, "CAST ( EXPR AS 'ab$ $cd' )"},
 
     {52, "EXPR COLLATE \"unicode_ci\""},
     {53, "EXPR COLLATE binary"},
@@ -1634,20 +1591,6 @@ for _, val in ipairs(test_cases12) do
 
     end
 end
--- # -- syntax diagram raise-function
--- #
--- foreach {tn raiseexpr} {
---   1 "RAISE(IGNORE)"
---   2 "RAISE(ROLLBACK, 'error message')"
---   3 "RAISE(ABORT, 'error message')"
---   4 "RAISE(FAIL, 'error message')"
--- } {
---   do_execsql_test e_expr-12.4.$tn "
---     CREATE TRIGGER dbname.tr$tn BEFORE DELETE ON tblname BEGIN
---       SELECT $raiseexpr ;
---     END;
---   " {}
--- }
 ---------------------------------------------------------------------------
 -- Test the statements related to the BETWEEN operator.
 --


@@ -1067,20 +1067,20 @@ sqlite3ExprFunction(Parse * pParse, ExprList * pList, Token * pToken)
 }
 
 /*
- * Assign a variable number to an expression that encodes a wildcard
- * in the original SQL statement.
+ * Assign a variable number to an expression that encodes a
+ * wildcard in the original SQL statement.
  *
- * Wildcards consisting of a single "?" are assigned the next sequential
- * variable number.
+ * Wildcards consisting of a single "?" are assigned the next
+ * sequential variable number.
  *
- * Wildcards of the form "$nnn" are assigned the number "nnn".  We make
- * sure "nnn" is not too big to avoid a denial of service attack when
- * the SQL statement comes from an external source.
+ * Wildcards of the form "$nnn" are assigned the number "nnn".
+ * We make sure "nnn" is not too big to avoid a denial of service
+ * attack when the SQL statement comes from an external source.
  *
- * Wildcards of the form ":aaa", "@aaa", are assigned the same number
- * as the previous instance of the same wildcard.  Or if this is the first
- * instance of the wildcard, the next sequential variable number is
- * assigned.
+ * Wildcards of the form ":aaa", "@aaa", are assigned the same
+ * number as the previous instance of the same wildcard.  Or if
+ * this is the first instance of the wildcard, the next sequential variable
+ * number is assigned.
  */
> 5. This function always must take valid variable, it is guaranteed by a parser. Please,
> do this check in parse.y. ?nnn - is syntax error.

+++ b/src/box/sql/parse.y
@@ -897,7 +897,11 @@ expr(A) ::= VARIABLE(X).     {
   if( !(X.z[0]=='#' && sqlite3Isdigit(X.z[1])) ){
     u32 n = X.n;
     spanExpr(&A, pParse, TK_VARIABLE, X);
-    sqlite3ExprAssignVarNumber(pParse, A.pExpr, n);
+    if (A.pExpr->u.zToken[0] == '?' && n > 1) {
+        sqlite3ErrorMsg(pParse, "Unsupported variable format");
+    } else {
+        sqlite3ExprAssignVarNumber(pParse, A.pExpr, n);
+    }
   }else{

+++ b/src/box/sql/expr.c
@@ -1103,10 +1103,8 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
 		x = (ynVar) (++pParse->nVar);
 	} else {
 		int doAdd = 0;
-		if (z[0] == '?') {
-			sqlite3ErrorMsg(pParse, "Unsupported variable format");
-			return;
-		} else if (z[0] == '$') {
+		assert(z[0] != '?');
+		if (z[0] == '$') {

> 6. Error message in this 'if' body still outputs '?NNN'
@@ -1120,7 +1118,7 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
 			testcase(i == SQL_BIND_PARAMETER_MAX);
 			if (bOk == 0 || i < 1 || i > SQL_BIND_PARAMETER_MAX) {
 				sqlite3ErrorMsg(pParse,
-						"variable number must be between ?1 and ?%d",
+						"variable number must be between $1 and $%d",
 						SQL_BIND_PARAMETER_MAX);
 
> 7. I found, that :NNN works too, including SQLite. Please, remove it too.
> It works because SQLite interprets any symbols except '$' and '?' as prefix for
> name or number parameter.

@@ -1141,6 +1139,13 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
 				x = (ynVar) (++pParse->nVar);
 				doAdd = 1;
 			}
+			if (n > 1 && (!sqlite3Isalpha(z[1]) ||
+			     sqlite3CheckIdentifierName(pParse, &z[1]) !=
+			     SQLITE_OK)) {
+				sqlite3ErrorMsg(pParse,
+						"name '%s' is invalid identifier", z);
+				return;
+			}
 		}

--- a/src/box/sql/sqliteInt.h
+++ b/src/box/sql/sqliteInt.h
@@ -3960,7 +3960,7 @@ Expr *sqlite3ExprAddCollateToken(Parse * pParse, Expr *, const Token *, int);
Expr *sqlite3ExprAddCollateString(Parse *, Expr *, const char *);
Expr *sqlite3ExprSkipCollate(Expr *);
int sqlite3CheckCollSeq(Parse *, struct coll *);
-int sqlite3CheckIdentifierName(Parse *, char *);
+int sqlite3CheckIdentifierName(Parse *, const char *);


diff --git a/test/sql/iproto.result b/test/sql/iproto.result
index 4305eb9..7be4470 100644
--- a/test/sql/iproto.result
+++ b/test/sql/iproto.result
@@ -447,6 +447,10 @@ cn:execute('select $2, $1, $3', parameters)
   rows:
   - [22, 11, 33]
 ...
+cn:execute('select * from test where id = :1', {1})
+---
+- error: 'Failed to execute SQL statement: name '':1'' is invalid identifier'
+...
 -- gh-2602 obuf_alloc breaks the tuple in different slabs
 _ = space:replace{1, 1, string.rep('a', 4 * 1024 * 1024)}
 ---
diff --git a/test/sql/iproto.test.lua b/test/sql/iproto.test.lua
index cbeaddd..c7e9695 100644
--- a/test/sql/iproto.test.lua
+++ b/test/sql/iproto.test.lua
@@ -170,6 +170,7 @@ parameters[1] = 11
 parameters[2] = 22
 parameters[3] = 33
 cn:execute('select $2, $1, $3', parameters)
+cn:execute('select * from test where id = :1', {1})
 
 -- gh-2602 obuf_alloc breaks the tuple in different slabs
 _ = space:replace{1, 1, string.rep('a', 4 * 1024 * 1024)}

[tarantool-patches] Re: [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Vladislav Shpilevoy]

Hello. See 6 comments below.

On 17/05/2018 13:39, Kirill Shcherbatov wrote:
> On 16.05.2018 21:28, Vladislav Shpilevoy wrote:
>> Hello. Thanks for the patch! See my 7 comments below.
>>
>> On 16/05/2018 20:14, Kirill Shcherbatov wrote:
>>> Removed ?N binding, changed $V to $N semantics to match
>>> other vendors standarts.
>>>
>>> Closes #2948
>>> ---
>>
>> 5. This function always must take valid variable, it is guaranteed by a parser. Please,
>> do this check in parse.y. ?nnn - is syntax error.
> 
> +++ b/src/box/sql/parse.y
> @@ -897,7 +897,11 @@ expr(A) ::= VARIABLE(X).     {
>     if( !(X.z[0]=='#' && sqlite3Isdigit(X.z[1])) ){
>       u32 n = X.n;
>       spanExpr(&A, pParse, TK_VARIABLE, X);
> -    sqlite3ExprAssignVarNumber(pParse, A.pExpr, n);
> +    if (A.pExpr->u.zToken[0] == '?' && n > 1) {
> +        sqlite3ErrorMsg(pParse, "Unsupported variable format");

1. As I said, it is syntax error, not unsupported format.

> +    } else {
> +        sqlite3ExprAssignVarNumber(pParse, A.pExpr, n);
> +    }
>     }else{
> 
>   
>> 7. I found, that :NNN works too, including SQLite. Please, remove it too.
>> It works because SQLite interprets any symbols except '$' and '?' as prefix for
>> name or number parameter.
> 
> @@ -1141,6 +1139,13 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
>   				x = (ynVar) (++pParse->nVar);
>   				doAdd = 1;
>   			}
> +			if (n > 1 && (!sqlite3Isalpha(z[1]) ||
> +			     sqlite3CheckIdentifierName(pParse, &z[1]) !=

2. Wrong alignment.

> +			     SQLITE_OK)) {
> +				sqlite3ErrorMsg(pParse,
> +						"name '%s' is invalid identifier", z);
> +				return;
> +			}
>   		}

3. This function takes already valid identifier. Again - check this in the parser.

4. n > 1 is guaranteed by the checks above.

5. Why do you need !sqlite3Isalpha(z[1])? '1a' is valid identifier, but your check forbids it. Strictly
speaking, any number is valid identifier too. So mayby I was wrong, lets allow ':NNNN' syntax. But here
NNNN will be interpreted as name, not number. It should be documented.

6. I still do not see TarantoolBot request in the issue comments.

[tarantool-patches] Re: [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Konstantin Osipov]

* Kirill Shcherbatov <kshcherbatov@tarantool.org> [18/05/16 20:15]:
> Removed ?N binding, changed $V to $N semantics to match
> other vendors standarts.

Standards.

Please take time to set up automatic spell checking in your editor.

-- 
Konstantin Osipov, Moscow, Russia, +7 903 626 22 32
http://tarantool.io - www.twitter.com/kostja_osipov

[tarantool-patches] Re: [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Konstantin Osipov]

* Kirill Shcherbatov <kshcherbatov@tarantool.org> [18/05/16 20:15]:
> Removed ?N binding, changed $V to $N semantics to match
> other vendors standarts.

Please make sure to open a documentation request for your changes.
> 

-- 
Konstantin Osipov, Moscow, Russia, +7 903 626 22 32
http://tarantool.io - www.twitter.com/kostja_osipov

[tarantool-patches] Re: [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Kirill Shcherbatov]

> 1. As I said, it is syntax error, not unsupported format.
+++ b/src/box/sql/parse.y
@@ -896,9 +896,10 @@ term(A) ::= INTEGER(X). {
 expr(A) ::= VARIABLE(X).     {
   if( !(X.z[0]=='#' && sqlite3Isdigit(X.z[1])) ){
     u32 n = X.n;
+    Token t = X;
     spanExpr(&A, pParse, TK_VARIABLE, X);
     if (A.pExpr->u.zToken[0] == '?' && n > 1) {
-        sqlite3ErrorMsg(pParse, "Unsupported variable format");
+        sqlite3ErrorMsg(pParse, "near \"%T\": syntax error", &t);

> 2. Wrong alignment.
> 3. This function takes already valid identifier. Again - check this in the parser.
> 4. n > 1 is guaranteed by the checks above.
> 5. Why do you need !sqlite3Isalpha(z[1])? '1a' is valid identifier, but your check forbids it. Strictly
> speaking, any number is valid identifier too. So mayby I was wrong, lets allow ':NNNN' syntax. But here
> NNNN will be interpreted as name, not number. It should be documented.
+++ b/src/box/sql/expr.c
@@ -1139,13 +1139,6 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
 				x = (ynVar) (++pParse->nVar);
 				doAdd = 1;
 			}
-			if (n > 1 && (!sqlite3Isalpha(z[1]) ||
-			     sqlite3CheckIdentifierName(pParse, &z[1]) !=
-			     SQLITE_OK)) {
-				sqlite3ErrorMsg(pParse,
-						"name '%s' is invalid identifier", z);
-				return;
-			}

> 6. I still do not see TarantoolBot request in the issue comments.

done.

[tarantool-patches] Re: [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Vladislav Shpilevoy]

Hello. Thanks for the patch! I pushed my review fixes on the branch. Now
the patch LGTM. You may squash my fixes if you want.

commit da7816320606bcdc2cc247b2b7ccb9ac0c6d0af3
Author: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
Date:   Thu May 24 15:18:34 2018 +0300

     Review fixes

diff --git a/src/box/sql/expr.c b/src/box/sql/expr.c
index 263d940ce..8a163c87b 100644
--- a/src/box/sql/expr.c
+++ b/src/box/sql/expr.c
@@ -1091,8 +1091,10 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
  		int doAdd = 0;
  		assert(z[0] != '?');
  		if (z[0] == '$') {
-			/* Wildcard of the form "$nnn".  Convert "nnn" to an integer and
-			 * use it as the variable number
+			/*
+			 * Wildcard of the form "$nnn". Convert
+			 * "nnn" to an integer and use it as the
+			 * variable number
  			 */
  			i64 i;
  			int bOk =
diff --git a/src/box/sql/parse.y b/src/box/sql/parse.y
index 9f6eb0c98..e71bde848 100644
--- a/src/box/sql/parse.y
+++ b/src/box/sql/parse.y
@@ -867,20 +867,18 @@ term(A) ::= INTEGER(X). {
    if( A.pExpr ) A.pExpr->flags |= EP_Leaf;
  }
  expr(A) ::= VARIABLE(X).     {
+  Token t = X;
    if( !(X.z[0]=='#' && sqlite3Isdigit(X.z[1])) ){
      u32 n = X.n;
-    Token t = X;
      spanExpr(&A, pParse, TK_VARIABLE, X);
-    if (A.pExpr->u.zToken[0] == '?' && n > 1) {
+    if (A.pExpr->u.zToken[0] == '?' && n > 1)
          sqlite3ErrorMsg(pParse, "near \"%T\": syntax error", &t);
-    } else {
+    else
          sqlite3ExprAssignVarNumber(pParse, A.pExpr, n);
-    }
    }else{
      /* When doing a nested parse, one can include terms in an expression
      ** that look like this:   #1 #2 ...  These terms refer to registers
      ** in the virtual machine.  #N is the N-th register. */
-    Token t = X; /*A-overwrites-X*/
      assert( t.n>=2 );
      spanSet(&A, &t, &t);
      if( pParse->nested==0 ){
diff --git a/test/sql/iproto.result b/test/sql/iproto.result
index 5b22838bf..3b7574ae0 100644
--- a/test/sql/iproto.result
+++ b/test/sql/iproto.result
@@ -457,12 +457,18 @@ cn:execute('drop table if exists test3')
  - rowcount: 0
  ...
  --
--- gh-2948: sql: remove unnecessary templates for binding parameters
+-- gh-2948: sql: remove unnecessary templates for binding
+-- parameters.
  --
  cn:execute('select ?1, ?2, ?3', {1, 2, 3})
  ---
  - error: 'Failed to execute SQL statement: near "?1": syntax error'
  ...
+cn:execute('select $name, $name2', {1, 2})
+---
+- error: 'Failed to execute SQL statement: variable number must be between $1 and
+    $65000'
+...
  parameters = {}
  ---
  ...
diff --git a/test/sql/iproto.test.lua b/test/sql/iproto.test.lua
index c7e969528..159a8394e 100644
--- a/test/sql/iproto.test.lua
+++ b/test/sql/iproto.test.lua
@@ -162,9 +162,11 @@ cn:execute('drop table test3')
  cn:execute('drop table if exists test3')
  
  --
--- gh-2948: sql: remove unnecessary templates for binding parameters
+-- gh-2948: sql: remove unnecessary templates for binding
+-- parameters.
  --
  cn:execute('select ?1, ?2, ?3', {1, 2, 3})
+cn:execute('select $name, $name2', {1, 2})
  parameters = {}
  parameters[1] = 11
  parameters[2] = 22


On 23/05/2018 18:42, Kirill Shcherbatov wrote:
>> 1. As I said, it is syntax error, not unsupported format.
> +++ b/src/box/sql/parse.y
> @@ -896,9 +896,10 @@ term(A) ::= INTEGER(X). {
>   expr(A) ::= VARIABLE(X).     {
>     if( !(X.z[0]=='#' && sqlite3Isdigit(X.z[1])) ){
>       u32 n = X.n;
> +    Token t = X;
>       spanExpr(&A, pParse, TK_VARIABLE, X);
>       if (A.pExpr->u.zToken[0] == '?' && n > 1) {
> -        sqlite3ErrorMsg(pParse, "Unsupported variable format");
> +        sqlite3ErrorMsg(pParse, "near \"%T\": syntax error", &t);
> 
>> 2. Wrong alignment.
>> 3. This function takes already valid identifier. Again - check this in the parser.
>> 4. n > 1 is guaranteed by the checks above.
>> 5. Why do you need !sqlite3Isalpha(z[1])? '1a' is valid identifier, but your check forbids it. Strictly
>> speaking, any number is valid identifier too. So mayby I was wrong, lets allow ':NNNN' syntax. But here
>> NNNN will be interpreted as name, not number. It should be documented.
> +++ b/src/box/sql/expr.c
> @@ -1139,13 +1139,6 @@ sqlite3ExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
>   				x = (ynVar) (++pParse->nVar);
>   				doAdd = 1;
>   			}
> -			if (n > 1 && (!sqlite3Isalpha(z[1]) ||
> -			     sqlite3CheckIdentifierName(pParse, &z[1]) !=
> -			     SQLITE_OK)) {
> -				sqlite3ErrorMsg(pParse,
> -						"name '%s' is invalid identifier", z);
> -				return;
> -			}
> 
>> 6. I still do not see TarantoolBot request in the issue comments.
> 
> done.
> 

[tarantool-patches] Re: [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Kirill Shcherbatov]

> Hello. Thanks for the patch! I pushed my review fixes on the branch. Now
> the patch LGTM. You may squash my fixes if you want.
Thanks for review!
Changes squashed.

[tarantool-patches] Re: [PATCH v1 1/1] sql: remove unnecessary templates for bindings

[Kirill Yukhin]

Hello,
On 24 мая 15:37, Kirill Shcherbatov wrote:
> > Hello. Thanks for the patch! I pushed my review fixes on the branch. Now
> > the patch LGTM. You may squash my fixes if you want.
> Thanks for review!
> Changes squashed.
I've committed you patch to 2.0 branch.

--
Regards, Kirill Yukhin