From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tarantool-patches-bounce@freelists.org>
Received: from localhost (localhost [127.0.0.1])
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id DB2DC26F15
	for <tarantool-patches@freelists.org>; Fri,  8 Feb 2019 12:37:11 -0500 (EST)
Received: from turing.freelists.org ([127.0.0.1])
	by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 0OvInCF3jIN4 for <tarantool-patches@freelists.org>;
	Fri,  8 Feb 2019 12:37:11 -0500 (EST)
Received: from smtp37.i.mail.ru (smtp37.i.mail.ru [94.100.177.97])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id 95C9726EC1
	for <tarantool-patches@freelists.org>; Fri,  8 Feb 2019 12:37:11 -0500 (EST)
Date: Fri, 8 Feb 2019 20:37:09 +0300
From: Konstantin Osipov <kostja@tarantool.org>
Subject: [tarantool-patches] Re: [PATCH] sql: prohibit negative values under
 LIMIT clause
Message-ID: <20190208173709.GI4588@chai>
References: <20190204095108.18768-1-szudin@tarantool.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190204095108.18768-1-szudin@tarantool.org>
Sender: tarantool-patches-bounce@freelists.org
Errors-to: tarantool-patches-bounce@freelists.org
Reply-To: tarantool-patches@freelists.org
List-help: <mailto:ecartis@freelists.org?Subject=help>
List-unsubscribe: <tarantool-patches-request@freelists.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: tarantool-patches <tarantool-patches.freelists.org>
List-subscribe: <tarantool-patches-request@freelists.org?Subject=subscribe>
List-owner: <mailto:>
List-post: <mailto:tarantool-patches@freelists.org>
List-archive: <http://www.freelists.org/archives/tarantool-patches>
To: tarantool-patches@freelists.org
Cc: korablev@tarantool.org, Stanislav Zudin <szudin@tarantool.org>

* Stanislav Zudin <szudin@tarantool.org> [19/02/04 14:32]:
> +	const char *negativeLimitError =
> +			"Only positive numbers allowed "
> +			"in the LIMIT clause";

We should use diag_set, to ensure error are visible to the
documentation team and can be localized in the future.


>  	if (p->iLimit)
>  		return;
>  
> @@ -2098,6 +2101,13 @@ computeLimitRegisters(Parse * pParse, Select * p, int iBreak)
>  		v = sqlite3GetVdbe(pParse);
>  		assert(v != 0);
>  		if (sqlite3ExprIsInteger(p->pLimit, &n)) {
> +		    if (n < 0) {
> +                sqlite3VdbeAddOp4(v, OP_Halt,
> +                                  SQLITE_MISMATCH,
> +                                  0, 0, negativeLimitError,
> +                                  P4_STATIC);
> +            }
> +

I don't think we should do any check for  limit values during
parsing, since limit should allow bind parameters anyway. This
could should become superfluous if the patch is done right.
> +			int lPosOffsetValue = sqlite3VdbeMakeLabel(v);
> +			const char *negativeOffsetError =
> +					"Only positive numbers allowed "
> +					"in the OFFSET clause";

Ugh, same message is copied multiple times?!


-- 
Konstantin Osipov, Moscow, Russia, +7 903 626 22 32
http://tarantool.io - www.twitter.com/kostja_osipov