From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id DB2DC26F15 for ; Fri, 8 Feb 2019 12:37:11 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0OvInCF3jIN4 for ; Fri, 8 Feb 2019 12:37:11 -0500 (EST) Received: from smtp37.i.mail.ru (smtp37.i.mail.ru [94.100.177.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id 95C9726EC1 for ; Fri, 8 Feb 2019 12:37:11 -0500 (EST) Date: Fri, 8 Feb 2019 20:37:09 +0300 From: Konstantin Osipov Subject: [tarantool-patches] Re: [PATCH] sql: prohibit negative values under LIMIT clause Message-ID: <20190208173709.GI4588@chai> References: <20190204095108.18768-1-szudin@tarantool.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190204095108.18768-1-szudin@tarantool.org> Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-subscribe: List-owner: List-post: List-archive: To: tarantool-patches@freelists.org Cc: korablev@tarantool.org, Stanislav Zudin * Stanislav Zudin [19/02/04 14:32]: > + const char *negativeLimitError = > + "Only positive numbers allowed " > + "in the LIMIT clause"; We should use diag_set, to ensure error are visible to the documentation team and can be localized in the future. > if (p->iLimit) > return; > > @@ -2098,6 +2101,13 @@ computeLimitRegisters(Parse * pParse, Select * p, int iBreak) > v = sqlite3GetVdbe(pParse); > assert(v != 0); > if (sqlite3ExprIsInteger(p->pLimit, &n)) { > + if (n < 0) { > + sqlite3VdbeAddOp4(v, OP_Halt, > + SQLITE_MISMATCH, > + 0, 0, negativeLimitError, > + P4_STATIC); > + } > + I don't think we should do any check for limit values during parsing, since limit should allow bind parameters anyway. This could should become superfluous if the patch is done right. > + int lPosOffsetValue = sqlite3VdbeMakeLabel(v); > + const char *negativeOffsetError = > + "Only positive numbers allowed " > + "in the OFFSET clause"; Ugh, same message is copied multiple times?! -- Konstantin Osipov, Moscow, Russia, +7 903 626 22 32 http://tarantool.io - www.twitter.com/kostja_osipov