From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tarantool-patches-bounces@dev.tarantool.org>
Received: from [87.239.111.99] (localhost [127.0.0.1])
	by dev.tarantool.org (Postfix) with ESMTP id 596346E21E;
	Mon, 13 Dec 2021 10:34:43 +0300 (MSK)
DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 596346E21E
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev;
	t=1639380883; bh=+nPNcqQN880v9LI7DUh5WaO6zgpcDgki+pCLJZ6VXSA=;
	h=Date:To:Cc:References:In-Reply-To:Subject:List-Id:
	 List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:
	 From:Reply-To:From;
	b=qOKMukOp46YQFGP0y6l8BGYU7aAIzSasiwwgpjPXltQnnlWx1I8N1wsEADyqWmKpA
	 Fl2suv9sSvsa/mCV7RESGZWMMenBeODA+mcyPdpbRcix99Oo0Iqs+1AodG2FE+BuSN
	 lvBqZwovjNPZrKu3rCwsCGKmxCnAIWWAARotrjxA=
Received: from smtpng1.i.mail.ru (smtpng1.i.mail.ru [94.100.181.251])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by dev.tarantool.org (Postfix) with ESMTPS id A13876ECDE
 for <tarantool-patches@dev.tarantool.org>;
 Mon, 13 Dec 2021 10:34:42 +0300 (MSK)
DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org A13876ECDE
Received: by smtpng1.m.smailru.net with esmtpa (envelope-from
 <imeevma@tarantool.org>)
 id 1mwfr7-0002vF-NJ; Mon, 13 Dec 2021 10:34:42 +0300
Date: Mon, 13 Dec 2021 10:34:40 +0300
To: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
Cc: tarantool-patches@dev.tarantool.org
Message-ID: <20211213073440.GA41198@tarantool.org>
References: <cover.1637244389.git.imeevma@gmail.com>
 <bdd4ececf501f97dcfbea220a47028b0cf7c3163.1637244389.git.imeevma@gmail.com>
 <f20d62b1-a6eb-ecd4-ed2d-2e699f2a4418@tarantool.org>
 <20211125083336.GA56448@tarantool.org>
 <819eff36-2d59-3328-e442-10703dbbda99@tarantool.org>
 <20211202083253.GA8207@tarantool.org>
 <aa6beb51-a836-f14a-774c-c2207ad0510d@tarantool.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <aa6beb51-a836-f14a-774c-c2207ad0510d@tarantool.org>
X-4EC0790: 10
X-7564579A: 646B95376F6C166E
X-77F55803: 4F1203BC0FB41BD9FFF274446F725B74F2BE858B52863E693DBDCDA487ECC700182A05F53808504014132775AE575E8B7B3193B6A3DC6BF9D80231F1F50C5D45E88EFAD14F37728A
X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE756275D70D2678981EA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F790063792EDBE6976DC04EF8F08D7030A58E5AD1A62830130A00468AEEEE3FBA3A834EE7353EFBB553375669241AEE7BCF7919EB13D5756E3A242DBA78B10F57ABB1D18A471835C12D1D9774AD6D5ED66289B5278DA827A17800CE7328B01A8D746D8839FA2833FD35BB23D2EF20D2F80756B5F868A13BD56FB6657A471835C12D1D977725E5C173C3A84C317B107DEF921CE79117882F4460429728AD0CFFFB425014E868A13BD56FB6657E2021AF6380DFAD1A18204E546F3947CB11811A4A51E3B096D1867E19FE1407959CC434672EE6371089D37D7C0E48F6C8AA50765F7900637BC468E7E89D8C5D6EFF80C71ABB335746BA297DBC24807EABDAD6C7F3747799A
X-C1DE0DAB: 0D63561A33F958A58EBC6A1589F99401385179B9341B9483C8E09F5C6A3ED663D59269BC5F550898D99A6476B3ADF6B47008B74DF8BB9EF7333BD3B22AA88B938A852937E12ACA759D2A03B9C34326B3410CA545F18667F91A7EA1CDA0B5A7A0
X-C8649E89: 4E36BF7865823D7055A7F0CF078B5EC49A30900B95165D342B8615F5CFAD9D023F86C912022C17FB4A8AB47912D0733ECB4DAEEF7235D7A1F08313632692F9621D7E09C32AA3244C342E07D8576EB22794E7164153A618A8B4DF56057A86259F729B2BEF169E0186
X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojHOet/aB0Csh9yh2jnhsn5w==
X-Mailru-Sender: 689FA8AB762F7393C37E3C1AEC41BA5DA9C71F3DFA244065361B6BD9ED37034183D72C36FC87018B9F80AB2734326CD2FB559BB5D741EB96352A0ABBE4FDA4210A04DAD6CC59E3365FEEDEB644C299C0ED14614B50AE0675
X-Mras: Ok
Subject: Re: [Tarantool-patches] [PATCH v1 1/2] sql: properly check bind
 variable names
X-BeenThere: tarantool-patches@dev.tarantool.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Tarantool development patches <tarantool-patches.dev.tarantool.org>
List-Unsubscribe: <https://lists.tarantool.org/mailman/options/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=unsubscribe>
List-Archive: <https://lists.tarantool.org/pipermail/tarantool-patches/>
List-Post: <mailto:tarantool-patches@dev.tarantool.org>
List-Help: <mailto:tarantool-patches-request@dev.tarantool.org?subject=help>
List-Subscribe: <https://lists.tarantool.org/mailman/listinfo/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=subscribe>
From: Mergen Imeev via Tarantool-patches <tarantool-patches@dev.tarantool.org>
Reply-To: Mergen Imeev <imeevma@tarantool.org>
Errors-To: tarantool-patches-bounces@dev.tarantool.org
Sender: "Tarantool-patches" <tarantool-patches-bounces@dev.tarantool.org>

Hi! Thank you for the review! My answers and diff below.

On Thu, Dec 09, 2021 at 01:31:34AM +0100, Vladislav Shpilevoy wrote:
> Hi! Thanks for the fixes!
> 
> >>>>> diff --git a/src/box/sql/expr.c b/src/box/sql/expr.c
> >>>>> index eb169aeb8..74a98c550 100644
> >>>>> --- a/src/box/sql/expr.c
> >>>>> +++ b/src/box/sql/expr.c
> >>>>> @@ -1314,6 +1314,52 @@ sqlExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
> >>>>>  	}
> >>>>>  }
> >>>>>  
> >>>>> +struct Expr *
> >>>>> +expr_variable(struct Parse *parse, struct Token *spec, struct Token *id)
> >>>>
> >>>> 1. You might want to call it expr_new_variable(). Or sql_expr_new_variable().
> >>>> To be consistent with our naming policy for constructors allocating memory
> >>>> and for consistency with with sql_expr_new_column(), sql_expr_new(),
> >>>> sql_expr_new_dequoted(), sql_expr_new_named(), sql_expr_new_anon().
> >>>>
> >>> Thank you! I renamed it to expr_new_variable(). I believe we should drop 'sql_'
> >>> prefix for functions that only accessible in SQL.
> >>
> >> It would work for static functions. But if a function is visible in other
> >> modules as a symbol, then you would get a conflict during linking if we
> >> ever introduce another 'struct expr' somewhere. Even if they do not interest
> >> anywhere in the code. However I don't mind leaving it as is. It can be fixed
> >> later if ever needed.
> >>
> > I agree. However, I think we need to rework all the places where BOX uses
> > internal SQL functions and structures. In this case, the struct expr should
> > never be available in the BOX, so there should be no conflicts.
> 
> It is a misunderstanding. It does not matter if you use a function in box or
> not. If it is not static and is defined in 2 places - you will get a conflict
> during link stage. Try to add a function with the same name to any file in
> sql and to any file in box. Something like
> 
> 	void
> 	link_test123(void)
> 	{
> 		printf("in link test\n");
> 	}
> 
> (in a .cc file you would need to add 'extern "C"' for it). It will raise an
> error during build. I added it to expr.c and to box.cc (with 'extern "C"'):
> 
> 	duplicate symbol '_link_test123' in:
> 	    ../../src/box/libbox.a(box.cc.o)
> 	    ../../src/box/libbox.a(expr.c.o)
> 	ld: 1 duplicate symbol for architecture x86_64
> 
Got it, thanks for the explanation. It might be better to rename "struct Expr"
to "struct sql_expr", in which case we will naturally use the sql_expr_ * prefix
for such functions. How do you think?

> It means if we ever have another expr, there will be a conflict. Does not
> matter if they intersect in code. We will get a compile error even on the
> struct name duplicate I think. But not sure.
> 
> See 2 comments below.
> 
> > diff --git a/src/box/sql/expr.c b/src/box/sql/expr.c
> > index eb169aeb8..e832984c3 100644
> > --- a/src/box/sql/expr.c
> > +++ b/src/box/sql/expr.c
> > @@ -1314,6 +1314,52 @@ sqlExprAssignVarNumber(Parse * pParse, Expr * pExpr, u32 n)
> >  	}
> >  }
> >  
> > +struct Expr *
> > +expr_new_variable(struct Parse *parse, const struct Token *spec,
> > +		  const struct Token *id)
> > +{
> > +	assert(spec != NULL && spec->n == 1);
> > +	uint32_t len = 1;
> > +	if (parse->parse_only) {
> > +		diag_set(ClientError, ER_SQL_PARSER_GENERIC_WITH_POS,
> > +			 parse->line_count, parse->line_pos,
> > +			 "bindings are not allowed in DDL");
> > +		parse->is_aborted = true;
> > +		return NULL;
> > +	}
> > +	if (id != NULL) {
> > +		assert(spec->z[0] != '?');
> > +		if (id->z - spec->z != 1) {
> > +			diag_set(ClientError, ER_SQL_UNKNOWN_TOKEN,
> > +				 parse->line_count, spec->z - parse->zTail + 1,
> > +				 spec->n, spec->z);
> > +			parse->is_aborted = true;
> > +			return NULL;
> > +		}
> > +		if (spec->z[0] == '#' && sqlIsdigit(id->z[0])) {
> > +			diag_set(ClientError, ER_SQL_SYNTAX_NEAR_TOKEN,
> > +				 parse->line_count, spec->n, spec->z);
> > +			parse->is_aborted = true;
> > +			return NULL;
> > +		}
> > +		len += id->n;
> > +	}
> > +	struct Expr *expr = sql_expr_new_empty(parse->db, TK_VARIABLE, len + 1);
> > +	expr->type = FIELD_TYPE_BOOLEAN;
> 
> 1. It will crash in case allocation fails and expr == NULL. Although maybe
> it is not important if we plan to add panic() on malloc failure in SQL. The
> same way as it already works in xmalloc().
> 
True, fixed.

> > +	expr->flags = EP_Leaf;
> > +	expr->iAgg = -1;
> 
> 2. iAgg -1 is already set in sql_expr_new_empty(). nHeight too. And
> then the assert about SQL_MAX_EXPR_DEPTH > 0 is not needed either.
Thanks, dropped.


Diff:

diff --git a/src/box/sql/expr.c b/src/box/sql/expr.c
index e832984c3..8df314b17 100644
--- a/src/box/sql/expr.c
+++ b/src/box/sql/expr.c
@@ -1345,16 +1345,15 @@ expr_new_variable(struct Parse *parse, const struct Token *spec,
 		len += id->n;
 	}
 	struct Expr *expr = sql_expr_new_empty(parse->db, TK_VARIABLE, len + 1);
+	if (expr == NULL)
+		return NULL;
 	expr->type = FIELD_TYPE_BOOLEAN;
 	expr->flags = EP_Leaf;
-	expr->iAgg = -1;
 	expr->u.zToken = (char *)(expr + 1);
 	expr->u.zToken[0] = spec->z[0];
 	if (id != NULL)
 		memcpy(expr->u.zToken + 1, id->z, id->n);
 	expr->u.zToken[len] = '\0';
-	assert(SQL_MAX_EXPR_DEPTH > 0);
-	expr->nHeight = 1;
 
 	sqlExprAssignVarNumber(parse, expr, len);
 	return expr;