Documentation Source Text

Check-in [6604546bb4]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Amplify one of the points justifying static string pointer types.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 6604546bb42d4923a94480ed780cc95f534f095d119c44dc8d305079b5b2a344
User & Date: drh 2017-08-03 14:35:20.486
Context
2017-08-03
15:47
Fix another typo in the bindptr.html document. (check-in: 8d2c7aa89d user: drh tags: trunk)
14:35
Amplify one of the points justifying static string pointer types. (check-in: 6604546bb4 user: drh tags: trunk)
14:18
Fix typo in the pointer-passing document. (check-in: 2de67f2a1a user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to pages/bindptr.in. 
312
313
314
315
316
317
318
319






320
321
322
323
324
325
326

All string values at the SQL level in SQLite are dynamic strings.  
Requiring type strings to be static makes it difficult to 
create an application-defined SQL function that
can synthesize a pointer of an arbitrary type.  We do not want users
to create such SQL functions, since such functions would compromise the
security of the system.  Thus, the requirement to use static strings
helps to defend that the integrity of the pointer-passing interfaces against
ill-designed SQL functions.







<li><p>
Having SQLite take ownership of the type strings would impose a performance
cost on all applications, even applications that do not use the 
pointer-passing interfaces.  SQLite passes values around as instances
of the [sqlite3_value] object.  That object has a destructor, which because
of the fact that sqlite3_value objects are used for nearly everything, is








|
>
>
>
>
>
>








312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332

All string values at the SQL level in SQLite are dynamic strings.  
Requiring type strings to be static makes it difficult to 
create an application-defined SQL function that
can synthesize a pointer of an arbitrary type.  We do not want users
to create such SQL functions, since such functions would compromise the
security of the system.  Thus, the requirement to use static strings
helps to defend that the integrity of the pointer-passing interfaces against
ill-designed SQL functions.  The static string requirement is not
a perfect defense, since a sophisticated programmer can code around
it, and a novice program can simply take the memory leak.  But by
stating that the pointer type string must be static, we hope to encourage
developers who might otherwise use a dynamic string for the pointer type
to think more carefully about the problem and avoid introducing
security issues.

<li><p>
Having SQLite take ownership of the type strings would impose a performance
cost on all applications, even applications that do not use the 
pointer-passing interfaces.  SQLite passes values around as instances
of the [sqlite3_value] object.  That object has a destructor, which because
of the fact that sqlite3_value objects are used for nearly everything, is