SQLite: Check-in [e4579e50]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview

Comment:	Comment changes clarifying details of the pointer-type parameter. No changes to code.
Downloads:	Tarball \| ZIP archive \| SQL archive
Timelines:	family \| ancestors \| descendants \| both \| branch-3.20
Files:	files \| file ages \| folders
SHA3-256:	e4579e50a1ece4f65dfdae39d5c1670f0e3f7d4824e7d242f07ec9859d15155f
User & Date:	drh 2017-07-17 12:41:29

Context

2017-07-17
15:38		Improved the interface to the fts5() extension mechanism for enhanced security. (check-in: bc78235f user: drh tags: branch-3.20)
13:37		Merge the pointer-type enhancement from the 3.20 branch. (check-in: 9e8e1c4a user: drh tags: trunk)
12:41		Comment changes clarifying details of the pointer-type parameter. No changes to code. (check-in: e4579e50 user: drh tags: branch-3.20)
12:27		Add the pointer-type parameter to sqlite3_bind_pointer(), sqlite3_result_pointer(), and sqlite3_value_pointer(). The pointer type is a static string that must match (according to strcmp()) or else the pointer is passed as a NULL. This is a security measure to prevent crossing pointers between different extensions. (check-in: e1196567 user: drh tags: branch-3.20)

Changes

Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to ext/misc/remember.c.

**    UPDATE counterTab SET cnt=remember(cnt,$PTR)+1 WHERE id=$ID
**
** Prepare the above statement once.  Then to use it, bind the address
** of the output variable to $PTR using sqlite3_bind_pointer() with a
** pointer type of "carray" and bind the id of the counter to $ID and
** run the prepared statement.
**



** One can imagine doing similar things with floating-point values and
** strings, but this demonstration extension will stick to using just
** integers.
*/
#include "sqlite3ext.h"
SQLITE_EXTENSION_INIT1
#include <assert.h>








>
>
>

**    UPDATE counterTab SET cnt=remember(cnt,$PTR)+1 WHERE id=$ID
**
** Prepare the above statement once.  Then to use it, bind the address
** of the output variable to $PTR using sqlite3_bind_pointer() with a
** pointer type of "carray" and bind the id of the counter to $ID and
** run the prepared statement.
**
** This implementation of the remember() function uses a "carray"
** pointer so that it can share pointers with the carray() extension.
**
** One can imagine doing similar things with floating-point values and
** strings, but this demonstration extension will stick to using just
** integers.
*/
#include "sqlite3ext.h"
SQLITE_EXTENSION_INIT1
#include <assert.h>

Changes to src/sqlite.h.in.

** ^The sqlite3_bind_pointer(S,I,P,T) routine causes the I-th parameter in
** [prepared statement] S to have an SQL value of NULL, but to also be
** associated with the pointer P of type T.
** ^The sqlite3_bind_pointer() routine can be used to pass
** host-language pointers into [application-defined SQL functions].
** ^A parameter that is initialized using [sqlite3_bind_pointer()] appears
** to be an ordinary SQL NULL value to everything other than
** [sqlite3_value_pointer()].
**
** ^If any of the sqlite3_bind_*() routines are called with a NULL pointer
** for the [prepared statement] or with a prepared statement for which
** [sqlite3_step()] has been called more recently than [sqlite3_reset()],
** then the call will return [SQLITE_MISUSE].  If any sqlite3_bind_()
** routine is passed a [prepared statement] that has been finalized, the
** result is undefined and probably harmful.
................................................................................
** kind of [sqlite3_value] object can be used with this interface.
**
** ^The sqlite3_result_pointer(C,P,T) interface sets the result to an
** SQL NULL value, just like [sqlite3_result_null(C)], except that it
** also associates the host-language pointer P or type T with that 
** NULL value such that the pointer can be retrieved within an
** [application-defined SQL function] using [sqlite3_value_pointer()].

** This mechanism can be used to pass non-SQL values between
** application-defined functions.
**
** If these routines are called from within the different thread
** than the one containing the application-defined function that received
** the [sqlite3_context] pointer, the results are undefined.
*/

** ^The sqlite3_bind_pointer(S,I,P,T) routine causes the I-th parameter in
** [prepared statement] S to have an SQL value of NULL, but to also be
** associated with the pointer P of type T.
** ^The sqlite3_bind_pointer() routine can be used to pass
** host-language pointers into [application-defined SQL functions].
** ^A parameter that is initialized using [sqlite3_bind_pointer()] appears
** to be an ordinary SQL NULL value to everything other than
** [sqlite3_value_pointer()].  The T parameter should be a static string.
**
** ^If any of the sqlite3_bind_*() routines are called with a NULL pointer
** for the [prepared statement] or with a prepared statement for which
** [sqlite3_step()] has been called more recently than [sqlite3_reset()],
** then the call will return [SQLITE_MISUSE].  If any sqlite3_bind_()
** routine is passed a [prepared statement] that has been finalized, the
** result is undefined and probably harmful.
................................................................................
** kind of [sqlite3_value] object can be used with this interface.
**
** ^The sqlite3_result_pointer(C,P,T) interface sets the result to an
** SQL NULL value, just like [sqlite3_result_null(C)], except that it
** also associates the host-language pointer P or type T with that 
** NULL value such that the pointer can be retrieved within an
** [application-defined SQL function] using [sqlite3_value_pointer()].
** The T parameter should be a static string.
** This mechanism can be used to pass non-SQL values between
** application-defined functions.
**
** If these routines are called from within the different thread
** than the one containing the application-defined function that received
** the [sqlite3_context] pointer, the results are undefined.
*/