James Hawkins : msi: Make sure a constant string's quotes match up.

Alexandre Julliard julliard at winehq.org
Thu Feb 26 09:04:58 CST 2009


Module: wine
Branch: master
Commit: 60ad75eade5b613b23f22f295d58d8450533a8c0
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=60ad75eade5b613b23f22f295d58d8450533a8c0

Author: James Hawkins <truiken at gmail.com>
Date:   Wed Feb 25 19:43:54 2009 -0800

msi: Make sure a constant string's quotes match up.

---

 dlls/msi/sql.y      |   31 +++++++++++++++++++------------
 dlls/msi/tests/db.c |    5 ++++-
 2 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/dlls/msi/sql.y b/dlls/msi/sql.y
index 7deae21..0ddbc64 100644
--- a/dlls/msi/sql.y
+++ b/dlls/msi/sql.y
@@ -49,7 +49,7 @@ typedef struct tag_SQL_input
     struct list *mem;
 } SQL_input;
 
-static LPWSTR SQL_getstring( void *info, const struct sql_str *str );
+static UINT SQL_getstring( void *info, const struct sql_str *strdata, LPWSTR *str );
 static INT SQL_getint( void *info );
 static int sql_lex( void *SQL_lval, SQL_input *info );
 
@@ -677,8 +677,7 @@ table:
 id:
     TK_ID
         {
-            $$ = SQL_getstring( info, &$1 );
-            if( !$$ )
+            if ( SQL_getstring( info, &$1, &$$ ) != ERROR_SUCCESS || !$$ )
                 YYABORT;
         }
     ;
@@ -757,11 +756,15 @@ static int sql_lex( void *SQL_lval, SQL_input *sql )
     return token;
 }
 
-LPWSTR SQL_getstring( void *info, const struct sql_str *strdata )
+UINT SQL_getstring( void *info, const struct sql_str *strdata, LPWSTR *str )
 {
     LPCWSTR p = strdata->data;
     UINT len = strdata->len;
-    LPWSTR str;
+
+    /* match quotes */
+    if( ( (p[0]=='`') && (p[len-1]!='`') ) ||
+        ( (p[0]=='\'') && (p[len-1]!='\'') ) )
+        return ERROR_FUNCTION_FAILED;
 
     /* if there's quotes, remove them */
     if( ( (p[0]=='`') && (p[len-1]=='`') ) ||
@@ -770,13 +773,13 @@ LPWSTR SQL_getstring( void *info, const struct sql_str *strdata )
         p++;
         len -= 2;
     }
-    str = parser_alloc( info, (len + 1)*sizeof(WCHAR) );
-    if( !str )
-        return str;
-    memcpy( str, p, len*sizeof(WCHAR) );
-    str[len]=0;
+    *str = parser_alloc( info, (len + 1)*sizeof(WCHAR) );
+    if( !*str )
+        return ERROR_OUTOFMEMORY;
+    memcpy( *str, p, len*sizeof(WCHAR) );
+    (*str)[len]=0;
 
-    return str;
+    return ERROR_SUCCESS;
 }
 
 INT SQL_getint( void *info )
@@ -867,7 +870,11 @@ static struct expr * EXPR_sval( void *info, const struct sql_str *str )
     if( e )
     {
         e->type = EXPR_SVAL;
-        e->u.sval = SQL_getstring( info, str );
+        if( SQL_getstring( info, str, (LPWSTR *)&e->u.sval ) != ERROR_SUCCESS )
+        {
+            msi_free( e );
+            return NULL;
+        }
     }
     return e;
 }
diff --git a/dlls/msi/tests/db.c b/dlls/msi/tests/db.c
index cb58de0..7629bc3 100644
--- a/dlls/msi/tests/db.c
+++ b/dlls/msi/tests/db.c
@@ -651,7 +651,10 @@ static void test_msibadqueries(void)
     ok(r == ERROR_SUCCESS , "query failed\n");
 
     r = try_query( hdb, "select * from c where b = 'x");
-    todo_wine ok(r == ERROR_BAD_QUERY_SYNTAX, "query failed\n");
+    ok(r == ERROR_BAD_QUERY_SYNTAX, "query failed\n");
+
+    r = try_query( hdb, "select * from c where b = 'x'");
+    ok(r == ERROR_SUCCESS, "query failed\n");
 
     r = try_query( hdb, "select * from 'c'");
     ok(r == ERROR_BAD_QUERY_SYNTAX, "query failed\n");




More information about the wine-cvs mailing list