James Hawkins : msi: Make sure a constant string's quotes match up.
Alexandre Julliard
julliard at winehq.org
Thu Feb 26 09:04:58 CST 2009
Module: wine
Branch: master
Commit: 60ad75eade5b613b23f22f295d58d8450533a8c0
URL: http://source.winehq.org/git/wine.git/?a=commit;h=60ad75eade5b613b23f22f295d58d8450533a8c0
Author: James Hawkins <truiken at gmail.com>
Date: Wed Feb 25 19:43:54 2009 -0800
msi: Make sure a constant string's quotes match up.
---
dlls/msi/sql.y | 31 +++++++++++++++++++------------
dlls/msi/tests/db.c | 5 ++++-
2 files changed, 23 insertions(+), 13 deletions(-)
diff --git a/dlls/msi/sql.y b/dlls/msi/sql.y
index 7deae21..0ddbc64 100644
--- a/dlls/msi/sql.y
+++ b/dlls/msi/sql.y
@@ -49,7 +49,7 @@ typedef struct tag_SQL_input
struct list *mem;
} SQL_input;
-static LPWSTR SQL_getstring( void *info, const struct sql_str *str );
+static UINT SQL_getstring( void *info, const struct sql_str *strdata, LPWSTR *str );
static INT SQL_getint( void *info );
static int sql_lex( void *SQL_lval, SQL_input *info );
@@ -677,8 +677,7 @@ table:
id:
TK_ID
{
- $$ = SQL_getstring( info, &$1 );
- if( !$$ )
+ if ( SQL_getstring( info, &$1, &$$ ) != ERROR_SUCCESS || !$$ )
YYABORT;
}
;
@@ -757,11 +756,15 @@ static int sql_lex( void *SQL_lval, SQL_input *sql )
return token;
}
-LPWSTR SQL_getstring( void *info, const struct sql_str *strdata )
+UINT SQL_getstring( void *info, const struct sql_str *strdata, LPWSTR *str )
{
LPCWSTR p = strdata->data;
UINT len = strdata->len;
- LPWSTR str;
+
+ /* match quotes */
+ if( ( (p[0]=='`') && (p[len-1]!='`') ) ||
+ ( (p[0]=='\'') && (p[len-1]!='\'') ) )
+ return ERROR_FUNCTION_FAILED;
/* if there's quotes, remove them */
if( ( (p[0]=='`') && (p[len-1]=='`') ) ||
@@ -770,13 +773,13 @@ LPWSTR SQL_getstring( void *info, const struct sql_str *strdata )
p++;
len -= 2;
}
- str = parser_alloc( info, (len + 1)*sizeof(WCHAR) );
- if( !str )
- return str;
- memcpy( str, p, len*sizeof(WCHAR) );
- str[len]=0;
+ *str = parser_alloc( info, (len + 1)*sizeof(WCHAR) );
+ if( !*str )
+ return ERROR_OUTOFMEMORY;
+ memcpy( *str, p, len*sizeof(WCHAR) );
+ (*str)[len]=0;
- return str;
+ return ERROR_SUCCESS;
}
INT SQL_getint( void *info )
@@ -867,7 +870,11 @@ static struct expr * EXPR_sval( void *info, const struct sql_str *str )
if( e )
{
e->type = EXPR_SVAL;
- e->u.sval = SQL_getstring( info, str );
+ if( SQL_getstring( info, str, (LPWSTR *)&e->u.sval ) != ERROR_SUCCESS )
+ {
+ msi_free( e );
+ return NULL;
+ }
}
return e;
}
diff --git a/dlls/msi/tests/db.c b/dlls/msi/tests/db.c
index cb58de0..7629bc3 100644
--- a/dlls/msi/tests/db.c
+++ b/dlls/msi/tests/db.c
@@ -651,7 +651,10 @@ static void test_msibadqueries(void)
ok(r == ERROR_SUCCESS , "query failed\n");
r = try_query( hdb, "select * from c where b = 'x");
- todo_wine ok(r == ERROR_BAD_QUERY_SYNTAX, "query failed\n");
+ ok(r == ERROR_BAD_QUERY_SYNTAX, "query failed\n");
+
+ r = try_query( hdb, "select * from c where b = 'x'");
+ ok(r == ERROR_SUCCESS, "query failed\n");
r = try_query( hdb, "select * from 'c'");
ok(r == ERROR_BAD_QUERY_SYNTAX, "query failed\n");
More information about the wine-cvs
mailing list