Do not require an open connection for MySQL string escaping #1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kirs
reviewed
Mar 12, 2019
| @@ -887,11 +887,11 @@ def run_gc | |||
| end.not_to raise_error | |||
| end | |||
|
|
|||
| it "should require an open connection" do | |||
| it "should not require an open connection" do | |||
There was a problem hiding this comment.
Should we change this to allows to escape on a closed connection?
There was a problem hiding this comment.
I feel like it's basically the same thing. It's running in the #escape context.
| @@ -50,6 +52,12 @@ static ID intern_brackets, intern_merge, intern_merge_bang, intern_new_with_args | |||
| rb_raise(cMysql2Error, "MySQL connection is already open"); \ | |||
| } | |||
|
|
|||
| #define REQUIRE_CONNECTED_ONCE(wrapper) \ | |||
| REQUIRE_INITIALIZED(wrapper) \ | |||
| if (!wrapper->client->server_version) { \ | |||
There was a problem hiding this comment.
Some others places in client.c use wrapper->server_version, is there a difference with wrapper->client->server_version?
There was a problem hiding this comment.
From my precursory look, it appears that wrapper->server_version is used to cache the response of mysql_get_server_version, which is an integer. wrapper->client->server_version should be a string representation of the server version that is set by the mysql client library upon connection.
csfrancis
force-pushed
the
no-connection-for-escape
branch
from
40e3b86 to
b91dc5d
Compare
4 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The detection of closed connections was made more robust by brianmario#1022. As a result, in situations where the connection was actually closed, calls to
rb_mysql_client_real_escapeare now raising an exception when they would not have before.This modifies the behaviour of the mysql2 gem to not require an open connection to perform an underlying call to
mysql_real_escape_string. This is effectively emulating the same behaviour as before brianmario#1022.I tried to write a test for the negative case that would raise when we haven't connected at least once. I could not come up with a way to create a
Mysql2::Clientinstance without performing a successfulconnect.