The following mundane code is surprisingly unsafe:
sqlite3pp::query query(db, "SELECT ...");
for (auto row : query) {
for (int col = 0; col < query.column_count(); ++col) {
std::cout << row.get<std::string>(col) << std::endl;
}
}
When we row.get<std::string>(col) we expect to get a string. However, if the result contains any NULL cells we will get an undefined object and there is very little a user can do about it. The library may SIGSEGV before a user can detect it. This is because the implementation simply performs a naive cast from char const* to std::string. If the cell is NULL, then it will effectively return std::string(nullptr) which is undefined behaviour.
A work-around that could be done from the user's side is:
sqlite3pp::query query(db, "SELECT ...");
for (auto row : query)
{
for (int col = 0; col < query.column_count(); ++col)
{
auto c = row.get<char const*>(col);
std::cout << c ? std::string(c) : std::string() << std::endl;
}
}
But this is really just a way to avoid the unsafe query::rows::get(int idx, std::string). We could use row.get<char const*>(col) to check for null, then do the row.get<std::string>(), but in that case, we should just do the char->string cast ourselves and avoid a potentially expensive call.
The solution (suggested here) is to put that work-around in the library itself, making the function useful again.
The drawback is that the user can't use this function to differentiate between empty and null, but they couldn't use this function for that purpose before either. However, I don't think this is too bad.
The underlying library (libsqlite3.so) will not crash like this if sqlite3_column_*() is called on a NULL cell. While sqlite3_column_text() returns a null pointer, this is meer convenience because it is possible. sqlite3_column_double() returns 0.0 and sqlite3_column_int() returns 0. Re-using this philosophy, returning a default-constructed object is a reasonable response to NULL data, and certainly more reasonable than returning an undefined object which may SIGSEGV before the user can do anything with it.
This PR addresses issue #67
The following mundane code is surprisingly unsafe:
When we
row.get<std::string>(col)we expect to get a string. However, if the result contains anyNULLcells we will get an undefined object and there is very little a user can do about it. The library maySIGSEGVbefore a user can detect it. This is because the implementation simply performs a naive cast fromchar const*tostd::string. If the cell isNULL, then it will effectivelyreturn std::string(nullptr)which is undefined behaviour.A work-around that could be done from the user's side is:
But this is really just a way to avoid the unsafe
query::rows::get(int idx, std::string). We could userow.get<char const*>(col)to check for null, then do therow.get<std::string>(), but in that case, we should just do the char->string cast ourselves and avoid a potentially expensive call.The solution (suggested here) is to put that work-around in the library itself, making the function useful again.
The drawback is that the user can't use this function to differentiate between empty and null, but they couldn't use this function for that purpose before either. However, I don't think this is too bad.
The underlying library (
libsqlite3.so) will not crash like this ifsqlite3_column_*()is called on aNULLcell. Whilesqlite3_column_text()returns a null pointer, this is meer convenience because it is possible.sqlite3_column_double()returns0.0andsqlite3_column_int()returns0. Re-using this philosophy, returning a default-constructed object is a reasonable response toNULLdata, and certainly more reasonable than returning an undefined object which maySIGSEGVbefore the user can do anything with it.