Gwendal, > > Le 3 août 2017 à 14:27, Peter Da Silva <peter.dasi...@flightaware.com> a > > écrit : > > > > On 8/3/17, 4:22 AM, "sqlite-users on behalf of Ulrich Telle" > > <sqlite-users-boun...@mailinglists.sqlite.org on behalf of > > ulrich.te...@gmx.de> wrote: > >> IMHO it would be better if the function sqlite3_bind_pointer would make a > >> copy of the type string and would thus be independent of the life span of > >> the type parameter. > > > > I believe that this was a deliberate choice to deter using temporary > > strings for type names. > > The reference (https://www.sqlite.org/bindptr.html) says:
Thanks for the pointer. I have to admit that I referred to http://sqlite.org/c3ref/bind_blob.html. > > Because pointer types must be static strings, and because string > > values in SQLite are dynamic strings, that means that SQL values > > cannot be used as a pointer type. This prevents misguided > > developers from creating a new SQL function that can manufacture > > pointer values directly from SQL. Such a function, if possible to > > write, would undermine the security of the pointer-passing APIs. > > Thus, the requirement that pointer types be static strings helps > > to prevent misuse of the pointer-passing interfaces. I really don't think that the latter is true. To overcome the restriction is extremly simple, if you don't care about memory leaks. Just do /* Assume that char* ptrType holds the pointer type string */ /* Create a copy of the pointer type string on the heap char* ptrTypeCopy = strdup(ptrType) sqlite3_bind_pointer(pStmt, argIndex, ptr, ptrTypeCopy, NULL); The function sqlite3_bind_pointer has no means to detect whether the passed pointer type ptrTypeCopy is indeed a static variable or a string literal. So at the expense of a memory leak it is a no-brainer to overcome the restriction. That is, developing SQL UDFs that are able to construct pointers from SQL data is not prevented by this restriction. Conclusion: Beware of loadable extensions that you haven't written (or at least compiled) yourself. Regards, Ulrich _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
