From a93eb3659470fa52b0a1ce36569acf8029f7c401 Mon Sep 17 00:00:00 2001 From: Kalpesh Krishna Date: Wed, 23 Sep 2015 09:01:00 +0200 Subject: [PATCH] Bug 1188760 - Added a regex check to execute and executeCached of Sqlite.jsm. r=mak --- toolkit/modules/Sqlite.jsm | 20 +++++++++++++++++++ toolkit/modules/tests/xpcshell/test_sqlite.js | 9 +++++++++ 2 files changed, 29 insertions(+) diff --git a/toolkit/modules/Sqlite.jsm b/toolkit/modules/Sqlite.jsm index 462300a1f6c..6cf33da3cd5 100644 --- a/toolkit/modules/Sqlite.jsm +++ b/toolkit/modules/Sqlite.jsm @@ -38,6 +38,9 @@ XPCOMUtils.defineLazyModuleGetter(this, "PromiseUtils", XPCOMUtils.defineLazyModuleGetter(this, "console", "resource://gre/modules/devtools/shared/Console.jsm"); +// Regular expression used by isInvalidBoundLikeQuery +var likeSqlRegex = /\bLIKE\b\s(?![@:?])/i; + // Counts the number of created connections per database basename(). This is // used for logging to distinguish connection instances. var connectionCounters = new Map(); @@ -60,6 +63,17 @@ var Debugging = { failTestsOnAutoClose: true }; +/** + * Helper function to check whether LIKE is implemented using proper bindings. + * + * @param sql + * (string) The SQL query to be verified. + * @return boolean value telling us whether query was correct or not +*/ +function isInvalidBoundLikeQuery(sql) { + return likeSqlRegex.test(sql); +} + // Displays a script error message function logScriptError(message) { let consoleMessage = Cc["@mozilla.org/scripterror;1"]. @@ -1273,6 +1287,9 @@ OpenedConnection.prototype = Object.freeze({ * (function) Callback to receive each row from result. */ executeCached: function (sql, params=null, onRow=null) { + if (isInvalidBoundLikeQuery(sql)) { + throw new Error("Please enter a LIKE clause with bindings"); + } return this._connectionData.executeCached(sql, params, onRow); }, @@ -1292,6 +1309,9 @@ OpenedConnection.prototype = Object.freeze({ * (function) Callback to receive result of a single row. */ execute: function (sql, params=null, onRow=null) { + if (isInvalidBoundLikeQuery(sql)) { + throw new Error("Please enter a LIKE clause with bindings"); + } return this._connectionData.execute(sql, params, onRow); }, diff --git a/toolkit/modules/tests/xpcshell/test_sqlite.js b/toolkit/modules/tests/xpcshell/test_sqlite.js index 0eaab371704..dff42f5cf1e 100644 --- a/toolkit/modules/tests/xpcshell/test_sqlite.js +++ b/toolkit/modules/tests/xpcshell/test_sqlite.js @@ -275,6 +275,15 @@ add_task(function* test_execute_invalid_statement() { yield c.close(); }); +add_task(function* test_incorrect_like_bindings() { + let c = yield getDummyDatabase("incorrect_like_bindings"); + + let sql = "select * from dirs where path LIKE 'non%'"; + Assert.throws(() => c.execute(sql), /Please enter a LIKE clause/); + Assert.throws(() => c.executeCached(sql), /Please enter a LIKE clause/); + + yield c.close(); +}); add_task(function* test_on_row_exception_ignored() { let c = yield getDummyDatabase("on_row_exception_ignored");