/* ** The subroutines above are not tested by the usual test suite. To test ** these routines, compile just this one file with a -DENCODER_TEST=1 option ** and run the result. */ int main(int argc, char **argv){ int i, j, n, m, nOut, nByteIn, nByteOut; unsigned char in[30000]; unsigned char out[33000]; nByteIn = nByteOut = 0; for(i=0; i<sizeof(in); i++){ printf("Test %d: ", i+1); n = rand() % (i+1); if( i%100==0 ){ int k; for(j=k=0; j<n; j++){ /* if( k==0 || k=='\'' ) k++; */ in[j] = k; k = (k+1)&0xff; } }else{ for(j=0; j<n; j++) in[j] = rand() & 0xff; } nByteIn += n; nOut = sqlite_encode_binary(in, n, out); nByteOut += nOut; if( nOut!=strlen(out) ){ printf(" ERROR return value is %d instead of %d\n", nOut, strlen(out)); exit(1); } if( nOut!=sqlite_encode_binary(in, n, 0) ){ printf(" ERROR actual output size disagrees with predicted size\n"); exit(1); } m = (256*n + 1262)/253; printf("size %d->%d (max %d)", n, strlen(out)+1, m); if( strlen(out)+1>m ){ printf(" ERROR output too big\n"); exit(1); } for(j=0; out[j]; j++){ if( out[j]=='\'' ){ printf(" ERROR contains (')\n"); exit(1); } } j = sqlite_decode_binary(out, out); if( j!=n ){ printf(" ERROR decode size %d\n", j); exit(1); } if( memcmp(in, out, n)!=0 ){ printf(" ERROR decode mismatch\n"); exit(1); } printf(" OK\n"); } fprintf(stderr,"Finished. Total encoding: %d->%d bytes\n", nByteIn, nByteOut); fprintf(stderr,"Avg size increase: %.3f%%\n", (nByteOut-nByteIn)*100.0/(double)nByteIn); }
int _ds_set_signature (DSPAM_CTX * CTX, struct _ds_spam_signature *SIG, const char *signature) { struct _sqlite_drv_storage *s = (struct _sqlite_drv_storage *) CTX->storage; unsigned long length; char *mem; char scratch[1024]; buffer *query; char *err=NULL; if (s->dbh == NULL) { LOGDEBUG ("_ds_set_signature; invalid database handle (NULL)"); return EINVAL; } query = buffer_create (NULL); if (query == NULL) { LOG (LOG_CRIT, ERR_MEM_ALLOC); return EUNKNOWN; } mem = calloc (1, 2 + (257*SIG->length)/254); if (mem == NULL) { LOG (LOG_CRIT, ERR_MEM_ALLOC); buffer_destroy(query); return EUNKNOWN; } length = sqlite_encode_binary(SIG->data, SIG->length, (unsigned char *) mem); if (length<0) { LOG(LOG_ERR, "sqlite_encode_binary() failed on error %d", length); buffer_destroy(query); return EFAILURE; } snprintf (scratch, sizeof (scratch), "insert into dspam_signature_data(signature, created_on, data) " "values(\"%s\", date('now'), '", signature); buffer_cat (query, scratch); buffer_cat (query, mem); buffer_cat (query, "')"); if ((sqlite_exec(s->dbh, query->data, NULL, NULL, &err))!=SQLITE_OK) { _sqlite_drv_query_error (err, query->data); buffer_destroy(query); free(mem); return EFAILURE; } free (mem); buffer_destroy(query); return 0; }
bool queryCallback(void *p_context, int p_placeholder, DBBuffer& p_output) { QueryMetadata *t_query_metadata; t_query_metadata = (QueryMetadata *)p_context; DBString t_parameter_value; t_parameter_value = t_query_metadata -> arguments[p_placeholder - 1]; void *t_escaped_string; t_escaped_string = NULL; size_t t_escaped_string_length; t_escaped_string_length = 0; if (t_parameter_value . isbinary) { // According to documentation in sqlitedecode.cpp, this is the required size of output buffer t_escaped_string = malloc(2 + (257 * t_parameter_value . length) / 254); t_escaped_string_length = sqlite_encode_binary((const unsigned char *)t_parameter_value . sptr, t_parameter_value . length, (unsigned char *)t_escaped_string); } else { if (t_parameter_value . length != 0) { // Null terminate the value char *t_value; t_value = (char *)malloc(t_parameter_value . length + 1); memcpy(t_value, t_parameter_value . sptr, t_parameter_value . length); t_value[t_parameter_value . length] = '\0'; // Escape quotes by manually replacing then with the string "''" t_escaped_string = replaceString(t_value, "\'\0", "\'\'\0"); t_escaped_string_length = strlen((const char *)t_escaped_string); free(t_value); } } p_output . ensure(t_escaped_string_length + 2); memcpy(p_output . getFrontier(), "'", 1); p_output . advance(1); if (t_escaped_string != NULL) { memcpy(p_output . getFrontier(), t_escaped_string, t_escaped_string_length); p_output . advance(t_escaped_string_length); } memcpy(p_output . getFrontier(), "'", 1); p_output . advance(1); free(t_escaped_string); return true; }
/* ** The subroutines above are not tested by the usual test suite. To test ** these routines, compile just this one file with a -DENCODER_TEST=1 option ** and run the result. */ int main(int argc, char **argv){ int i, j, n, m, nOut; unsigned char in[30000]; unsigned char out[33000]; for(i=0; i<sizeof(in); i++){ printf("Test %d: ", i+1); n = rand() % (i+1); if( i%100==0 ){ int k; for(j=k=0; j<n; j++){ /* if( k==0 || k=='\'' ) k++; */ in[j] = k; k = (k+1)&0xff; } }else{ for(j=0; j<n; j++) in[j] = rand() & 0xff; } nOut = sqlite_encode_binary(in, n, out); if( nOut!=strlen(out) ){ printf(" ERROR return value is %d instead of %d\n", nOut, strlen(out)); exit(1); } m = (256*n + 1262)/253; printf("size %d->%d (max %d)", n, strlen(out)+1, m); if( strlen(out)+1>m ){ printf(" ERROR output too big\n"); exit(1); } for(j=0; out[j]; j++){ if( out[j]=='\'' ){ printf(" ERROR contains (')\n"); exit(1); } } j = sqlite_decode_binary(out, out); if( j!=n ){ printf(" ERROR decode size %d\n", j); exit(1); } if( memcmp(in, out, n)!=0 ){ printf(" ERROR decode mismatch\n"); exit(1); } printf(" OK\n"); } }