List:MySQL++« Previous MessageNext Message »
From:Boaz Yaniv Date:April 18 2013 8:37pm
Subject:Interface bug in mysqlpp::mysql_type_info (@ type_info.h)
View as plain text  
Hi all,

The documentation for mysqlpp::mysql_type_info::base_type() states that you
should get the same result as c_type(), but not wrapped in the Null<>
template, in case the MySQL field type is nullable:

Returns the type_info for the C++ type inside the mysqlpp::Null type.  If
the type is not Null then this is the same as c_type().

The documentation is incorrect on two counts:

   1. base_type() returns a mysql_type_info and not an std::type_info.
   2. The return type *is not* the same as the as the type inside the
Null<>template when the MySQL field type is UNSIGNED, because the
implementation
   does not strip just the nullability flag, but also the unsigned flag.

The first issue is minor: it is just a matter of fixing the documentation
to reflect what the function really does (which is arguably more a better
design decision than returning the std::type_info directly anyway).

The second issue is rather serious, since it can result in very subtle bugs
and dangerous security vulnerabilities due to type mismatches.

My solution (in the attached patch) was to follow the documentation and
avoid eliding the unsigned flag, since I can't imagine a case where it
would be needed.

- Boaz

Attachment: [text/html]
Thread
Interface bug in mysqlpp::mysql_type_info (@ type_info.h)Boaz Yaniv18 Apr