diff options
| author | zuul <zuul@gerrit.asterisk.org> | 2017-02-21 06:26:30 -0600 |
|---|---|---|
| committer | Gerrit Code Review <gerrit2@gerrit.digium.api> | 2017-02-21 06:26:30 -0600 |
| commit | 144b09ab41274498637a6cd8601f653658ecca8b (patch) | |
| tree | 3d591d97e10cc18e3adfc88748fc7cb0ae32b19b /res/res_config_sqlite3.c | |
| parent | 50e984115dead1c500903a5f8767b463a1bcd88c (diff) | |
| parent | e93f2a5142d1056dc223c37872c25b2a0d2c6778 (diff) | |
Merge "realtime: Fix LIKE escaping in SQL backends"
Diffstat (limited to 'res/res_config_sqlite3.c')
| -rw-r--r-- | res/res_config_sqlite3.c | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/res/res_config_sqlite3.c b/res/res_config_sqlite3.c index 50d4095d5..8c514b07c 100644 --- a/res/res_config_sqlite3.c +++ b/res/res_config_sqlite3.c @@ -58,6 +58,8 @@ /*** DOCUMENTATION ***/ +static int has_explicit_like_escaping; + static struct ast_config *realtime_sqlite3_load(const char *database, const char *table, const char *configfile, struct ast_config *config, struct ast_flags flags, const char *suggested_include_file, const char *who_asked); static struct ast_variable *realtime_sqlite3(const char *database, const char *table, const struct ast_variable *fields); static struct ast_config *realtime_sqlite3_multi(const char *database, const char *table, const struct ast_variable *fields); @@ -777,6 +779,8 @@ static struct ast_config *realtime_sqlite3_load(const char *database, const char return config; } +#define IS_SQL_LIKE_CLAUSE(x) ((x) && ast_ends_with(x, " LIKE")) + /*! \brief Helper function for single and multi-row realtime load functions */ static int realtime_sqlite3_helper(const char *database, const char *table, const struct ast_variable *fields, int is_multi, void *arg) { @@ -802,6 +806,15 @@ static int realtime_sqlite3_helper(const char *database, const char *table, cons ast_str_append(&sql, 0, " AND %s %s", sqlite3_escape_column_op(field->name), sqlite3_escape_value(field->value)); } + + if (has_explicit_like_escaping && IS_SQL_LIKE_CLAUSE(field->name)) { + /* + * The realtime framework is going to pre-escape these + * for us with a backslash. We just need to make sure + * to tell SQLite about it + */ + ast_str_append(&sql, 0, " ESCAPE '\\'"); + } } if (!is_multi) { @@ -1307,6 +1320,29 @@ static int unload_module(void) return 0; } +static void discover_sqlite3_caps(void) +{ + /* + * So we cheat a little bit here. SQLite3 added support for the + * 'ESCAPE' keyword in 3.1.0. They added SQLITE_VERSION_NUMBER + * in 3.1.2. So if we run into 3.1.0 or 3.1.1 in the wild, we + * just treat it like < 3.1.0. + * + * For reference: 3.1.0, 3.1.1, and 3.1.2 were all released + * within 30 days of each other in Jan/Feb 2005, so I don't + * imagine we'll be finding something pre-3.1.2 that often in + * practice. + */ +#if defined(SQLITE_VERSION_NUMBER) + has_explicit_like_escaping = 1; +#else + has_explicit_like_escaping = 0; +#endif + + ast_debug(3, "SQLite3 has 'LIKE ... ESCAPE ...' support? %s\n", + has_explicit_like_escaping ? "Yes" : "No"); +} + /*! * \brief Load the module * @@ -1319,6 +1355,8 @@ static int unload_module(void) */ static int load_module(void) { + discover_sqlite3_caps(); + if (!((databases = ao2_container_alloc(DB_BUCKETS, db_hash_fn, db_cmp_fn)))) { return AST_MODULE_LOAD_FAILURE; } |