|
|
|
|
|
|
by wahern
1650 days ago
|
|
|
I wrote a non-blocking MySQL client C library about 10 years ago or so. I felt that requiring the caller to build up a query string across multiple statements made it too easy to forget and miss instances where quoting was needed. The nice thing about prepared statements is that even from a pure syntactic standpoint they force you to be explicit about the points where dynamic values are inserted. So the high-level query function for the library was a variadic function that took a prepared statement-like string using unquoted literal `?' for parameters, and much like printf a very simple switch statement machine would iterate the query string and insert parameters itself, ensuring that quoting happened properly. (I forget how integers were handled; possibly with `#', or maybe some macro and type introspection hacks.) This way you could grep all lines where the query routine was invoked and verify that ? was in use. If ? was used, then clearly the developer was at least paying attention. Someone would have to go out of their way to use ? for some parameters, but manually and directly insert other parameters. Not an insurmountable barrier, but a tall one nonetheless for people even remotely conscious of security. The few places where ? wasn't used would standout and could more easily be reviewed. Admittedly, this wasn't a complete solution, and normally I avoid stringy types and free-form string processing entirely when programming in C. But most uses of the library occurred from Lua via C bindings. You couldn't directly invoke a C variadic function from Lua, so Lua code actually called a query function that reimplemented that API, reusing the same low-level string escaping routine. |
|
|
There were plans to build out the binary protocol in Trilogy as well, it just hadn't been wrapped up by the time it was made open source. And if I recall, that branch fell pretty far behind. Maybe now that it is OSS, someone can contribute that :)