SELECT with leading comment returns empty data, and max_rows is silently bypassed for the same statements

[mortalBibo]

Summary

Two related bugs share one root cause: sql.startswith("SELECT") is used at two callsites to classify SQL, and it fails when the statement begins with a -- or /* */ comment.

Bug 1 (visible) — data: [] while row_count > 0:

-- any leading comment
SELECT col FROM t WHERE dt = '20260509'

Returns {"row_count": N, "data": []}. Removing the leading comment makes it work.

Bug 2 (latent, masked by Bug 1) — max_rows ignored: the auto-injected LIMIT {max_rows} is skipped for the same statements, so large queries can be dispatched unbounded once Bug 1 is fixed.

Affects master / v0.6.1.

Root cause

• db.py:100 — startswith("SELECT") false → else branch → data = [], row_count = cursor.rowcount (already populated by the MySQL protocol).
• query_executor.py:689 — same false-negative → LIMIT not appended.

Same bug class as #62 Bug 5 (missing WITH/CTE in the whitelist).

Fix

• db.py: use cursor.description (driver-reported, no SQL parsing). This is exactly @jonasbrami's [fix] Use cursor.description to detect result-returning queries #75.
• query_executor.py: runs before cursor.execute, so use a helper that strips leading comments before extracting the first keyword.

PR

I'm opening a PR that continues #75 (commit preserved with original authorship), adds regression tests for the contract, and includes the Bug 2 fix. Happy to close it if @jonasbrami prefers to continue #75.