Skip to content

/ QGIS

Permalink
Browse files

Fix a length computation error when doing SQL query with non-ASCII ch… 

…aracters

git-svn-id: http://svn.osgeo.org/qgis/trunk/qgis@11436 c8812cc2-4d05-0410-92ff-de0c093fc19c
  • Loading branch information
homann
homann committed Aug 19, 2009
1 parent 6accda4 commit 6631c671b200150b93d149ccebf875c513565f26
4 src/app/qgsbookmarks.cpp
View file
@@ -92,7 +92,7 @@ void QgsBookmarks::initialise()
sqlite3_stmt *ppStmt;
QString sql = "select * from tbl_bookmarks";

rc = sqlite3_prepare( db, sql.toUtf8(), sql.length(), &ppStmt, &pzTail );
rc = sqlite3_prepare( db, sql.toUtf8(), sql.toUtf8().length(), &ppStmt, &pzTail );
// XXX Need to free memory from the error msg if one is set
if ( rc == SQLITE_OK )
{
@@ -213,7 +213,7 @@ void QgsBookmarks::zoomToBookmark()
const char *pzTail;
// build the sql statement
QString sql = "select xmin, ymin, xmax, ymax from tbl_bookmarks where bookmark_id = " + item->text( 3 );
rc = sqlite3_prepare( db, sql.toUtf8(), sql.length(), &ppStmt, &pzTail );
rc = sqlite3_prepare( db, sql.toUtf8(), sql.toUtf8().length(), &ppStmt, &pzTail );
if ( rc == SQLITE_OK )
{
if ( sqlite3_step( ppStmt ) == SQLITE_ROW )
22 src/app/qgscustomprojectiondialog.cpp
View file
@@ -191,7 +191,7 @@ void QgsCustomProjectionDialog::on_pbnDelete_clicked()
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "delete from tbl_srs where srs_id='" + mCurrentRecordId + "'";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
QgsDebugMsg( QString( "Query to delete current:%1" ).arg( mySql ) );
if ( myResult == SQLITE_OK )
@@ -249,7 +249,7 @@ long QgsCustomProjectionDialog::getRecordCount()
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select count(*) from tbl_srs";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -284,7 +284,7 @@ QString QgsCustomProjectionDialog::getProjectionFamilyName( QString theProjectio
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select name from tbl_projection where acronym='" + theProjectionFamilyAcronym + "'";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -315,7 +315,7 @@ QString QgsCustomProjectionDialog::getEllipsoidName( QString theEllipsoidAcronym
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select name from tbl_ellipsoid where acronym='" + theEllipsoidAcronym + "'";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -346,7 +346,7 @@ QString QgsCustomProjectionDialog::getProjectionFamilyAcronym( QString theProjec
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select acronym from tbl_projection where name='" + theProjectionFamilyName + "'";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -377,7 +377,7 @@ QString QgsCustomProjectionDialog::getEllipsoidAcronym( QString theEllipsoidName
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select acronym from tbl_ellipsoid where name='" + theEllipsoidName + "'";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -410,7 +410,7 @@ void QgsCustomProjectionDialog::on_pbnFirst_clicked()

QString mySql = "select * from tbl_srs order by srs_id limit 1";
QgsDebugMsg( QString( "Query to move first:%1" ).arg( mySql ) );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -482,7 +482,7 @@ void QgsCustomProjectionDialog::on_pbnPrevious_clicked()

QString mySql = "select * from tbl_srs where srs_id < " + mCurrentRecordId + " order by srs_id desc limit 1";
QgsDebugMsg( QString( "Query to move previous:%1" ).arg( mySql ) );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -555,7 +555,7 @@ void QgsCustomProjectionDialog::on_pbnNext_clicked()

QString mySql = "select * from tbl_srs where srs_id > " + mCurrentRecordId + " order by srs_id asc limit 1";
QgsDebugMsg( QString( "Query to move next:%1" ).arg( mySql ) );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -624,7 +624,7 @@ void QgsCustomProjectionDialog::on_pbnLast_clicked()

QString mySql = "select * from tbl_srs order by srs_id desc limit 1";
QgsDebugMsg( QString( "Query to move last:%1" ).arg( mySql ) );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -842,7 +842,7 @@ void QgsCustomProjectionDialog::on_pbnSave_clicked()
assert( myResult == SQLITE_OK );
}
QgsDebugMsg( QString( "Update or insert sql \n%1" ).arg( mySql ) );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
sqlite3_step( myPreparedStatement );
// XXX Need to free memory from the error msg if one is set
if ( myResult != SQLITE_OK )
6 src/app/qgsoptions.cpp
View file
@@ -567,7 +567,7 @@ void QgsOptions::getEllipsoidList()

// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select * from tbl_ellipsoid order by name";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -599,7 +599,7 @@ QString QgsOptions::getEllipsoidAcronym( QString theEllipsoidName )
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select acronym from tbl_ellipsoid where name='" + theEllipsoidName + "'";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -631,7 +631,7 @@ QString QgsOptions::getEllipsoidName( QString theEllipsoidAcronym )
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select name from tbl_ellipsoid where acronym='" + theEllipsoidAcronym + "'";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
16 src/core/qgscoordinatereferencesystem.cpp
View file
@@ -221,7 +221,7 @@ bool QgsCoordinateReferenceSystem::loadFromDb( QString db, QString field, long i
*/

QString mySql = "select srs_id,description,projection_acronym,ellipsoid_acronym,parameters,srid,epsg,is_geo from tbl_srs where " + field + "='" + QString::number( id ) + "'";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK && sqlite3_step( myPreparedStatement ) == SQLITE_ROW )
{
@@ -506,7 +506,7 @@ QgsCoordinateReferenceSystem::RecordMap QgsCoordinateReferenceSystem::getRecord(
return myMap;
}

myResult = sqlite3_prepare( myDatabase, theSql.toUtf8(), theSql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, theSql.toUtf8(), theSql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK && sqlite3_step( myPreparedStatement ) == SQLITE_ROW )
{
@@ -542,7 +542,7 @@ QgsCoordinateReferenceSystem::RecordMap QgsCoordinateReferenceSystem::getRecord(
return myMap;
}

myResult = sqlite3_prepare( myDatabase, theSql.toUtf8(), theSql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, theSql.toUtf8(), theSql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK && sqlite3_step( myPreparedStatement ) == SQLITE_ROW )
{
@@ -799,7 +799,7 @@ long QgsCoordinateReferenceSystem::findMatchingProj()
return 0;
}

myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -839,7 +839,7 @@ long QgsCoordinateReferenceSystem::findMatchingProj()
return 0;
}

myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -1088,7 +1088,7 @@ QString QgsCoordinateReferenceSystem::proj4FromSrsId( const int theSrsId )
const char *pzTail;
sqlite3_stmt *ppStmt;

rc = sqlite3_prepare( db, mySql.toUtf8(), mySql.length(), &ppStmt, &pzTail );
rc = sqlite3_prepare( db, mySql.toUtf8(), mySql.toUtf8().length(), &ppStmt, &pzTail );
// XXX Need to free memory from the error msg if one is set

if ( rc == SQLITE_OK )
@@ -1220,7 +1220,7 @@ bool QgsCoordinateReferenceSystem::saveAsUserCRS()
assert( myResult == SQLITE_OK );
}
QgsDebugMsg( QString( "Update or insert sql \n%1" ).arg( mySql ) );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
sqlite3_step( myPreparedStatement );
// XXX Need to free memory from the error msg if one is set
return myResult == SQLITE_OK;
@@ -1245,7 +1245,7 @@ long QgsCoordinateReferenceSystem::getRecordCount()
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select count(*) from tbl_srs";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
2 src/core/qgsdistancearea.cpp
View file
@@ -104,7 +104,7 @@ bool QgsDistanceArea::setEllipsoid( const QString& ellipsoid )
}
// Set up the query to retrieve the projection information needed to populate the ELLIPSOID list
QString mySql = "select radius, parameter2 from tbl_ellipsoid where acronym='" + ellipsoid + "'";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
8 src/core/qgsmaplayer.cpp
View file
@@ -493,7 +493,7 @@ bool QgsMapLayer::loadNamedStyleFromDb( const QString db, const QString theURI,
}

QString mySql = "select qml from tbl_styles where style=?";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8().data(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8().data(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
if ( myResult == SQLITE_OK )
{
QByteArray param = theURI.toUtf8();
@@ -655,7 +655,7 @@ QString QgsMapLayer::saveNamedStyle( const QString theURI, bool & theResultFlag
QByteArray param1 = qml.toUtf8();

QString mySql = "create table if not exists tbl_styles(style varchar primary key,qml varchar)";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8().data(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8().data(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
if ( myResult == SQLITE_OK )
{
if ( sqlite3_step( myPreparedStatement ) != SQLITE_DONE )
@@ -670,7 +670,7 @@ QString QgsMapLayer::saveNamedStyle( const QString theURI, bool & theResultFlag
sqlite3_finalize( myPreparedStatement );

mySql = "insert into tbl_styles(style,qml) values (?,?)";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8().data(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8().data(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
if ( myResult == SQLITE_OK )
{
if ( sqlite3_bind_text( myPreparedStatement, 1, param0.data(), param0.length(), SQLITE_STATIC ) == SQLITE_OK &&
@@ -687,7 +687,7 @@ QString QgsMapLayer::saveNamedStyle( const QString theURI, bool & theResultFlag
if ( !theResultFlag )
{
QString mySql = "update tbl_styles set qml=? where style=?";
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8().data(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8().data(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
if ( myResult == SQLITE_OK )
{
if ( sqlite3_bind_text( myPreparedStatement, 2, param0.data(), param0.length(), SQLITE_STATIC ) == SQLITE_OK &&
18 src/gui/qgsprojectionselector.cpp
View file
@@ -454,7 +454,7 @@ QString QgsProjectionSelector::selectedProj4String()

QgsDebugMsg( "Selection sql: " + sql );

rc = sqlite3_prepare( db, sql.toUtf8(), sql.length(), &ppStmt, &pzTail );
rc = sqlite3_prepare( db, sql.toUtf8(), sql.toUtf8().length(), &ppStmt, &pzTail );
// XXX Need to free memory from the error msg if one is set
QString myProjString;
if ( rc == SQLITE_OK )
@@ -541,7 +541,7 @@ long QgsProjectionSelector::getSelectedLongAttribute( QString attributeName )
sql += lvi->text( QGIS_CRS_ID_COLUMN );

QgsDebugMsg( QString( "Finding selected attribute using : %1" ).arg( sql ) );
rc = sqlite3_prepare( db, sql.toUtf8(), sql.length(), &ppStmt, &pzTail );
rc = sqlite3_prepare( db, sql.toUtf8(), sql.toUtf8().length(), &ppStmt, &pzTail );
// XXX Need to free memory from the error msg if one is set
QString myAttributeValue;
if ( rc == SQLITE_OK )
@@ -657,7 +657,7 @@ void QgsProjectionSelector::loadUserCrsList( QSet<QString> * crsFilter )
mySql += "where ";
mySql += sqlFilter;

myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -736,7 +736,7 @@ void QgsProjectionSelector::loadCrsList( QSet<QString> * crsFilter )
// get total count of records in the projection table
QString sql = "select count(*) from tbl_srs";

rc = sqlite3_prepare( db, sql.toUtf8(), sql.length(), &ppStmt, &pzTail );
rc = sqlite3_prepare( db, sql.toUtf8(), sql.toUtf8().length(), &ppStmt, &pzTail );
assert( rc == SQLITE_OK );
sqlite3_step( ppStmt );

@@ -750,7 +750,7 @@ void QgsProjectionSelector::loadCrsList( QSet<QString> * crsFilter )
sql += sqlFilter;
sql += " order by name, description";

rc = sqlite3_prepare( db, sql.toUtf8(), sql.length(), &ppStmt, &pzTail );
rc = sqlite3_prepare( db, sql.toUtf8(), sql.toUtf8().length(), &ppStmt, &pzTail );
// XXX Need to free memory from the error msg if one is set
if ( rc == SQLITE_OK )
{
@@ -924,7 +924,7 @@ void QgsProjectionSelector::on_pbnFind_clicked()
return;
}

myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -956,7 +956,7 @@ void QgsProjectionSelector::on_pbnFind_clicked()
return;
}

myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, mySql.toUtf8(), mySql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -1004,7 +1004,7 @@ long QgsProjectionSelector::getLargestCRSIDMatch( QString theSql )
}
else
{
myResult = sqlite3_prepare( myDatabase, theSql.toUtf8(), theSql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, theSql.toUtf8(), theSql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{
@@ -1032,7 +1032,7 @@ long QgsProjectionSelector::getLargestCRSIDMatch( QString theSql )
return 0;
}

myResult = sqlite3_prepare( myDatabase, theSql.toUtf8(), theSql.length(), &myPreparedStatement, &myTail );
myResult = sqlite3_prepare( myDatabase, theSql.toUtf8(), theSql.toUtf8().length(), &myPreparedStatement, &myTail );
// XXX Need to free memory from the error msg if one is set
if ( myResult == SQLITE_OK )
{

0 comments on commit 6631c67

Please sign in to comment.
You can’t perform that action at this time.