--- parser3/src/classes/table.C 2024/12/06 23:20:04 1.376 +++ parser3/src/classes/table.C 2026/04/25 13:38:46 1.383 @@ -1,7 +1,7 @@ /** @file Parser: @b table parser class. - Copyright (c) 2001-2024 Art. Lebedev Studio (http://www.artlebedev.com) + Copyright (c) 2001-2026 Art. Lebedev Studio (https://www.artlebedev.com) Authors: Konstantin Morshnev , Alexandr Petrosian */ @@ -26,7 +26,7 @@ #include "pa_array.h" #include "pa_varray.h" -volatile const char * IDENT_TABLE_C="$Id: table.C,v 1.376 2024/12/06 23:20:04 moko Exp $"; +volatile const char * IDENT_TABLE_C="$Id: table.C,v 1.383 2026/04/25 13:38:46 moko Exp $"; // class @@ -624,7 +624,7 @@ static void table_to_csv(String& result, static void _save(Request& r, MethodParams& params) { - const String& first_arg=params.as_string(0, FIRST_ARG_MUST_NOT_BE_CODE); + const String& first_arg=params.as_string(0, PARAMETER_MUST_BE_STRING); size_t param_index=1; bool do_append=false; @@ -683,7 +683,7 @@ static void _csv_string(Request& r, Meth bool output_column_names=true; size_t param_index=0; if(params.count()>0 && params[0].is_string()) { - if(params.as_string(0, FIRST_ARG_MUST_NOT_BE_CODE)=="nameless") { + if(params.as_string(0, PARAM_MUST_NOT_BE_CODE)=="nameless") { output_column_names=false; param_index++; } else { @@ -849,11 +849,11 @@ static void table_row_to_hash(Table::ele for(Array_iterator i(*info->value_fields); i; ) { size_t value_field=i.next(); if(value_fieldcount()) - hash.put(columns ? *columns->get(value_field) : String(pa_uitoa(value_field)), new VString(*row->get(value_field))); + hash.put(columns ? *columns->get(value_field) : String::Body::uitoa(value_field), new VString(*row->get(value_field))); } } else { // all fields for(size_t index=0; indexcount(); index++) { - hash.put(columns && index < columns->count() ? *columns->get(index) : String(pa_uitoa(index)), new VString(*row->get(index))); + hash.put(columns && index < columns->count() ? *columns->get(index) : String::Body::uitoa(index), new VString(*row->get(index))); } } exist=info->hash->put_dont_replace(*key, vhash); @@ -1071,7 +1071,7 @@ static void _cells(Request& r, MethodPar size_t row_size=self_table[self_table.current()]->count(); // number of columns in current row if(params.count()){ - int limit=params.as_int(params.count()-1, "offset must be expression", r); + int limit=params.as_int(params.count()-1, "limit must be expression", r); if(limit<0) limit=0; if((size_t)limit pa_array_limit) + throw Exception(PARSER_RUNTIME, 0, "table size (%d) exceeds limit $MAIN:LIMITS.max_array_size (%d)", table.count(), pa_array_limit); } static void _insert(Request& r, MethodParams& params) { @@ -1320,6 +1323,9 @@ static void _insert(Request& r, MethodPa } else { table.insert(table.current(), row_from_string(r, params[0])); } + + if(table.count() > pa_array_limit) + throw Exception(PARSER_RUNTIME, 0, "table size (%d) exceeds limit $MAIN:LIMITS.max_array_size (%d)", table.count(), pa_array_limit); } static void _delete(Request& r, MethodParams&) { @@ -1439,7 +1445,7 @@ void unmarshal_bind_updates(HashStringVa if(ph->is_null) value=VVoid::get(); else - value=new VString(*new String(ph->value, String::L_TAINTED)); + value=new VString(ph->value); hash.put(ph->name, value); } } @@ -1567,7 +1573,7 @@ static void _select(Request& r, MethodPa if(r.check_skip_break()) break; - if(condition && ++appended > (size_t)offset) // ...condition is true, adding to the result + if(condition && ++appended > (size_t)offset && source_table.valid(row)) // ...condition is true, adding to the result result_table+=source_table[row]; if(row==0) break; } @@ -1580,7 +1586,7 @@ static void _select(Request& r, MethodPa if(r.check_skip_break()) break; - if(condition && ++appended > (size_t)offset) // ...condition is true, adding to the result + if(condition && ++appended > (size_t)offset && source_table.valid(row)) // ...condition is true, adding to the result result_table+=source_table[row]; } }