RubyGems - ruby-mysql - Versions diffs - 2.9.0 → 2.9.1 - Mend

ruby-mysql 2.9.0 → 2.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of ruby-mysql might be problematic. Click here for more details.

Files changed (6) hide show

data/ChangeLog CHANGED Viewed

@@ -1,3 +1,12 @@
+2010-01-16  TOMITA Masahiro  <tommy@tmtm.org>
+	* lib/mysql.rb (Mysql#escape_string): raise error for unsafe
+	multibyte charset
+2010-01-15  TOMITA Masahiro  <tommy@tmtm.org>
+	* Fix: When GC destroy Mysql::Stmt object, protocol error occurred
 2010-01-10  TOMITA Masahiro  <tommy@tmtm.org>
 	* Version 2.9.0-beta

data/README.rdoc CHANGED Viewed

@@ -33,11 +33,11 @@ MySQL connector for Ruby.
 == Incompatible with MySQL/Ruby 2.8.x
-* Ruby 1.8.x では Mysql#escape_string は、マルチバイト文字の一部として特殊記号を含むシフトJISのようなマルチバイト文字セットに対して安全ではありません。
+* Ruby 1.8.x ではシフトJISのような安全でないマルチバイト文字セットに対して Mysql#escape_string を使用すると例外が発生します。
 * いくつかのメソッドがありません: Mysql#debug, Mysql#change_user,
   Mysql#create_db, Mysql#drop_db, Mysql#dump_debug_info,
-  Mysql#ssl_set, Mysql#reconnect, Mysql::Stmt#attr_set
+  Mysql#ssl_set, Mysql#reconnect
 * Mysql#options でサポートしているオプションは次のものだけです:
   Mysql::INIT_COMMAND, Mysql::OPT_CONNECT_TIMEOUT,

data/lib/mysql.rb CHANGED Viewed

@@ -39,7 +39,7 @@ class Mysql
     # Arguments are same as Mysql#connect.
     def new(*args)
       my = self.init
-      my.connect *args
+      my.connect(*args)
     end
     alias real_connect new
@@ -175,15 +175,10 @@ class Mysql
   # In Ruby 1.8, this is not safe for multibyte charset such as 'SJIS'.
   # You should use place-holder in prepared-statement.
   def escape_string(str)
-    str.gsub(/[\0\n\r\\\'\"\x1a]/) do |s|
-      case s
-      when "\0" then "\\0"
-      when "\n" then "\\n"
-      when "\r" then "\\r"
-      when "\x1a" then "\\Z"
-      else "\\#{s}"
-      end
+    if not defined? Encoding and @charset.unsafe
+      raise ClientError, 'Mysql#escape_string is called for unsafe multibyte charset'
     end
+    self.class.escape_string str
   end
   alias quote escape_string
@@ -805,9 +800,7 @@ class Mysql
     def self.finalizer(protocol, statement_id)
       proc do
-        Thread.new do
-          protocol.stmt_close_command statement_id
-        end
+        protocol.gc_stmt statement_id
       end
     end
@@ -843,7 +836,7 @@ class Mysql
     # === Argument
     # values passed to query
     # === Return
-    # Mysql::Result
+    # self
     def execute(*values)
       raise ClientError, "not prepared" unless @param_count
       raise ClientError, "parameter count mismatch" if values.length != @param_count

data/lib/mysql/charset.rb CHANGED Viewed

@@ -7,8 +7,10 @@ class Mysql
   class Charset
     def initialize(number, name, csname)
       @number, @name, @csname = number, name, csname
+      @unsafe = false
     end
     attr_reader :number, :name, :csname
+    attr_accessor :unsafe
     # [[charset_number, charset_name, collation_name, default], ...]
     CHARSETS = [
@@ -28,6 +30,7 @@ class Mysql
       [ 14, "cp1251",   "cp1251_bulgarian_ci",  false],
       [ 15, "latin1",   "latin1_danish_ci",     false],
       [ 16, "hebrew",   "hebrew_general_ci",    true ],
+      [ 17, "filename", "filename",             true ],
       [ 18, "tis620",   "tis620_thai_ci",       true ],
       [ 19, "euckr",    "euckr_korean_ci",      true ],
       [ 20, "latin7",   "latin7_estonian_cs",   false],
@@ -100,6 +103,7 @@ class Mysql
       [ 96, "cp932",    "cp932_bin"          ,  false],
       [ 97, "eucjpms",  "eucjpms_japanese_ci",  true ],
       [ 98, "eucjpms",  "eucjpms_bin",          false],
+      [ 99, "cp1250",   "cp1250_polish_ci",     false],
       [128, "ucs2",     "ucs2_unicode_ci",      false],
       [129, "ucs2",     "ucs2_icelandic_ci",    false],
       [130, "ucs2",     "ucs2_latvian_ci",      false],
@@ -138,6 +142,11 @@ class Mysql
       [208, "utf8",     "utf8_persian_ci",      false],
       [209, "utf8",     "utf8_esperanto_ci",    false],
       [210, "utf8",     "utf8_hungarian_ci",    false],
+      [254, "utf8",     "utf8_general_cs",      false],
+    ]
+    UNSAFE_CHARSET = [
+      "big5", "sjis", "filename", "gbk", "ucs2", "cp932",
     ]
     NUMBER_TO_CHARSET = {}
@@ -145,6 +154,7 @@ class Mysql
     CHARSET_DEFAULT = {}
     CHARSETS.each do |number, csname, clname, default|
       cs = Charset.new number, csname, clname
+      cs.unsafe = true if UNSAFE_CHARSET.include? csname
       NUMBER_TO_CHARSET[number] = cs
       COLLATION_TO_CHARSET[clname] = cs
       CHARSET_DEFAULT[csname] = cs if default

data/lib/mysql/protocol.rb CHANGED Viewed

@@ -1,10 +1,9 @@
-# Copyright (C) 2008-2009 TOMITA Masahiro
+# Copyright (C) 2008-2010 TOMITA Masahiro
 # mailto:tommy@tmtm.org
 require "socket"
 require "timeout"
 require "digest/sha1"
-require "thread"
 require "stringio"
 class Mysql
@@ -185,6 +184,12 @@ class Mysql
     attr_reader :message
     attr_accessor :charset
+    # @state variable keep state for connection.
+    # :INIT   :: Initial state.
+    # :READY  :: Ready for command.
+    # :FIELD  :: After query(). retr_fields() is needed.
+    # :RESULT :: After retr_fields(), retr_all_records() or stmt_retr_all_records() is needed.
     # make socket connection to server.
     # === Argument
     # host :: [String] if "localhost" or "" nil then use UNIXSocket. Otherwise use TCPSocket
@@ -196,7 +201,8 @@ class Mysql
     # === Exception
     # [ClientError] :: connection timeout
     def initialize(host, port, socket, conn_timeout, read_timeout, write_timeout)
-      @mutex = Mutex.new
+      @gc_stmt_queue = []   # stmt id list which GC destroy.
+      set_state :INIT
       @read_timeout = read_timeout
       @write_timeout = write_timeout
       begin
@@ -226,25 +232,25 @@ class Mysql
     # flag    :: [Integer] client flag
     # charset :: [Mysql::Charset / nil] charset for connection. nil: use server's charset
     def authenticate(user, passwd, db, flag, charset)
+      check_state :INIT
       @authinfo = [user, passwd, db, flag, charset]
-      synchronize do
-        reset
-        init_packet = InitialPacket.parse read
-        @server_info = init_packet.server_version
-        @server_version = init_packet.server_version.split(/\D/)[0,3].inject{|a,b|a.to_i*100+b.to_i}
-        @thread_id = init_packet.thread_id
-        client_flags = CLIENT_LONG_PASSWORD | CLIENT_LONG_FLAG | CLIENT_TRANSACTIONS | CLIENT_PROTOCOL_41 | CLIENT_SECURE_CONNECTION
-        client_flags |= CLIENT_CONNECT_WITH_DB if db
-        client_flags |= flag
-        @charset = charset
-        unless @charset
-          @charset = Charset.by_number(init_packet.server_charset)
-          @charset.encoding       # raise error if unsupported charset
-        end
-        netpw = encrypt_password passwd, init_packet.scramble_buff
-        write AuthenticationPacket.serialize(client_flags, 1024**3, @charset.number, user, netpw, db)
-        read            # skip OK packet
-      end
+      reset
+      init_packet = InitialPacket.parse read
+      @server_info = init_packet.server_version
+      @server_version = init_packet.server_version.split(/\D/)[0,3].inject{|a,b|a.to_i*100+b.to_i}
+      @thread_id = init_packet.thread_id
+      client_flags = CLIENT_LONG_PASSWORD | CLIENT_LONG_FLAG | CLIENT_TRANSACTIONS | CLIENT_PROTOCOL_41 | CLIENT_SECURE_CONNECTION
+      client_flags |= CLIENT_CONNECT_WITH_DB if db
+      client_flags |= flag
+      @charset = charset
+      unless @charset
+        @charset = Charset.by_number(init_packet.server_charset)
+        @charset.encoding       # raise error if unsupported charset
+      end
+      netpw = encrypt_password passwd, init_packet.scramble_buff
+      write AuthenticationPacket.serialize(client_flags, 1024**3, @charset.number, user, netpw, db)
+      read            # skip OK packet
+      set_state :READY
     end
     # Quit command
@@ -262,10 +268,14 @@ class Mysql
     # === Return
     # [Integer / nil] number of fields of results. nil if no results.
     def query_command(query)
-      synchronize do
+      check_state :READY
+      begin
         reset
         write [COM_QUERY, @charset.convert(query)].pack("Ca*")
         get_result
+      rescue
+        set_state :READY
+        raise
       end
     end
@@ -273,19 +283,26 @@ class Mysql
     # === Return
     # [integer / nil] number of fields of results. nil if no results.
     def get_result
-      res_packet = ResultPacket.parse read
-      if res_packet.field_count.to_i > 0  # result data exists
-        return res_packet.field_count
-      end
-      if res_packet.field_count.nil?      # LOAD DATA LOCAL INFILE
-        filename = res_packet.message
-        File.open(filename){|f| write f}
-        write nil  # EOF mark
-        read
+      begin
+        res_packet = ResultPacket.parse read
+        if res_packet.field_count.to_i > 0  # result data exists
+          set_state :FIELD
+          return res_packet.field_count
+        end
+        if res_packet.field_count.nil?      # LOAD DATA LOCAL INFILE
+          filename = res_packet.message
+          File.open(filename){|f| write f}
+          write nil  # EOF mark
+          read
+        end
+        @affected_rows, @insert_id, @server_status, @warning_count, @message =
+          res_packet.affected_rows, res_packet.insert_id, res_packet.server_status, res_packet.warning_count, res_packet.message
+        set_state :READY
+        return nil
+      rescue
+        set_state :READY
+        raise
       end
-      @affected_rows, @insert_id, @server_status, @warning_count, @message =
-        res_packet.affected_rows, res_packet.insert_id, res_packet.server_status, res_packet.warning_count, res_packet.message
-      return nil
     end
     # Retrieve n fields
@@ -294,9 +311,16 @@ class Mysql
     # === Return
     # [Array of Mysql::Field] field list
     def retr_fields(n)
-      fields = n.times.map{Field.new FieldPacket.parse(read)}
-      read_eof_packet
-      fields
+      check_state :FIELD
+      begin
+        fields = n.times.map{Field.new FieldPacket.parse(read)}
+        read_eof_packet
+        set_state :RESULT
+        fields
+      rescue
+        set_state :READY
+        raise
+      end
     end
     # Retrieve all records for simple query
@@ -305,16 +329,21 @@ class Mysql
     # === Return
     # [Array of Array of String] all records
     def retr_all_records(fields)
-      all_recs = []
-      until self.class.eof_packet?(data = read)
-        rec = fields.map do
-          s = self.class.lcs2str!(data)
-          s && charset.force_encoding(s)
+      check_state :RESULT
+      begin
+        all_recs = []
+        until self.class.eof_packet?(data = read)
+          rec = fields.map do
+            s = self.class.lcs2str!(data)
+            s && charset.force_encoding(s)
+          end
+          all_recs.push rec
         end
-        all_recs.push rec
+        @server_status = data[3].ord
+        all_recs
+      ensure
+        set_state :READY
       end
-      @server_status = data[3].ord
-      all_recs
     end
     # Field list command
@@ -339,13 +368,18 @@ class Mysql
     # === Return
     # [Array of Field] field list
     def process_info_command
-      synchronize do
+      check_state :READY
+      begin
         reset
         write [COM_PROCESS_INFO].pack("C")
         field_count = self.class.lcb2int!(read)
         fields = field_count.times.map{Field.new FieldPacket.parse(read)}
         read_eof_packet
+        set_state :RESULT
         return fields
+      rescue
+        set_state :READY
+        raise
       end
     end
@@ -412,10 +446,14 @@ class Mysql
     # === Return
     # [Integer] number of fields
     def stmt_execute_command(stmt_id, values)
-      synchronize do
+      check_state :READY
+      begin
         reset
         write ExecutePacket.serialize(stmt_id, Mysql::Stmt::CURSOR_TYPE_NO_CURSOR, values)
-        return get_result
+        get_result
+      rescue
+        set_state :READY
+        raise
       end
     end
@@ -426,11 +464,16 @@ class Mysql
     # === Return
     # [Array of Array of Object] all records
     def stmt_retr_all_records(fields, charset)
-      all_recs = []
-      until self.class.eof_packet?(data = read)
-        all_recs.push stmt_parse_record_packet(data, fields, charset)
+      check_state :RESULT
+      begin
+        all_recs = []
+        until self.class.eof_packet?(data = read)
+          all_recs.push stmt_parse_record_packet(data, fields, charset)
+        end
+        all_recs
+      ensure
+        set_state :READY
       end
-      all_recs
     end
     # Stmt close command
@@ -443,6 +486,10 @@ class Mysql
       end
     end
+    def gc_stmt(stmt_id)
+      @gc_stmt_queue.push stmt_id
+    end
     private
     # Parse statement result packet
@@ -473,9 +520,31 @@ class Mysql
       rec
     end
+    def check_state(st)
+      raise 'command out of sync' unless @state == st
+    end
+    def set_state(st)
+      @state = st
+      if st == :READY
+        gc_disabled = GC.disable
+        begin
+          while st = @gc_stmt_queue.shift
+            reset
+            write [COM_STMT_CLOSE, st].pack("CV")
+          end
+        ensure
+          GC.enable unless gc_disabled
+        end
+      end
+    end
     def synchronize
-      @mutex.synchronize do
+      begin
+        check_state :READY
         return yield
+      ensure
+        set_state :READY
       end
     end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby-mysql
 version: !ruby/object:Gem::Version
-  version: 2.9.0
+  version: 2.9.1
 platform: ruby
 authors:
 - tommy
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2009-07-29 00:00:00 +09:00
+date: 2010-01-16 00:00:00 +09:00
 default_executable:
 dependencies: []