Skip to content

Commit

Permalink
Merge pull request #3 from AikidoSec/dollar-placeholder
Browse files Browse the repository at this point in the history 
Apply patch for dollar placeholder
  • Loading branch information
@willem-delbare
willem-delbare authored Dec 28, 2024
2 parents 6359358 + f7a2ef7 commit d018ee3
Show file tree
Hide file tree
Showing 4 changed files with 53 additions and 4 deletions.
6 changes: 6 additions & 0 deletions src/dialect/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -592,6 +592,12 @@ pub trait Dialect: Debug + Any {
false
}

/// Returns true if this dialect allows dollar placeholders
/// e.g. `SELECT $var` (SQLite)
fn supports_dollar_placeholder(&self) -> bool {
false
}

/// Does the dialect support with clause in create index statement?
/// e.g. `CREATE INDEX idx ON t WITH (key = value, key2)`
fn supports_create_index_with_clause(&self) -> bool {
Expand Down
4 changes: 4 additions & 0 deletions src/dialect/sqlite.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,4 +81,8 @@ impl Dialect for SQLiteDialect {
fn supports_asc_desc_in_column_definition(&self) -> bool {
true
}

fn supports_dollar_placeholder(&self) -> bool {
true
}
}
37 changes: 33 additions & 4 deletions src/tokenizer.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1473,7 +1473,8 @@ impl<'a> Tokenizer<'a> {

chars.next();

if let Some('$') = chars.peek() {
// If the dialect does not support dollar-quoted strings, then `$$` is rather a placeholder.
if matches!(chars.peek(), Some('$')) && !self.dialect.supports_dollar_placeholder() {
chars.next();

let mut is_terminated = false;
Expand Down Expand Up @@ -1507,10 +1508,14 @@ impl<'a> Tokenizer<'a> {
};
} else {
value.push_str(&peeking_take_while(chars, |ch| {
ch.is_alphanumeric() || ch == '_'
ch.is_alphanumeric()
|| ch == '_'
// Allow $ as a placeholder character if the dialect supports it
|| matches!(ch, '$' if self.dialect.supports_dollar_placeholder())
}));

if let Some('$') = chars.peek() {
// If the dialect does not support dollar-quoted strings, don't look for the end delimiter.
if matches!(chars.peek(), Some('$')) && !self.dialect.supports_dollar_placeholder() {
chars.next();

'searching_for_end: loop {
Expand Down Expand Up @@ -2080,7 +2085,7 @@ fn take_char_from_hex_digits(
mod tests {
use super::*;
use crate::dialect::{
BigQueryDialect, ClickHouseDialect, HiveDialect, MsSqlDialect, MySqlDialect,
BigQueryDialect, ClickHouseDialect, HiveDialect, MsSqlDialect, MySqlDialect, SQLiteDialect,
};
use core::fmt::Debug;

Expand Down Expand Up @@ -2516,6 +2521,30 @@ mod tests {
);
}

#[test]
fn tokenize_dollar_placeholder() {
let sql = String::from("SELECT $$, $$ABC$$, $ABC$, $ABC");
let dialect = SQLiteDialect {};
let tokens = Tokenizer::new(&dialect, &sql).tokenize().unwrap();
assert_eq!(
tokens,
vec![
Token::make_keyword("SELECT"),
Token::Whitespace(Whitespace::Space),
Token::Placeholder("$$".into()),
Token::Comma,
Token::Whitespace(Whitespace::Space),
Token::Placeholder("$$ABC$$".into()),
Token::Comma,
Token::Whitespace(Whitespace::Space),
Token::Placeholder("$ABC$".into()),
Token::Comma,
Token::Whitespace(Whitespace::Space),
Token::Placeholder("$ABC".into()),
]
);
}

#[test]
fn tokenize_dollar_quoted_string_untagged() {
let sql =
Expand Down
10 changes: 10 additions & 0 deletions tests/sqlparser_sqlite.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -570,6 +570,16 @@ fn test_dollar_identifier_as_placeholder() {
}
_ => unreachable!(),
}

// $$ is a valid placeholder in SQLite
match sqlite().verified_expr("id = $$") {
Expr::BinaryOp { op, left, right } => {
assert_eq!(op, BinaryOperator::Eq);
assert_eq!(left, Box::new(Expr::Identifier(Ident::new("id"))));
assert_eq!(right, Box::new(Expr::Value(Placeholder("$$".to_string()))));
}
_ => unreachable!(),
}
}

fn sqlite() -> TestedDialects {
Expand Down

0 comments on commit d018ee3

Please sign in to comment.