Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rebind safety #775

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

rebind safety #775

wants to merge 1 commit into from

Commits on Oct 3, 2021

  1. I happened to notice a while ago that the way sqlx rebinds variables … 

    …is not safe

with respect to string literals and comments.  As someone who routinely comments their
SQL, this seemed really danagerous, especially the the danager of having a question
mark inside a comment or string literal.

For another project, I needed to do some SQL tokenizing and after writing a tokenizer,
I thought to apply it to sqlx too.

When doing so, I was not able to match the speed of the existing sqlx code.  On the other
hand, the existing code is not safe.

In compileNmaedQuery, I discoverd the old code rewrites "::" to ":".  That behavior is not
documented anywhere.  I imagine that it is quite a surprise to someone who is doing a
type cast to discover it doesn't work.  On the other hand, fixing that behavior, as I've
done, will break code so accepting my change requires a major version change even though
the behavior changed isn't documented.

As mentioned, I couldn't match the speed.  I've tried to make sqltoken fast.

% go test -bench=CompileNamed\|Rebind -benchmem
goos: linux
goarch: amd64
pkg: github.com/jmoiron/sqlx
cpu: AMD Ryzen 7 3700X 8-Core Processor
BenchmarkRebind-16                        360132              3374 ns/op            5040 B/op         10 allocs/op
BenchmarkOldRebind-16                    3341792               358.3 ns/op           336 B/op          4 allocs/op
BenchmarkRebindBuffer-16                 1000000              1018 ns/op             592 B/op          6 allocs/op
BenchmarkCompileNamedQuery-16             237378              4995 ns/op            7504 B/op         28 allocs/op
BenchmarkOldCompileNamedQuery-16          264847              4520 ns/op            2064 B/op         40 allocs/op
PASS
ok      github.com/jmoiron/sqlx 11.112s
    @muir
    muir committed Oct 3, 2021
    Configuration menu
    Copy the full SHA
    46c8321 View commit details
    Browse the repository at this point in the history