Added checks on passing invalid parameters to cursor.var(),

anthony-tuininga · anthony-tuininga · commit 756442ee2498 · 2018-05-09T19:35:49.000-06:00
cursor.arrayvar(), cursor.callfunc() and cursor.setinputsizes().
diff --git a/src/cxoCursor.c b/src/cxoCursor.c
@@ -1711,13 +1711,15 @@ static PyObject *cxoCursor_scroll(cxoCursor *cursor, PyObject *args,
 static PyObject *cxoCursor_setInputSizes(cxoCursor *cursor, PyObject *args,
         PyObject *keywordArgs)
 {
-    Py_ssize_t numPositionalArgs, i;
+    Py_ssize_t numPositionalArgs, numKeywordArgs = 0, i;
     PyObject *key, *value;
     cxoVar *var;
 
     // only expect keyword arguments or positional arguments, not both
     numPositionalArgs = PyTuple_Size(args);
-    if (keywordArgs && numPositionalArgs > 0)
+    if (keywordArgs)
+        numKeywordArgs = PyDict_Size(keywordArgs);
+    if (numKeywordArgs > 0 && numPositionalArgs > 0)
         return cxoError_raiseFromString(cxoInterfaceErrorException,
                 "expecting arguments or keyword arguments, not both");
 
@@ -1727,15 +1729,15 @@ static PyObject *cxoCursor_setInputSizes(cxoCursor *cursor, PyObject *args,
 
     // eliminate existing bind variables
     Py_CLEAR(cursor->bindVariables);
-    if (keywordArgs)
+    if (numKeywordArgs > 0)
         cursor->bindVariables = PyDict_New();
     else cursor->bindVariables = PyList_New(numPositionalArgs);
     if (!cursor->bindVariables)
         return NULL;
     cursor->setInputSizes = 1;
 
     // process each input
-    if (keywordArgs) {
+    if (numKeywordArgs > 0) {
         i = 0;
         while (PyDict_Next(keywordArgs, &i, &key, &value)) {
             var = cxoVar_newByType(cursor, value, cursor->bindArraySize);
@@ -1803,9 +1805,9 @@ static PyObject *cxoCursor_var(cxoCursor *cursor, PyObject *args,
     size = 0;
     arraySize = cursor->bindArraySize;
     inConverter = outConverter = typeNameObj = NULL;
-    if (!PyArg_ParseTupleAndKeywords(args, keywordArgs, "O|iiOOO", keywordList,
-            &type, &size, &arraySize, &inConverter, &outConverter,
-            &typeNameObj))
+    if (!PyArg_ParseTupleAndKeywords(args, keywordArgs, "O!|iiOOO",
+            keywordList, &PyType_Type, &type, &size, &arraySize, &inConverter,
+            &outConverter, &typeNameObj))
         return NULL;
 
     // determine the type of variable
@@ -1847,7 +1849,7 @@ static PyObject *cxoCursor_arrayVar(cxoCursor *cursor, PyObject *args)
 
     // parse arguments
     size = 0;
-    if (!PyArg_ParseTuple(args, "OO|i", &type, &value, &size))
+    if (!PyArg_ParseTuple(args, "O!O|i", &PyType_Type, &type, &value, &size))
         return NULL;
 
     // determine the type of variable
diff --git a/src/cxoVar.c b/src/cxoVar.c
@@ -293,25 +293,28 @@ static cxoVar *cxoVar_newArrayByType(cxoCursor *cursor,
     PyObject *typeObj, *numElementsObj;
     cxoVarType *varType;
     uint32_t numElements;
+    int ok;
 
-    if (PyList_GET_SIZE(value) != 2) {
-        cxoError_raiseFromString(cxoProgrammingErrorException,
-                "expecting an array of two elements [type, numelems]");
-        return NULL;
+    // validate parameters
+    ok = (PyList_GET_SIZE(value) == 2);
+    if (ok) {
+        typeObj = PyList_GET_ITEM(value, 0);
+        ok = PyType_Check(typeObj);
     }
-
-    typeObj = PyList_GET_ITEM(value, 0);
-    numElementsObj = PyList_GET_ITEM(value, 1);
-    if (!PyInt_Check(numElementsObj)) {
+    if (ok) {
+        numElementsObj = PyList_GET_ITEM(value, 1);
+        ok = PyInt_Check(numElementsObj);
+    }
+    if (!ok) {
         cxoError_raiseFromString(cxoProgrammingErrorException,
-                "number of elements must be an integer");
+                "expecting an array of two elements [type, numelems]");
         return NULL;
     }
 
+    // create variable
     varType = cxoVarType_fromPythonType((PyTypeObject*) typeObj);
     if (!varType)
         return NULL;
-
     numElements = PyInt_AsLong(numElementsObj);
     if (PyErr_Occurred())
         return NULL;
@@ -349,10 +352,16 @@ cxoVar *cxoVar_newByType(cxoCursor *cursor, PyObject *value,
     }
 
     // everything else ought to be a Python type
-    varType = cxoVarType_fromPythonType((PyTypeObject*) value);
-    if (!varType)
-        return NULL;
-    return cxoVar_new(cursor, numElements, varType, varType->size, 0, NULL);
+    if (PyType_Check(value)) {
+        varType = cxoVarType_fromPythonType((PyTypeObject*) value);
+        if (!varType)
+            return NULL;
+        return cxoVar_new(cursor, numElements, varType, varType->size, 0,
+                NULL);
+    }
+
+    PyErr_SetString(PyExc_TypeError, "expecting type");
+    return NULL;
 }
 
 
diff --git a/test/Cursor.py b/test/Cursor.py
@@ -100,6 +100,22 @@ def testCallFuncNoArgs(self):
         results = self.cursor.callfunc("func_TestNoArgs", cx_Oracle.NUMBER)
         self.assertEqual(results, 712)
 
+    def testCallFuncNegative(self):
+        """test executing a stored function with wrong parameters"""
+        funcName = "func_Test"
+        self.assertRaises(TypeError, self.cursor.callfunc, cx_Oracle.NUMBER,
+                funcName, ("hi", 5))
+        self.assertRaises(cx_Oracle.DatabaseError, self.cursor.callfunc,
+                funcName, cx_Oracle.NUMBER, ("hi", 5, 7))
+        self.assertRaises(TypeError, self.cursor.callfunc, funcName,
+                cx_Oracle.NUMBER, "hi", 7)
+        self.assertRaises(cx_Oracle.DatabaseError, self.cursor.callfunc,
+                funcName, cx_Oracle.NUMBER, [5, "hi"])
+        self.assertRaises(cx_Oracle.DatabaseError, self.cursor.callfunc,
+                funcName, cx_Oracle.NUMBER)
+        self.assertRaises(TypeError, self.cursor.callfunc, funcName,
+                cx_Oracle.NUMBER, 5)
+
     def testExecuteManyByName(self):
         """test executing a statement multiple times (named args)"""
         self.cursor.execute("truncate table TestTempTable")
@@ -486,10 +502,12 @@ def testScrollDifferingArrayAndFetchSizes(self):
                 self.assertEqual(cursor.rowcount,
                         15 + numRows + numRowsFetched + numRows - 6)
 
-    def testSetInputSizesMultipleMethod(self):
-        """test setting input sizes with both positional and keyword args"""
+    def testSetInputSizesNegative(self):
+        "test cursor.setinputsizes() with invalid parameters"
+        val = decimal.Decimal(5)
         self.assertRaises(cx_Oracle.InterfaceError,
-                self.cursor.setinputsizes, 5, x = 5)
+                self.cursor.setinputsizes, val, x = val)
+        self.assertRaises(TypeError, self.cursor.setinputsizes, val)
 
     def testSetInputSizesByPosition(self):
         """test setting input sizes with positional args"""
@@ -523,3 +541,11 @@ def testParse(self):
         self.assertEqual(self.cursor.description,
                 [ ('LONGINTCOL', cx_Oracle.NUMBER, 17, None, 16, 0, 0) ])
 
+    def testVarNegative(self):
+        "test cursor.var() with invalid parameters"
+        self.assertRaises(TypeError, self.cursor.var, 5)
+
+    def testArrayVarNegative(self):
+        "test cursor.arrayvar() with invalid parameters"
+        self.assertRaises(TypeError, self.cursor.arrayvar, 5, 1)
+
