The shell commands mostly don't complain about extra arguments. Some examples that should really generate errors but don't:
<pre>
sqlite> .header the a team is back
sqlite> .backup main foo surplus arguments
sqlite> .bail says this takes on or off
sqlite> .databases doesn't care either
sqlite> .dump does not care if the tables do not exist or even are the number 3
sqlite> .echo are the ghostbusters out there?
sqlite> .exit with code 22
</pre>
(I got bored having illustrated the point :-)
<hr><i>rogerb added on 2009-10-01 02:04:07:</i><br>
Another example is in parsing the .mode argument. You can supply any substring of a valid mode which doesn't appear to be the intention of the code (why check for "line" and "lines", "column" or "columns") or the error message.
<pre>
sqlite> .mode ddd
mode should be one of: column csv html insert line list tabs tcl
sqlite> .mode col
sqlite> .mode c
sqlite> .mode ht
sqlite> .mode t
</pre>
The actual mode that gets selected is based on the first match in the C code (eg "line" is checked for before "list" and "tcl" is checked before "tabs").
Suggested code fix is to change the strncmps to a simple strcmp
<hr><i>shane added on 2009-11-06 17:22:36:</i><br>
Updated shell.c to improve "dot" command argument handling. Added some basic tests to shell1.test to verify this.
Check-in [9fb6991933].
|