Postgres Pro
Downloads
Home   >   mailing lists

Re: BIGINT <-> java.lang.String auto cast - Mailing list pgsql-jdbc

From Oliver Jowett
Subject Re: BIGINT <-> java.lang.String auto cast
Date
Msg-id 42967221.20505@opencloud.com
Whole thread Raw
In response to Re: BIGINT <-> java.lang.String auto cast  (Dave Cramer <pg@fastcrypt.com>)
Responses Re: BIGINT <-> java.lang.String auto cast
List pgsql-jdbc
Tree view 
Dave Cramer wrote:
> Where do you see the driver doing such conversions.

In AbstractJdbc2Statement.setObject(int,Object,int,int), e.g.:

>     // Helper method that extracts numeric values from an arbitary Object.
>     private String numericValueOf(Object x)
>     {
>         if (x instanceof Boolean)
>             return ((Boolean)x).booleanValue() ? "1" : "0";
>         else if (x instanceof Integer || x instanceof Long ||
>                  x instanceof Double || x instanceof Short ||
>                  x instanceof Number || x instanceof Float)
>             return x.toString();
>         else
>             //ensure the value is a valid numeric value to avoid
>             //sql injection attacks
>             return new BigDecimal(x.toString()).toString();
>     }

[...]

>         switch (targetSqlType)
>         {
>         case Types.INTEGER:
>             bindLiteral(parameterIndex, numericValueOf(x), Oid.INT4);
>             break;

[...]

-O

pgsql-jdbc by date:

Previous
From: Dave Cramer
Date:
Subject: Re: BIGINT <-> java.lang.String auto cast
Next
From: Dave Cramer
Date:
Subject: Re: BIGINT <-> java.lang.String auto cast