Fixes out of bound issue when checking column name

emmanuel-keller · emmanuel-keller · commit f58ff5778a2c · 2016-05-26T18:40:29.000+02:00
diff --git a/src/main/java/com/qwazr/jdbc/cache/CachedPreparedStatement.java b/src/main/java/com/qwazr/jdbc/cache/CachedPreparedStatement.java
@@ -26,14 +26,13 @@
 
 class CachedPreparedStatement<T extends PreparedStatement> extends CachedStatement<T> implements PreparedStatement {
 
-    private final String sql;
     protected final SortedMap<Integer, Object> parameters;
 
     CachedPreparedStatement(final CachedConnection connection, final T backendStatement, final String sql,
             final int resultSetConcurrency, final int resultSetType, final int resultSetHoldability) {
         super(connection, backendStatement, resultSetConcurrency, resultSetType, resultSetHoldability);
         this.parameters = new TreeMap<>();
-        this.sql = sql;
+        this.executedSql = sql;
     }
 
     CachedPreparedStatement(final CachedConnection connection, final T backendStatement, final String sql) {
@@ -42,7 +41,7 @@ class CachedPreparedStatement<T extends PreparedStatement> extends CachedStateme
 
     @Override
     public ResultSet executeQuery() throws SQLException {
-        final String cacheKey = ResultSetCache.getKey(sql, parameters);
+        final String cacheKey = ResultSetCache.getKey(executedSql, parameters);
         return connection.resultSetCache.get(this, cacheKey, () -> backendStatement.executeQuery());
     }
 
@@ -54,6 +53,13 @@ public int executeUpdate() throws SQLException {
             throw new SQLFeatureNotSupportedException();
     }
 
+    @Override
+    public ResultSet getResultSet() throws SQLException {
+        final String cacheKey = ResultSetCache.getKey(executedSql, parameters);
+        return connection.resultSetCache
+                .get(this, cacheKey, backendStatement == null ? null : backendStatement::getResultSet);
+    }
+
     @Override
     public void setNull(int parameterIndex, int sqlType) throws SQLException {
         if (backendStatement != null)
@@ -203,7 +209,7 @@ public boolean execute() throws SQLException {
         if (backendStatement != null)
             return backendStatement.execute();
         else
-            throw new SQLFeatureNotSupportedException();
+            return connection.resultSetCache.checkExists(ResultSetCache.getKey(executedSql, parameters));
     }
 
     @Override
diff --git a/src/main/java/com/qwazr/jdbc/cache/CachedResultSet.java b/src/main/java/com/qwazr/jdbc/cache/CachedResultSet.java
@@ -57,7 +57,7 @@ class CachedResultSet implements ResultSet {
             this.columnNames = new HashMap<>();
             int i = 0;
             for (ResultSetWriter.ColumnDef column : metaData.columns)
-                this.columnNames.put(column.label, i++);
+                this.columnNames.put(column.label, ++i);
             readNext();
         } catch (IOException e) {
             try {
diff --git a/src/main/java/com/qwazr/jdbc/cache/CachedStatement.java b/src/main/java/com/qwazr/jdbc/cache/CachedStatement.java
@@ -29,12 +29,12 @@ class CachedStatement<T extends Statement> implements Statement {
     private volatile int maxFieldSize;
     private volatile int maxRows;
     private volatile int queryTimeOut;
-    private volatile CachedResultSet resultSet;
     private volatile int fetchDirection;
     private volatile int fetchSize;
     private volatile boolean closed;
     private volatile boolean poolable;
     private volatile boolean closeOnCompletion;
+    protected volatile String executedSql;
 
     CachedStatement(final CachedConnection connection, final T backendStatement, final int resultSetConcurrency,
             final int resultSetType, final int resultSetHoldability) {
@@ -46,12 +46,12 @@ class CachedStatement<T extends Statement> implements Statement {
         this.maxFieldSize = 0;
         this.maxRows = 0;
         this.queryTimeOut = 0;
-        this.resultSet = null;
         this.fetchDirection = 0;
         this.fetchSize = 0;
         this.closed = false;
         this.poolable = false;
         this.closeOnCompletion = false;
+        this.executedSql = null;
     }
 
     CachedStatement(final CachedConnection connection, final T backendStatement) {
@@ -60,12 +60,15 @@ class CachedStatement<T extends Statement> implements Statement {
 
     @Override
     public ResultSet executeQuery(String sql) throws SQLException {
+        this.executedSql = sql;
         final String cacheKey = ResultSetCache.getKey(sql);
-        return connection.resultSetCache.get(this, cacheKey, () -> backendStatement.executeQuery(sql));
+        return connection.resultSetCache
+                .get(this, cacheKey, backendStatement == null ? null : () -> backendStatement.executeQuery(sql));
     }
 
     @Override
     public int executeUpdate(String sql) throws SQLException {
+        this.executedSql = sql;
         if (backendStatement != null)
             return backendStatement.executeUpdate(sql);
         else
@@ -158,15 +161,18 @@ public void setCursorName(String name) throws SQLException {
 
     @Override
     public boolean execute(String sql) throws SQLException {
+        this.executedSql = sql;
         if (backendStatement != null)
             return backendStatement.execute(sql);
         else
-            throw new SQLFeatureNotSupportedException();
+            return connection.resultSetCache.checkExists(ResultSetCache.getKey(executedSql));
     }
 
     @Override
     public ResultSet getResultSet() throws SQLException {
-        return resultSet;
+        final String cacheKey = ResultSetCache.getKey(executedSql);
+        return connection.resultSetCache
+                .get(this, cacheKey, backendStatement == null ? null : backendStatement::getResultSet);
     }
 
     @Override
@@ -272,6 +278,7 @@ public ResultSet getGeneratedKeys() throws SQLException {
 
     @Override
     public int executeUpdate(String sql, int autoGeneratedKeys) throws SQLException {
+        executedSql = sql;
         if (backendStatement != null)
             return backendStatement.executeUpdate(sql, autoGeneratedKeys);
         else
@@ -280,6 +287,7 @@ public int executeUpdate(String sql, int autoGeneratedKeys) throws SQLException
 
     @Override
     public int executeUpdate(String sql, int[] columnIndexes) throws SQLException {
+        executedSql = sql;
         if (backendStatement != null)
             return backendStatement.executeUpdate(sql, columnIndexes);
         else
@@ -288,6 +296,7 @@ public int executeUpdate(String sql, int[] columnIndexes) throws SQLException {
 
     @Override
     public int executeUpdate(String sql, String[] columnNames) throws SQLException {
+        executedSql = sql;
         if (backendStatement != null)
             return backendStatement.executeUpdate(sql, columnNames);
         else
@@ -296,26 +305,29 @@ public int executeUpdate(String sql, String[] columnNames) throws SQLException {
 
     @Override
     public boolean execute(String sql, int autoGeneratedKeys) throws SQLException {
+        executedSql = sql;
         if (backendStatement != null)
             return backendStatement.execute(sql, autoGeneratedKeys);
         else
-            throw new SQLFeatureNotSupportedException();
+            return connection.resultSetCache.checkExists(ResultSetCache.getKey(executedSql));
     }
 
     @Override
     public boolean execute(String sql, int[] columnIndexes) throws SQLException {
+        executedSql = sql;
         if (backendStatement != null)
             return backendStatement.execute(sql, columnIndexes);
         else
-            throw new SQLFeatureNotSupportedException();
+            return connection.resultSetCache.checkExists(ResultSetCache.getKey(executedSql));
     }
 
     @Override
     public boolean execute(String sql, String[] columnNames) throws SQLException {
+        executedSql = sql;
         if (backendStatement != null)
             return backendStatement.execute(sql, columnNames);
         else
-            throw new SQLFeatureNotSupportedException();
+            return connection.resultSetCache.checkExists(ResultSetCache.getKey(executedSql));
     }
 
     @Override
diff --git a/src/main/java/com/qwazr/jdbc/cache/ResultSetCache.java b/src/main/java/com/qwazr/jdbc/cache/ResultSetCache.java
@@ -43,17 +43,44 @@ class ResultSetCache {
         this.cacheDirectory = cacheDirectory;
     }
 
-    CachedResultSet get(final CachedStatement statement, final String key, final Provider resultSetProvider)
+    /**
+     * Return the cached ResultSet for the given key.
+     * If the entry does not exist the ResultSet is extracted by calling the given resultSetProvider.
+     * If the entry does not exist and no resultSetProvider is given (null) an SQLException is thrown.
+     *
+     * @param statement         the cached statement
+     * @param key               the generated key for this statement
+     * @param resultSetProvider the optional result provider
+     * @return the cached ResultSet
+     * @throws SQLException
+     */
+    final CachedResultSet get(final CachedStatement statement, final String key, final Provider resultSetProvider)
             throws SQLException {
         final Path resultSetPath = cacheDirectory.resolve(key);
         final ResultSet providedResultSet;
         if (!Files.exists(resultSetPath)) {
+            if (resultSetProvider == null)
+                throw new SQLException("No cache available");
             providedResultSet = resultSetProvider.provide();
             ResultSetWriter.write(resultSetPath, providedResultSet);
         }
         return new CachedResultSet(statement, resultSetPath);
     }
 
+    /**
+     * Check if an entry is available for this key. If not, an SQLException is thrown.
+     *
+     * @param key the computed key
+     * @return always true
+     * @throws SQLException
+     */
+    final boolean checkExists(final String key) throws SQLException {
+        final Path resultSetPath = cacheDirectory.resolve(key);
+        if (!Files.exists(resultSetPath))
+            throw new SQLException("No cache available");
+        return true;
+    }
+
     interface Provider {
 
         ResultSet provide() throws SQLException;
diff --git a/src/test/java/DerbyTest.java b/src/test/java/DerbyTest.java
@@ -104,33 +104,53 @@ private void checkResultSet(ResultSet resultSet, Object[]... rows) throws SQLExc
 
     final static String SQL_SIMPLE = "SELECT ID,NAME,CREATED  FROM FIRSTTABLE";
 
+    private ResultSet executeQuery(Connection cnx) throws SQLException {
+        final Statement stmt = cnx.createStatement();
+        return stmt.executeQuery(SQL_SIMPLE);
+    }
+
     @Test
     public void test110TestSimpleStatement() throws SQLException {
         // First without the cache
-        checkResultSet(cnxCacheDisable.createStatement().executeQuery(SQL_SIMPLE), ROWS);
+        checkResultSet(executeQuery(cnxCacheDisable), ROWS);
         // Second the cache is written
-        checkResultSet(cnxCacheEnable.createStatement().executeQuery(SQL_SIMPLE), ROWS);
+        checkResultSet(executeQuery(cnxCacheEnable), ROWS);
         // Third the cache is read
-        checkResultSet(cnxCacheEnable.createStatement().executeQuery(SQL_SIMPLE), ROWS);
+        checkResultSet(executeQuery(cnxCacheEnable), ROWS);
         // Last, without the backend
-        checkResultSet(cnxCacheNoBackend.createStatement().executeQuery(SQL_SIMPLE), ROWS);
+        checkResultSet(executeQuery(cnxCacheNoBackend), ROWS);
     }
 
-    final static String SQL_PREP = "SELECT ID,NAME,CREATED  FROM FIRSTTABLE WHERE ID = ? OR ID = ?";
+    private ResultSet updateGetResultSet(Connection cnx) throws SQLException {
+        final Statement stmt = cnx.createStatement();
+        stmt.execute(SQL_SIMPLE);
+        return stmt.getResultSet();
+    }
 
     @Test
-    public void test110TestPreparedStatementWithoutCache() throws SQLException {
-        final PreparedStatement stmt = cnxCacheDisable.prepareStatement(SQL_PREP);
+    public void test110TestUpdateAndGetResultSet() throws SQLException {
+        checkResultSet(updateGetResultSet(cnxCacheDisable), ROWS);
+        checkResultSet(updateGetResultSet(cnxCacheEnable), ROWS);
+        checkResultSet(updateGetResultSet(cnxCacheNoBackend), ROWS);
+    }
+
+    final static String SQL_PREP = "SELECT ID,NAME,CREATED  FROM FIRSTTABLE WHERE ID = ? OR ID = ?";
+
+    private PreparedStatement getPreparedStatement(Connection cnx) throws SQLException {
+        final PreparedStatement stmt = cnx.prepareStatement(SQL_PREP);
         stmt.setInt(1, 10);
         stmt.setInt(2, 40);
-        checkResultSet(stmt.executeQuery(), ROW1, ROW4);
+        return stmt;
+    }
+
+    @Test
+    public void test110TestPreparedStatementWithoutCache() throws SQLException {
+        checkResultSet(getPreparedStatement(cnxCacheDisable).executeQuery(), ROW1, ROW4);
     }
 
     @Test
     public void test120TestPreparedStatementWithCache() throws SQLException {
-        final PreparedStatement stmt = cnxCacheEnable.prepareStatement(SQL_PREP);
-        stmt.setInt(1, 10);
-        stmt.setInt(2, 40);
+        final PreparedStatement stmt = getPreparedStatement(cnxCacheEnable);
         // First the cache is written
         checkResultSet(stmt.executeQuery(), ROW1, ROW4);
         // Second the cache is read
@@ -139,10 +159,15 @@ public void test120TestPreparedStatementWithCache() throws SQLException {
 
     @Test
     public void test130TestPreparedStatementNoBackend() throws SQLException {
-        final PreparedStatement stmt = cnxCacheNoBackend.prepareStatement(SQL_PREP);
-        stmt.setInt(1, 10);
-        stmt.setInt(2, 40);
+        final PreparedStatement stmt = getPreparedStatement(cnxCacheNoBackend);
         checkResultSet(stmt.executeQuery(), ROW1, ROW4);
     }
 
+    @Test
+    public void test135TestPreparedStatementGetResultSet() throws SQLException {
+        final PreparedStatement stmt = getPreparedStatement(cnxCacheNoBackend);
+        stmt.execute();
+        checkResultSet(stmt.getResultSet(), ROW1, ROW4);
+    }
+
 }
