annotate tests/dbupload2.ur @ 2297:6d56080f495c

Fix a read-after-free bug using a timestamp check
author Adam Chlipala <adam@chlipala.net>
date Thu, 19 Nov 2015 13:18:58 -0500
parents 229a299d739d
children
rev   line source
grrwlf@2053 1 table t : { Id : int, Blob : blob, MimeType : string }
grrwlf@2053 2 sequence s
grrwlf@2053 3
grrwlf@2053 4 fun getImage id : transaction page =
grrwlf@2053 5 r <- oneRow1 (SELECT t.Blob, t.MimeType
grrwlf@2053 6 FROM t
grrwlf@2053 7 WHERE t.Id = {[id]});
grrwlf@2053 8 returnBlob r.Blob (blessMime r.MimeType)
grrwlf@2053 9
grrwlf@2053 10 fun handle (r : {File:file, Param:string}) =
grrwlf@2053 11 id <- nextval s;
grrwlf@2053 12 dml (INSERT INTO t (Id, Blob, MimeType)
grrwlf@2053 13 VALUES ({[id]}, {[fileData r.File]}, {[fileMimeType r.File]}));
grrwlf@2053 14 debug ("Text is " ^ r.Param);
grrwlf@2053 15 main ()
grrwlf@2053 16
grrwlf@2053 17 and main () : transaction page =
grrwlf@2053 18 x <- queryX1 (SELECT t.Id FROM t)
grrwlf@2053 19 (fn r => <xml><img src={url (getImage r.Id)}/>
grrwlf@2053 20 </xml>);
grrwlf@2053 21 return <xml><body>
grrwlf@2053 22 <form>
grrwlf@2053 23 <upload{#File}/>
grrwlf@2053 24 <textbox{#Param} value="text"/>
grrwlf@2053 25 <submit action={handle}/>
grrwlf@2053 26 </form>
grrwlf@2053 27 <hr/>
grrwlf@2053 28 {x}
grrwlf@2053 29 </body></xml>