WillAyd commented on code in PR #577:
URL: https://github.com/apache/arrow-adbc/pull/577#discussion_r1183072135
##########
c/driver/postgresql/connection.cc:
##########
@@ -47,7 +49,80 @@ AdbcStatusCode PostgresConnection::GetTableSchema(const
char* catalog,
const char* table_name,
struct ArrowSchema* schema,
struct AdbcError* error) {
- return ADBC_STATUS_NOT_IMPLEMENTED;
+ AdbcStatusCode final_status = ADBC_STATUS_OK;
+ struct StringBuilder query = {0};
+ if (StringBuilderInit(&query, /*initial_size=*/256) != 0) return
ADBC_STATUS_INTERNAL;
+
+ if (StringBuilderAppend(
+ &query, "%s",
+ "SELECT attname, atttypid "
+ "FROM pg_catalog.pg_class AS cls "
+ "INNER JOIN pg_catalog.pg_attribute AS attr ON cls.oid =
attr.attrelid "
+ "INNER JOIN pg_catalog.pg_type AS typ ON attr.atttypid = typ.oid "
+ "WHERE attr.attnum >= 0 AND cls.oid = '") != 0)
+ return ADBC_STATUS_INTERNAL;
+
+ if (db_schema != nullptr) {
+ char* schema = PQescapeIdentifier(conn_, db_schema, strlen(db_schema));
Review Comment:
A bit tangential to this but I don't see the current test suite as
validating that we are safe against SQL injection attacks. Probably a
reasonable follow up to set those types of test in place
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
