diff options
author | Austin Clements <amdragon@mit.edu> | 2014-08-25 13:26:08 -0400 |
---|---|---|
committer | David Bremner <david@tethera.net> | 2014-08-30 11:39:41 -0700 |
commit | ec573cd54fb3ea98f37a3c3612b00fb16e34578b (patch) | |
tree | 791dff9c9fdc11afacd5a316a04409fdb2f16de7 /lib/database.cc | |
parent | 5dbfed4a73d8c310afa51108af1ca6484506145a (diff) |
lib: Return an error from operations that require an upgrade
Previously, there was no protection against a caller invoking an
operation on an old database version that would effectively corrupt
the database by treating it like a newer version.
According to notmuch.h, any caller that opens the database in
read/write mode is supposed to check if the database needs upgrading
and perform an upgrade if it does. This would protect against this,
but nobody (even the CLI) actually does this.
However, with features, it's easy to protect against incompatible
operations on a fine-grained basis. This lightweight change allows
callers to safely operate on old database versions, while preventing
specific operations that would corrupt the database with an
informative error message.
Diffstat (limited to 'lib/database.cc')
-rw-r--r-- | lib/database.cc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/database.cc b/lib/database.cc index 53397bb0..51161889 100644 --- a/lib/database.cc +++ b/lib/database.cc @@ -316,6 +316,8 @@ notmuch_status_to_string (notmuch_status_t status) return "Unbalanced number of calls to notmuch_database_begin_atomic/end_atomic"; case NOTMUCH_STATUS_UNSUPPORTED_OPERATION: return "Unsupported operation"; + case NOTMUCH_STATUS_UPGRADE_REQUIRED: + return "Operation requires a database upgrade"; default: case NOTMUCH_STATUS_LAST_STATUS: return "Unknown error status value"; @@ -2226,6 +2228,9 @@ notmuch_database_find_message_by_filename (notmuch_database_t *notmuch, if (message_ret == NULL) return NOTMUCH_STATUS_NULL_POINTER; + if (! (notmuch->features & NOTMUCH_FEATURE_FILE_TERMS)) + return NOTMUCH_STATUS_UPGRADE_REQUIRED; + /* return NULL on any failure */ *message_ret = NULL; |