http://qs321.pair.com?node_id=827874


in reply to Retrieving Office 2007 files from a BLOB using Perl

Maybe you would fare better if you used DBI placeholders instead of interpolating your data into your SQL? I think that a carefully crafted filename could still subvert your SQL, because you don't escape/remove newlines and other binary data from it.

Also, maybe you need to use binmode when reading your file, but I don't know that much about Oracle. Also, why are you using such a low chunk size of 4096 instead of a chunk size that would fetch most of your documents in one go?

  • Comment on Re: Retrieving Office 2007 files from a BLOB using Perl

Replies are listed 'Best First'.
Re^2: Retrieving Office 2007 files from a BLOB using Perl
by Stegalex (Chaplain) on Mar 10, 2010 at 20:00 UTC
    Thanks for your remarks. I have increased the chunk size and am doing a binmode with the same results. Not sure how placeholders would impact my results as the ora_lob_append is feeding chunks to the tuple instead of trying to write the entire contents to the file then the tuple all in one shot.
[reply]

In Section Seekers of Perl Wisdom