When UNSAFE_IN_VIEW is disabled, only allow functions in views that are

tagged with SQLITE_INNOCUOUS. FossilOrigin-Name: 9ee79b254e4c51a2a41f7ed49ad389d8d7105e649483adb79772052fa0ade3c0
author: drh <drh@noemail.net> 2020-01-03 20:57:38 +0000
committer: drh <drh@noemail.net> 2020-01-03 20:57:38 +0000
commit: c4ad849921ff0840deca5285d8934e898b1261cd (patch)
tree: c0ee6204bf5ea929501554418248cb1d7d3d4bd0 /src/resolve.c
parent: 9ee00200efb5377910cf47bb994c1d47ea125170 (diff)
download: sqlite-c4ad849921ff0840deca5285d8934e898b1261cd.tar.gz
sqlite-c4ad849921ff0840deca5285d8934e898b1261cd.zip
1 files changed, 13 insertions, 15 deletions
diff --git a/src/resolve.c b/src/resolve.c
index 4587540d3..f934cf602 100644
--- a/src/resolve.c
+++ b/src/resolve.c
@@ -866,16 +866,6 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
           ** constant because they are constant for the duration of one query.
           ** This allows them to be factored out of inner loops. */
           ExprSetProperty(pExpr,EP_ConstFunc);
-        }else{
-          if( ExprHasProperty(pExpr, EP_Indirect)
-           && !IN_RENAME_OBJECT
-           && (pParse->db->flags & SQLITE_UnsafeInView)==0
-          ){
-            /* If SQLITE_DBCONFIG_UNSAFE_IN_VIEW is off, then functions with
-            ** side effects are not allowed inside triggers and views. */
-            sqlite3ErrorMsg(pParse, "%s() prohibited in triggers and views",
-                            pDef->zName);
-          }
         }
         if( (pDef->funcFlags & SQLITE_FUNC_CONSTANT)==0 ){
           /* Date/time functions that use 'now', and other functions like
@@ -896,14 +886,22 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
           no_such_func = 1;
           pDef = 0;
         }else
-        if( (pDef->funcFlags & SQLITE_FUNC_DIRECT)!=0
+        if( (pDef->funcFlags & (SQLITE_FUNC_DIRECT|SQLITE_FUNC_SAFE))
+               != SQLITE_FUNC_SAFE
          && ExprHasProperty(pExpr, EP_Indirect)
          && !IN_RENAME_OBJECT
         ){
-          /* Functions tagged with SQLITE_DIRECTONLY may not be used
-          ** inside of triggers and views */
-          sqlite3ErrorMsg(pParse, "%s() prohibited in triggers and views",
-                          pDef->zName);
+          if( (pDef->funcFlags & SQLITE_FUNC_DIRECT)!=0
+           || (pParse->db->flags & SQLITE_UnsafeInView)==0
+          ){
+            /* Functions prohibited in triggers and views if:
+            **     (1) tagged with SQLITE_DIRECTONLY
+            **     (2) not tagged with SQLITE_INNOCUOUS and 
+            **         SQLITE_DBCONFIG_UNSAFE_IN_VIEW is off
+            */
+            sqlite3ErrorMsg(pParse, "%s() prohibited in triggers and views",
+                            pDef->zName);
+          }
         }
       }
author	drh <drh@noemail.net>	2020-01-03 20:57:38 +0000
committer	drh <drh@noemail.net>	2020-01-03 20:57:38 +0000
commit	c4ad849921ff0840deca5285d8934e898b1261cd (patch)
tree	c0ee6204bf5ea929501554418248cb1d7d3d4bd0 /src/resolve.c
parent	9ee00200efb5377910cf47bb994c1d47ea125170 (diff)
download	sqlite-c4ad849921ff0840deca5285d8934e898b1261cd.tar.gz sqlite-c4ad849921ff0840deca5285d8934e898b1261cd.zip