More tests of the sqlite_set_authorizer() API together with fixes for bugs

that the new tests uncovered. (CVS 832) FossilOrigin-Name: cc2ae781ac186f9ee1afacdc9117087421955369
author: drh <drh@noemail.net> 2003-01-14 02:49:27 +0000
committer: drh <drh@noemail.net> 2003-01-14 02:49:27 +0000
commit: 77ad4e41337978c1d8f58d5083f1f59df7e6b41d (patch)
tree: 274f309f6892d51c5c2005371febfb24d8ae1837 /src
parent: 71602204958fade6e9b83448a72438aad0888235 (diff)
download: sqlite-77ad4e41337978c1d8f58d5083f1f59df7e6b41d.tar.gz
sqlite-77ad4e41337978c1d8f58d5083f1f59df7e6b41d.zip
4 files changed, 26 insertions, 14 deletions
diff --git a/src/build.c b/src/build.c
index 9b9cfaa42..11365efd7 100644
--- a/src/build.c
+++ b/src/build.c
@@ -25,7 +25,7 @@
 **     ROLLBACK
 **     PRAGMA
 **
-** $Id: build.c,v 1.121 2003/01/13 23:27:32 drh Exp $
+** $Id: build.c,v 1.122 2003/01/14 02:49:27 drh Exp $
 */
 #include "sqliteInt.h"
 #include <ctype.h>
@@ -333,6 +333,7 @@ void sqliteStartTable(
   if( zName==0 ) return;
 #ifndef SQLITE_OMIT_AUTHORIZATION
   if( sqliteAuthCheck(pParse, SQLITE_INSERT, SCHEMA_TABLE(isTemp), 0) ){
+    sqliteFree(zName);
     return;
   }
   {
@@ -351,6 +352,7 @@ void sqliteStartTable(
       }
     }
     if( sqliteAuthCheck(pParse, code, zName, 0) ){
+      sqliteFree(zName);
       return;
     }
   }
@@ -1122,6 +1124,9 @@ void sqliteDropTable(Parse *pParse, Token *pName, int isView){
     if( sqliteAuthCheck(pParse, code, pTable->zName, 0) ){
       return;
     }
+    if( sqliteAuthCheck(pParse, SQLITE_DELETE, pTable->zName, 0) ){
+      return;
+    }
   }
 #endif
   if( pTable->readOnly ){
@@ -1702,7 +1707,7 @@ void sqliteDropIndex(Parse *pParse, Token *pName){
       return;
     }
     if( pTab->isTemp ) code = SQLITE_DROP_TEMP_INDEX;
-    if( sqliteAuthCheck(pParse, code, pIndex->zName, 0) ){
+    if( sqliteAuthCheck(pParse, code, pIndex->zName, pTab->zName) ){
       return;
     }
   }
@@ -1896,15 +1901,19 @@ void sqliteCopy(
   Vdbe *v;
   int addr, end;
   Index *pIdx;
+  char *zFile = 0;
   sqlite *db = pParse->db;
 
+
   zTab = sqliteTableNameFromToken(pTableName);
   if( sqlite_malloc_failed || zTab==0 ) goto copy_cleanup;
   pTab = sqliteTableNameToTable(pParse, zTab);
   sqliteFree(zTab);
   if( pTab==0 ) goto copy_cleanup;
-  if( sqliteAuthCheck(pParse, SQLITE_INSERT, pTab->zName, 0)
-      || sqliteAuthCheck(pParse, SQLITE_COPY, pTab->zName, 0) ){
+  zFile = sqliteStrNDup(pFilename->z, pFilename->n);
+  sqliteDequote(zFile);
+  if( sqliteAuthCheck(pParse, SQLITE_INSERT, pTab->zName, zFile)
+      || sqliteAuthCheck(pParse, SQLITE_COPY, pTab->zName, zFile) ){
     goto copy_cleanup;
   }
   v = sqliteGetVdbe(pParse);
@@ -1964,6 +1973,7 @@ void sqliteCopy(
   }
   
 copy_cleanup:
+  sqliteFree(zFile);
   return;
 }
 
diff --git a/src/expr.c b/src/expr.c
index 5fcfd8833..e56d05e3f 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -12,7 +12,7 @@
 ** This file contains routines used for analyzing expressions and
 ** for generating VDBE code that evaluates expressions in SQLite.
 **
-** $Id: expr.c,v 1.84 2003/01/12 18:02:18 drh Exp $
+** $Id: expr.c,v 1.85 2003/01/14 02:49:28 drh Exp $
 */
 #include "sqliteInt.h"
 #include <ctype.h>
@@ -430,7 +430,6 @@ int sqliteExprResolveIds(
     case TK_ID: {
       int cnt = 0;      /* Number of matches */
       int i;            /* Loop counter */
-      int rc;           /* Return code */
       char *z;
       assert( pExpr->token.z );
       z = sqliteStrNDup(pExpr->token.z, pExpr->token.n);
diff --git a/src/sqlite.h.in b/src/sqlite.h.in
index c31eb9faf..410691b43 100644
--- a/src/sqlite.h.in
+++ b/src/sqlite.h.in
@@ -12,7 +12,7 @@
 ** This header file defines the interface that the SQLite library
 ** presents to client programs.
 **
-** @(#) $Id: sqlite.h.in,v 1.37 2003/01/13 23:27:33 drh Exp $
+** @(#) $Id: sqlite.h.in,v 1.38 2003/01/14 02:49:28 drh Exp $
 */
 #ifndef _SQLITE_H_
 #define _SQLITE_H_
@@ -521,23 +521,23 @@ int sqlite_set_authorizer(
 **
 **                                          Arg-3           Arg-4
 */
-#define SQLITE_COPY                  0   /* Table Name      NULL            */
+#define SQLITE_COPY                  0   /* Table Name      File Name       */
 #define SQLITE_CREATE_INDEX          1   /* Index Name      Table Name      */
 #define SQLITE_CREATE_TABLE          2   /* Table Name      NULL            */
 #define SQLITE_CREATE_TEMP_INDEX     3   /* Index Name      Table Name      */
 #define SQLITE_CREATE_TEMP_TABLE     4   /* Table Name      NULL            */
-#define SQLITE_CREATE_TEMP_TRIGGER   5   /* Trigger Name    NULL            */
+#define SQLITE_CREATE_TEMP_TRIGGER   5   /* Trigger Name    Table Name      */
 #define SQLITE_CREATE_TEMP_VIEW      6   /* View Name       NULL            */
-#define SQLITE_CREATE_TRIGGER        7   /* Trigger Name    NULL            */
+#define SQLITE_CREATE_TRIGGER        7   /* Trigger Name    Table Name      */
 #define SQLITE_CREATE_VIEW           8   /* View Name       NULL            */
 #define SQLITE_DELETE                9   /* Table Name      NULL            */
-#define SQLITE_DROP_INDEX           10   /* Index Name      NULL            */
+#define SQLITE_DROP_INDEX           10   /* Index Name      Table Name      */
 #define SQLITE_DROP_TABLE           11   /* Table Name      NULL            */
-#define SQLITE_DROP_TEMP_INDEX      12   /* Index Name      NULL            */
+#define SQLITE_DROP_TEMP_INDEX      12   /* Index Name      Table Name      */
 #define SQLITE_DROP_TEMP_TABLE      13   /* Table Name      NULL            */
-#define SQLITE_DROP_TEMP_TRIGGER    14   /* Trigger Name    NULL            */
+#define SQLITE_DROP_TEMP_TRIGGER    14   /* Trigger Name    Table Name      */
 #define SQLITE_DROP_TEMP_VIEW       15   /* View Name       NULL            */
-#define SQLITE_DROP_TRIGGER         16   /* Trigger Name    NULL            */
+#define SQLITE_DROP_TRIGGER         16   /* Trigger Name    Table Name      */
 #define SQLITE_DROP_VIEW            17   /* View Name       NULL            */
 #define SQLITE_INSERT               18   /* Table Name      NULL            */
 #define SQLITE_PRAGMA               19   /* Pragma Name     1st arg or NULL */
diff --git a/src/trigger.c b/src/trigger.c
index ce00c2b05..03032fe25 100644
--- a/src/trigger.c
+++ b/src/trigger.c
@@ -106,6 +106,9 @@ void sqliteCreateTrigger(
       if( sqliteAuthCheck(pParse, code, zName, tab->zName) ){
         goto trigger_cleanup;
       }
+      if( sqliteAuthCheck(pParse, SQLITE_INSERT, SCHEMA_TABLE(tab->isTemp), 0)){
+        goto trigger_cleanup;
+      }
     }
 #endif
   }
author	drh <drh@noemail.net>	2003-01-14 02:49:27 +0000
committer	drh <drh@noemail.net>	2003-01-14 02:49:27 +0000
commit	77ad4e41337978c1d8f58d5083f1f59df7e6b41d (patch)
tree	274f309f6892d51c5c2005371febfb24d8ae1837 /src
parent	71602204958fade6e9b83448a72438aad0888235 (diff)
download	sqlite-77ad4e41337978c1d8f58d5083f1f59df7e6b41d.tar.gz sqlite-77ad4e41337978c1d8f58d5083f1f59df7e6b41d.zip