diff options
| -rw-r--r-- | manifest | 18 | ||||
| -rw-r--r-- | manifest.uuid | 2 | ||||
| -rw-r--r-- | src/select.c | 3 | ||||
| -rw-r--r-- | src/sqlite.h.in | 1 | ||||
| -rw-r--r-- | src/tclsqlite.c | 1 | ||||
| -rw-r--r-- | test/auth.test | 36 |
6 files changed, 51 insertions, 10 deletions
@@ -1,5 +1,5 @@ -C Tweaks\sto\serror\smessage\stext. -D 2014-01-16T21:59:51.988 +C Add\sthe\sability\sfor\sthe\sauthorizer\scallback\sto\sdisallow\srecursive\nqueries. +D 2014-01-16T22:40:02.405 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f F Makefile.in 2ef13430cd359f7b361bb863504e227b25cc7f81 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23 @@ -219,16 +219,16 @@ F src/printf.c 85d07756e45d7496d19439dcae3e6e9e0090f269 F src/random.c d10c1f85b6709ca97278428fd5db5bbb9c74eece F src/resolve.c ae278d8ce037883323f677e78c241f64289f12ec F src/rowset.c 64655f1a627c9c212d9ab497899e7424a34222e0 -F src/select.c d75733ab2ad5e9f0d79fb4ab9f45d3d3d3675a3d +F src/select.c fc7499ac90fd4d49782e0a16372d3a5efde2aa3b F src/shell.c 9f3bc02a658b8f61d2cbe60cfc482f660c1c6c48 -F src/sqlite.h.in d94a8b89522f526ba711182ee161e06f8669bcc9 +F src/sqlite.h.in eed7f7d66a60daaa7b4a597dcd9bad87aad9611b F src/sqlite3.rc 11094cc6a157a028b301a9f06b3d03089ea37c3e F src/sqlite3ext.h 886f5a34de171002ad46fae8c36a7d8051c190fc F src/sqliteInt.h d49c0bea5282f15c1eb1eb9d705770f70d19c1e2 F src/sqliteLimit.h 164b0e6749d31e0daa1a4589a169d31c0dec7b3d F src/status.c 7ac05a5c7017d0b9f0b4bcd701228b784f987158 F src/table.c 2cd62736f845d82200acfa1287e33feb3c15d62e -F src/tclsqlite.c c43379f77f90399802b0e215faa71c0adc3a4d2e +F src/tclsqlite.c 46073db71011b6542fde1f234c56a076d5ff23f9 F src/test1.c db16ba651453b15001c7f2838c446284dde4ecaf F src/test2.c 7355101c085304b90024f2261e056cdff13c6c35 F src/test3.c 1c0e5d6f080b8e33c1ce8b3078e7013fdbcd560c @@ -327,7 +327,7 @@ F test/attach2.test 0ec5defa340363de6cd50fd595046465e9aaba2d F test/attach3.test 359eb65d00102cdfcef6fa4e81dc1648f8f80b27 F test/attach4.test 53bf502f17647c6d6c5add46dda6bac8b6f4665c F test/attachmalloc.test 3a4bfca9545bfe906a8d2e622de10fbac5b711b0 -F test/auth.test 9bea29041871807d9f289ee679d05d3ed103642f +F test/auth.test 5bdf154eb28c0e4bbc0473f335858c0d96171768 F test/auth2.test c3b415b76c033bedb81292118fb7c01f5f10cbcd F test/auth3.test a4755e6a2a2fea547ffe63c874eb569e60a28eb5 F test/autoinc.test c58912526998a39e11f66b533e23cfabea7f25b7 @@ -1150,7 +1150,7 @@ F tool/vdbe-compress.tcl 0cf56e9263a152b84da86e75a5c0cdcdb7a47891 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4 F tool/warnings.sh d1a6de74685f360ab718efda6265994b99bbea01 F tool/win/sqlite.vsix 030f3eeaf2cb811a3692ab9c14d021a75ce41fff -P 54eee9fe99290e59469bd3e1a66bb749887d37ee -R 7385964692340c50e255f43b779c83ed +P 090a77d97808b86d1e9f5c63c743a2b159a15f5d +R f01d2088e8545f61e859d9aad946ffb1 U drh -Z 3d3568f983c7b2bd0c47dd0558e3c02c +Z b5ce4714b23c3d6e2db0cb8e18c5a93d diff --git a/manifest.uuid b/manifest.uuid index bdfa111f7..dfccdb311 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -090a77d97808b86d1e9f5c63c743a2b159a15f5d
\ No newline at end of file +9efc120a1548c03f3d8aabbadf1050ff2a119c31
\ No newline at end of file diff --git a/src/select.c b/src/select.c index ae2e0ce65..66eb4b336 100644 --- a/src/select.c +++ b/src/select.c @@ -1814,6 +1814,9 @@ static int multiSelect( SelectDest tmp2dest; int i; + if( sqlite3AuthCheck(pParse, SQLITE_RECURSIVE, 0, 0, 0) ){ + goto multi_select_end; + } iBreak = sqlite3VdbeMakeLabel(v); iCont = sqlite3VdbeMakeLabel(v); diff --git a/src/sqlite.h.in b/src/sqlite.h.in index 5012f864a..51c864c5e 100644 --- a/src/sqlite.h.in +++ b/src/sqlite.h.in @@ -2561,6 +2561,7 @@ int sqlite3_set_authorizer( #define SQLITE_FUNCTION 31 /* NULL Function Name */ #define SQLITE_SAVEPOINT 32 /* Operation Savepoint Name */ #define SQLITE_COPY 0 /* No longer used */ +#define SQLITE_RECURSIVE 33 /* NULL NULL */ /* ** CAPI3REF: Tracing And Profiling Functions diff --git a/src/tclsqlite.c b/src/tclsqlite.c index e3e5628b1..1e8191252 100644 --- a/src/tclsqlite.c +++ b/src/tclsqlite.c @@ -914,6 +914,7 @@ static int auth_callback( case SQLITE_DROP_VTABLE : zCode="SQLITE_DROP_VTABLE"; break; case SQLITE_FUNCTION : zCode="SQLITE_FUNCTION"; break; case SQLITE_SAVEPOINT : zCode="SQLITE_SAVEPOINT"; break; + case SQLITE_RECURSIVE : zCode="SQLITE_RECURSIVE"; break; default : zCode="????"; break; } Tcl_DStringInit(&str); diff --git a/test/auth.test b/test/auth.test index 5e91b33ea..43e53ef2e 100644 --- a/test/auth.test +++ b/test/auth.test @@ -2080,6 +2080,42 @@ ifcapable {altertable} { execsql {DROP TABLE t5} } ;# ifcapable altertable +ifcapable {cte} { + do_test auth-1.310 { + proc auth {code arg1 arg2 arg3 arg4} { + if {$code=="SQLITE_RECURSIVE"} { + return SQLITE_DENY + } + return SQLITE_OK + } + db eval { + DROP TABLE IF EXISTS t1; + CREATE TABLE t1(a,b); + INSERT INTO t1 VALUES(1,2),(3,4),(5,6); + } + } {} + do_catchsql_test auth-1.311 { + WITH + auth1311(x,y) AS (SELECT a+b, b-a FROM t1) + SELECT * FROM auth1311 ORDER BY x; + } {0 {3 1 7 1 11 1}} + do_catchsql_test auth-1.312 { + WITH RECURSIVE + auth1312(x,y) AS (SELECT a+b, b-a FROM t1) + SELECT x, y FROM auth1312 ORDER BY x; + } {0 {3 1 7 1 11 1}} + do_catchsql_test auth-1.313 { + WITH RECURSIVE + auth1313(x) AS (VALUES(1) UNION ALL SELECT x+1 FROM auth1313 WHERE x<5) + SELECT * FROM t1; + } {0 {1 2 3 4 5 6}} + do_catchsql_test auth-1.314 { + WITH RECURSIVE + auth1314(x) AS (VALUES(1) UNION ALL SELECT x+1 FROM auth1314 WHERE x<5) + SELECT * FROM t1 LEFT JOIN auth1314; + } {1 {not authorized}} +} ;# ifcapable cte + do_test auth-2.1 { proc auth {code arg1 arg2 arg3 arg4} { if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} { |