aboutsummaryrefslogtreecommitdiff
path: root/src/resolve.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/resolve.c')
-rw-r--r--src/resolve.c21
1 files changed, 15 insertions, 6 deletions
diff --git a/src/resolve.c b/src/resolve.c
index 31b443ed8..929c8743f 100644
--- a/src/resolve.c
+++ b/src/resolve.c
@@ -886,14 +886,23 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
no_such_func = 1;
pDef = 0;
}else
- if( (pDef->funcFlags & SQLITE_FUNC_DIRECT)!=0
- && ExprHasProperty(pExpr, EP_Indirect)
+ if( (pDef->funcFlags & (SQLITE_FUNC_DIRECT|SQLITE_FUNC_UNSAFE))!=0
+ && ExprHasProperty(pExpr, EP_FromDDL)
&& !IN_RENAME_OBJECT
){
- /* Functions tagged with SQLITE_DIRECTONLY may not be used
- ** inside of triggers and views */
- sqlite3ErrorMsg(pParse, "%s() prohibited in triggers and views",
- pDef->zName);
+ if( (pDef->funcFlags & SQLITE_FUNC_DIRECT)!=0
+ || (pParse->db->flags & SQLITE_TrustedSchema)==0
+ ){
+ /* Functions prohibited in triggers and views if:
+ ** (1) tagged with SQLITE_DIRECTONLY
+ ** (2) not tagged with SQLITE_INNOCUOUS (which means it
+ ** is tagged with SQLITE_FUNC_UNSAFE) and
+ ** SQLITE_DBCONFIG_UNTRUSTED_SCHEMA is off (meaning
+ ** that the schema is fully trustworthy).
+ */
+ sqlite3ErrorMsg(pParse, "%s() prohibited in triggers and views",
+ pDef->zName);
+ }
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-19 22:33:35 +0000