diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/expr.c | 39 | ||||
| -rw-r--r-- | src/resolve.c | 23 | ||||
| -rw-r--r-- | src/sqliteInt.h | 1 |
3 files changed, 44 insertions, 19 deletions
diff --git a/src/expr.c b/src/expr.c index 4e8703e55..7d712ad67 100644 --- a/src/expr.c +++ b/src/expr.c @@ -974,6 +974,41 @@ Expr *sqlite3ExprFunction( } /* +** Check to see if a function is usable according to current access +** rules: +** +** SQLITE_FUNC_DIRECT - Only usable from top-level SQL +** +** SQLITE_FUNC_UNSAFE - Usable if TRUSTED_SCHEMA or from +** top-level SQL +** +** If the function is not usable, create an error. +*/ +void sqlite3ExprFunctionUsable( + Parse *pParse, /* Parsing and code generating context */ + Expr *pExpr, /* The function invocation */ + FuncDef *pDef /* The function being invoked */ +){ + assert( !IN_RENAME_OBJECT ); + if( (pDef->funcFlags & (SQLITE_FUNC_DIRECT|SQLITE_FUNC_UNSAFE))!=0 + && ExprHasProperty(pExpr, EP_FromDDL) + ){ + if( (pDef->funcFlags & SQLITE_FUNC_DIRECT)!=0 + || (pParse->db->flags & SQLITE_TrustedSchema)==0 + ){ + /* Functions prohibited in triggers and views if: + ** (1) tagged with SQLITE_DIRECTONLY + ** (2) not tagged with SQLITE_INNOCUOUS (which means it + ** is tagged with SQLITE_FUNC_UNSAFE) and + ** SQLITE_DBCONFIG_TRUSTED_SCHEMA is off (meaning + ** that the schema is possibly tainted). + */ + sqlite3ErrorMsg(pParse, "unsafe use of %s()", pDef->zName); + } + } +} + +/* ** Assign a variable number to an expression that encodes a wildcard ** in the original SQL statement. ** @@ -4073,9 +4108,12 @@ expr_code_doover: break; } if( pDef->funcFlags & SQLITE_FUNC_INLINE ){ + assert( (pDef->funcFlags & SQLITE_FUNC_UNSAFE)==0 ); + assert( (pDef->funcFlags & SQLITE_FUNC_DIRECT)==0 ); return exprCodeInlineFunction(pParse, pFarg, SQLITE_PTR_TO_INT(pDef->pUserData), target); } + sqlite3ExprFunctionUsable(pParse, pExpr, pDef); for(i=0; i<nFarg; i++){ if( i<32 && sqlite3ExprIsConstant(pFarg->a[i].pExpr) ){ @@ -5740,6 +5778,7 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){ }else{ pItem->iDistinct = -1; } + sqlite3ExprFunctionUsable(pParse, pExpr, pItem->pFunc); } } /* Make pExpr point to the appropriate pAggInfo->aFunc[] entry diff --git a/src/resolve.c b/src/resolve.c index 929c8743f..16546ada4 100644 --- a/src/resolve.c +++ b/src/resolve.c @@ -876,33 +876,18 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){ }else{ assert( (NC_SelfRef & 0xff)==NC_SelfRef ); /* Must fit in 8 bits */ pExpr->op2 = pNC->ncFlags & NC_SelfRef; + if( pExpr->op2 ) ExprSetProperty(pExpr, EP_FromDDL); } if( (pDef->funcFlags & SQLITE_FUNC_INTERNAL)!=0 && pParse->nested==0 && (pParse->db->mDbFlags & DBFLAG_InternalFunc)==0 ){ /* Internal-use-only functions are disallowed unless the - ** SQL is being compiled using sqlite3NestedParse() */ + ** SQL is being compiled using sqlite3NestedParse() or + ** the SQLITE_TESTCTRL_INTERNAL_FUNCTIONS test-control has be + ** used to activate internal functionsn for testing purposes */ no_such_func = 1; pDef = 0; - }else - if( (pDef->funcFlags & (SQLITE_FUNC_DIRECT|SQLITE_FUNC_UNSAFE))!=0 - && ExprHasProperty(pExpr, EP_FromDDL) - && !IN_RENAME_OBJECT - ){ - if( (pDef->funcFlags & SQLITE_FUNC_DIRECT)!=0 - || (pParse->db->flags & SQLITE_TrustedSchema)==0 - ){ - /* Functions prohibited in triggers and views if: - ** (1) tagged with SQLITE_DIRECTONLY - ** (2) not tagged with SQLITE_INNOCUOUS (which means it - ** is tagged with SQLITE_FUNC_UNSAFE) and - ** SQLITE_DBCONFIG_UNTRUSTED_SCHEMA is off (meaning - ** that the schema is fully trustworthy). - */ - sqlite3ErrorMsg(pParse, "%s() prohibited in triggers and views", - pDef->zName); - } } } diff --git a/src/sqliteInt.h b/src/sqliteInt.h index 455403637..e56a4b3d5 100644 --- a/src/sqliteInt.h +++ b/src/sqliteInt.h @@ -4056,6 +4056,7 @@ void sqlite3PExprAddSelect(Parse*, Expr*, Select*); Expr *sqlite3ExprAnd(Parse*,Expr*, Expr*); Expr *sqlite3ExprSimplifiedAndOr(Expr*); Expr *sqlite3ExprFunction(Parse*,ExprList*, Token*, int); +void sqlite3ExprFunctionUsable(Parse*,Expr*,FuncDef*); void sqlite3ExprAssignVarNumber(Parse*, Expr*, u32); void sqlite3ExprDelete(sqlite3*, Expr*); void sqlite3ExprUnmapAndDelete(Parse*, Expr*); |