diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/auth.c | 12 | ||||
| -rw-r--r-- | src/delete.c | 9 | ||||
| -rw-r--r-- | src/tclsqlite.c | 7 |
3 files changed, 27 insertions, 1 deletions
diff --git a/src/auth.c b/src/auth.c index 77a95d4a8..dabc435b4 100644 --- a/src/auth.c +++ b/src/auth.c @@ -216,6 +216,18 @@ int sqlite3AuthCheck( if( db->xAuth==0 ){ return SQLITE_OK; } + + /* EVIDENCE-OF: R-43249-19882 The third through sixth parameters to the + ** callback are either NULL pointers or zero-terminated strings that + ** contain additional details about the action to be authorized. + ** + ** The following testcase() macros show that any of the 3rd through 6th + ** parameters can be either NULL or a string. */ + testcase( zArg1==0 ); + testcase( zArg2==0 ); + testcase( zArg3==0 ); + testcase( pParse->zAuthContext==0 ); + rc = db->xAuth(db->pAuthArg, code, zArg1, zArg2, zArg3, pParse->zAuthContext #ifdef SQLITE_USER_AUTHENTICATION ,db->auth.zAuthUser diff --git a/src/delete.c b/src/delete.c index 0683f9b9d..03c341735 100644 --- a/src/delete.c +++ b/src/delete.c @@ -350,7 +350,14 @@ void sqlite3DeleteFrom( /* Special case: A DELETE without a WHERE clause deletes everything. ** It is easier just to erase the whole table. Prior to version 3.6.5, ** this optimization caused the row change count (the value returned by - ** API function sqlite3_count_changes) to be set incorrectly. */ + ** API function sqlite3_count_changes) to be set incorrectly. + ** + ** The "rcauth==SQLITE_OK" terms is the + ** IMPLEMENATION-OF: R-17228-37124 If the action code is SQLITE_DELETE and + ** the callback returns SQLITE_IGNORE then the DELETE operation proceeds but + ** the truncate optimization is disabled and all rows are deleted + ** individually. + */ if( rcauth==SQLITE_OK && pWhere==0 && !bComplex diff --git a/src/tclsqlite.c b/src/tclsqlite.c index 9df023b45..754775e8e 100644 --- a/src/tclsqlite.c +++ b/src/tclsqlite.c @@ -1033,9 +1033,16 @@ static int auth_callback( Tcl_DString str; int rc; const char *zReply; + /* EVIDENCE-OF: R-38590-62769 The first parameter to the authorizer + ** callback is a copy of the third parameter to the + ** sqlite3_set_authorizer() interface. + */ SqliteDb *pDb = (SqliteDb*)pArg; if( pDb->disableAuth ) return SQLITE_OK; + /* EVIDENCE-OF: R-56518-44310 The second parameter to the callback is an + ** integer action code that specifies the particular action to be + ** authorized. */ switch( code ){ case SQLITE_COPY : zCode="SQLITE_COPY"; break; case SQLITE_CREATE_INDEX : zCode="SQLITE_CREATE_INDEX"; break; |