Documentation improvements.

FossilOrigin-Name: 535afe150939d06342fbbed4ca1b6a1472fde51ac9edd4b4b583b87d90f509c2

diff --git a/manifest b/manifest
index c08011a4186164db72dfbf264d31068b688631d0..ce71df5195381eb18d36e8e696c8365d5ea16e44 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C In\sthe\sTCL\sinterface,\sadd\sthe\sability\sto\schange\sthe\nSQLITE_DBCONFIG_TRUSTED_SCHEMA\ssetting\susing\sthe\s"db\sconfig"\smethod.
-D 2020-01-18T22:20:14.429
+C Documentation\simprovements.
+D 2020-01-18T23:52:45.348
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -533,7 +533,7 @@ F src/resolve.c f0781c9e180028b279bc4ff079ad54f4727223d470c8d2343643fcaf79b67740
 F src/rowset.c d977b011993aaea002cab3e0bb2ce50cf346000dff94e944d547b989f4b1fe93
 F src/select.c 1b787876c0f3052ccd27490a350ab181281e9833f455ee273bee0a0c8a94765d
 F src/shell.c.in 1b2a636ba5b676f844a2af2a5f719b5c4ace7c6825d56270e2ae912b2a5fc840
-F src/sqlite.h.in 8ec22eb7e2a3d391be7d13024755bfd65a5ef6a752c0469b0f652162270d38b6
+F src/sqlite.h.in 71e469c466eccd7d76da5938f2e236b92d089b5acb930f1c8cb6ce2fa6b247b0
 F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
 F src/sqlite3ext.h b0f776a0d042b23b6bcbb6b0943e8a3768c7f0b438a275e7168f0204e223a4db
 F src/sqliteInt.h 7a29ba700a51eeb925731749a570cf3859f6a58ed94797ecf47508875b0ba279
@@ -1857,7 +1857,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 8c8ce526adb60b8061e55151599ca8b11f1ec2e968d3bacc73a2a249e9e95ee1
-R ec478fb26dbc9dcbaf2d54caefd8db72
+P 1accfa8cf05856b03cecab7a2cd0c0337842a0003cfbec207b6f0acdd93e8f15
+R 29b7711c1f60da42c820d7e3846b599d
 U drh
-Z 9d0667f67a9f685f4dfa2d4200f19001
+Z 20349bd0de5a257598311cb224dc97d2

diff --git a/manifest.uuid b/manifest.uuid
index 481a77d71794c546cc635074e3c56d41d5857d9e..c8e714af7ca2e2927be8801e0d80d3e55f370e14 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-1accfa8cf05856b03cecab7a2cd0c0337842a0003cfbec207b6f0acdd93e8f15
\ No newline at end of file
+535afe150939d06342fbbed4ca1b6a1472fde51ac9edd4b4b583b87d90f509c2
\ No newline at end of file

diff --git a/src/sqlite.h.in b/src/sqlite.h.in
index a9f56aabed98e30e9b8a1f297c8f639ac4dff384..7ac66c3fb1a1e4b2394f6f2a4145752a4e75827e 100644 (file)
--- a/src/sqlite.h.in
+++ b/src/sqlite.h.in
@@ -4973,9 +4973,20 @@ int sqlite3_reset(sqlite3_stmt *pStmt);
 **
 ** ^The fourth parameter may also optionally include the [SQLITE_DIRECTONLY]
 ** flag, which if present prevents the function from being invoked from
-** within VIEWs or TRIGGERs.  For security reasons, the [SQLITE_DIRECTONLY]
-** flag is recommended for any application-defined SQL function that has
-** side-effects.
+** within VIEWs, TRIGGERs, CHECK constraints, generated column expressions,
+** index expressions, or the WHERE clause of partial indexes.
+**
+** <span style="background-color:#ffff90;">
+** For best security, the [SQLITE_DIRECTONLY] flag is recommended for
+** all application-defined SQL functions that do not need to be
+** used inside of triggers, view, CHECK constraints, or other elements of
+** the database schema.  This flags is especially recommended for SQL 
+** functions that have side effects or reveal internal application state.
+** Without this flag, an attacker might be able to modify the schema of
+** a database file to include invocations of the function with parameters
+** chosen by the attacker, which the application will then execute when
+** the database file is opened and read.
+** </span>
 **
 ** ^(The fifth parameter is an arbitrary pointer.  The implementation of the
 ** function can gain access to this pointer using [sqlite3_user_data()].)^
@@ -5101,18 +5112,20 @@ int sqlite3_create_window_function(
 ** The [abs|abs() function] is deterministic, for example, but
 ** [randomblob|randomblob()] is not.  Functions must
 ** be deterministic in order to be used in certain contexts such as
-** [CHECK constraints] or [generated columns].  SQLite might also optimize
-** deterministic functions by factoring them out of inner loops.
+** with the WHERE clause of [partial indexes] or in [generated columns].
+** SQLite might also optimize deterministic functions by factoring them
+** out of inner loops.
 ** </dd>
 ** 
 ** [[SQLITE_DIRECTONLY]] <dt>SQLITE_DIRECTONLY</dt><dd>
 ** The SQLITE_DIRECTONLY flag means that the function may only be invoked
 ** from top-level SQL, and cannot be used in VIEWs or TRIGGERs nor in 
 ** schema structures such as [CHECK constraints], [DEFAULT clauses],
-** [expression indexes], [partial indexes], or [generated columns].  This is
-** a security feature which is recommended for all 
-** [application-defined SQL functions] that have side-effects or that
-** could potentially leak sensitive information.
+** [expression indexes], [partial indexes], or [generated columns].
+** The SQLITE_DIRECTONLY flags is a security feature which is recommended
+** for all [application-defined SQL functions], and especially for functions
+** that have side-effects or that could potentially leak sensitive
+** information.
 ** </dd>
 **
 ** [[SQLITE_INNOCUOUS]] <dt>SQLITE_INNOCUOUS</dt><dd>