-C Enhance\sPRAGMA\sfunction_list\sto\sshow\sinternal\sfunctions\sif\sthe\sdirect\suse\nof\sinternal\sfunctions\sis\senabled\svia\sthe\sSQLITE_TESTCTRL_INTERNAL_FUNCTIONS\ntest\scontrol.
-D 2020-01-04T19:58:28.209
+C Refactor\sthe\snames\sof\sthe\snew\scontrols\sfor\srestricting\swhat\sactions\sthe\sschema\ncan\stake\sbehind\sthe\sapplication's\sback.
+D 2020-01-04T20:58:41.624
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
F src/insert.c 5ba8fd376f539240939ae76b5bc9fa7ad9a0d86e9914ecd11eb7002204138c11
F src/legacy.c d7874bc885906868cd51e6c2156698f2754f02d9eee1bae2d687323c3ca8e5aa
F src/loadext.c d74f5e7bd51f3c9d283442473eb65aef359664efd6513591c03f01881c4ae2da
-F src/main.c 5e71133fdb94908d3575998fe13430a4875dd211e0cb48bc9e684f0a616d657e
+F src/main.c 372f764daf1fd8f86ea87a2eb285faaed891300682e9fa5a2fd75c3a3e6c5af7
F src/malloc.c eaa4dc9602ce28b077f7de2eb275db2be270c5cc56d7fec5466301bd9b80e2f5
F src/mem0.c 6a55ebe57c46ca1a7d98da93aaa07f99f1059645
F src/mem1.c c12a42539b1ba105e3707d0e628ad70e611040d8f5e38cf942cee30c867083de
F src/prepare.c 6049beb71385f017af6fc320d2c75a4e50b75e280c54232442b785fbb83df057
F src/printf.c 9be6945837c839ba57837b4bc3af349eba630920fa5532aa518816defe42a7d4
F src/random.c 80f5d666f23feb3e6665a6ce04c7197212a88384
-F src/resolve.c c15dbf93b031e82fe19bfedacca72c520b616a0c02d6aac660073bf1ef5299ba
+F src/resolve.c d368864894450413a78ab5381eea7f6deb2f1f7b10c7e6ca20cb345e5a7b9281
F src/rowset.c d977b011993aaea002cab3e0bb2ce50cf346000dff94e944d547b989f4b1fe93
F src/select.c 64bf450dc0f2b37be8d2be6ff7d25a70de37ef6fb64527c68f767fe9fe47bc55
-F src/shell.c.in 69462c95793d69a16df93deabbd6d026f5f6ef6c87d9da54ed1477c03490d17b
-F src/sqlite.h.in 7f3178430f94f30a105bbaa6ed3ff44c9a16784d3d7783e306c0b9dd735ba599
+F src/shell.c.in 0fcf24b526e35eb2e02212e2504b695f79992ccc69b8be0f841276abea037008
+F src/sqlite.h.in 600fd6093a03112831e2658daac299d2a803ffcd3d7f4f6b091a447f79b4d6c2
F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
F src/sqlite3ext.h 72af51aa4e912e14cd495fb6e7fac65f0940db80ed950d90911aff292cc47ce2
-F src/sqliteInt.h 5a27f5858868acddf980dc879d02e6d1b1455853adc17ebab7376ab63fa0a505
+F src/sqliteInt.h 002066fa9a7ea1dacdca6f395968d4eed0fcf2978ac1f7528c61cb6e65f52e6e
F src/sqliteLimit.h 1513bfb7b20378aa0041e7022d04acb73525de35b80b252f1b83fedb4de6a76b
F src/status.c 9ff2210207c6c3b4d9631a8241a7d45ab1b26a0e9c84cb07a9b5ce2de9a3b278
F src/table.c b46ad567748f24a326d9de40e5b9659f96ffff34
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P b878c30f03e895bbc5c4c99c0f727d49093bb78bdc275593cf4852148579ae69
-R 2a316337c77b32f3140387723d41365c
+P 7a8d7ca726666f4384925f959df0d58f7622229e06f1b5e643a3caccd539bb6e
+R f9fb8a85043cff3871f686f554fff1c5
U drh
-Z 5d85e17177ca37ac3e27744033bcda94
+Z 2b34921532ba1ddcc3f837ba912e08b2
-7a8d7ca726666f4384925f959df0d58f7622229e06f1b5e643a3caccd539bb6e
\ No newline at end of file
+65d7d39a858c51ffd781f5a6335e029895e597aeb1e1ccdadea8ce79c8ad412f
\ No newline at end of file
{ SQLITE_DBCONFIG_DQS_DDL, SQLITE_DqsDDL },
{ SQLITE_DBCONFIG_DQS_DML, SQLITE_DqsDML },
{ SQLITE_DBCONFIG_LEGACY_FILE_FORMAT, SQLITE_LegacyFileFmt },
- { SQLITE_DBCONFIG_UNSAFE_FUNC_IN_VIEW, SQLITE_UnsafeInView },
- { SQLITE_DBCONFIG_VTAB_IN_VIEW, SQLITE_VtabInView },
+ { SQLITE_DBCONFIG_ENABLE_UNSAFE_DDL, SQLITE_UnsafeDDL },
};
unsigned int i;
rc = SQLITE_ERROR; /* IMP: R-42790-23372 */
| SQLITE_EnableTrigger
| SQLITE_EnableView
| SQLITE_CacheSpill
- | SQLITE_UnsafeInView
- | SQLITE_VtabInView
+ | SQLITE_UnsafeDDL
/* The SQLITE_DQS compile-time option determines the default settings
** for SQLITE_DBCONFIG_DQS_DDL and SQLITE_DBCONFIG_DQS_DML.
&& !IN_RENAME_OBJECT
){
if( (pDef->funcFlags & SQLITE_FUNC_DIRECT)!=0
- || (pParse->db->flags & SQLITE_UnsafeInView)==0
+ || (pParse->db->flags & SQLITE_UnsafeDDL)==0
){
/* Functions prohibited in triggers and views if:
** (1) tagged with SQLITE_DIRECTONLY
** (2) not tagged with SQLITE_INNOCUOUS (which means it
** is tagged with SQLITE_FUNC_UNSAFE) and
- ** SQLITE_DBCONFIG_UNSAFE_IN_VIEW is off
+ ** SQLITE_DBCONFIG_ENABLE_UNSAFE_DDL is off
*/
sqlite3ErrorMsg(pParse, "%s() prohibited in triggers and views",
pDef->zName);
{ "enable_fkey", SQLITE_DBCONFIG_ENABLE_FKEY },
{ "enable_qpsg", SQLITE_DBCONFIG_ENABLE_QPSG },
{ "enable_trigger", SQLITE_DBCONFIG_ENABLE_TRIGGER },
+ { "enable_unsafe_ddl", SQLITE_DBCONFIG_ENABLE_UNSAFE_DDL },
{ "enable_view", SQLITE_DBCONFIG_ENABLE_VIEW },
{ "fts3_tokenizer", SQLITE_DBCONFIG_ENABLE_FTS3_TOKENIZER },
{ "legacy_alter_table", SQLITE_DBCONFIG_LEGACY_ALTER_TABLE },
{ "no_ckpt_on_close", SQLITE_DBCONFIG_NO_CKPT_ON_CLOSE },
{ "reset_database", SQLITE_DBCONFIG_RESET_DATABASE },
{ "trigger_eqp", SQLITE_DBCONFIG_TRIGGER_EQP },
- { "unsafe_func_in_view",SQLITE_DBCONFIG_UNSAFE_FUNC_IN_VIEW },
- { "vtab_in_view", SQLITE_DBCONFIG_VTAB_IN_VIEW },
{ "writable_schema", SQLITE_DBCONFIG_WRITABLE_SCHEMA },
};
int ii, v;
** compile-time option.
** </dd>
**
-** [[SQLITE_DBCONFIG_UNSAFE_FUNC_IN_VIEW]]
-** <dt>SQLITE_DBCONFIG_UNSAFE_FUNC_IN_VIEW</td>
-** <dd>The SQLITE_DBCONFIG_UNSAFE_FUNC_IN_VIEW option activates or deactivates
-** the ability to use SQL functions that have side-effects inside of
-** triggers and views. For legacy compatibility, this setting defaults
-** to "on". Applications that are operating on untrusted database files
-** are advised to change this setting to "off". When this setting is on,
-** only functions that have no side effects are usable inside of views.
-** This prevents an attacker from modifying the schema of a database so
-** that views and/or triggers with undesirable side-effects are run when
-** the application innocently tries to access what it thinks is an ordinary
-** table.
-** </dd>
-**
-** [[SQLITE_DBCONFIG_VTAB_IN_VIEW]]
-** <dt>SQLITE_DBCONFIG_VTAB_IN_VIEW</td>
-** <dd>The SQLITE_DBCONFIG_VTAB_IN_VIEW option activates or deactivates
-** the ability to use [virtual tables] inside of triggers and views.
-** For legacy compatibility, this setting defaults
-** to "on". Applications that are operating on untrusted database files
-** are advised to change this setting to "off". Turning this setting off
-** prevents an attacker from modifying the schema of a database so
-** that views and/or triggers with undesirable side-effects are run when
-** the application innocently tries to access what it thinks is an ordinary
-** table.
+** [[SQLITE_DBCONFIG_INDIRECT_UNSAFE]]
+** <dt>SQLITE_DBCONFIG_INDIRECT_UNSAFE</td>
+** <dd>The SQLITE_DBCONFIG_INDIRECT_UNSAFE option activates or deactivates
+** the ability to use "unsafe" SQL functions and virtual tables in the
+** schema of the database. Using an SQL function or virtual table "in the
+** schema" means using the rsource in a
+** trigger, view, CHECK constraint, INDEX definition, generated column,
+** default value, or in any other context that is part of the DDL for the
+** database file. "Unsafe" SQL functions are SQL functions that are not
+** tagged with [SQLITE_INNOCUOUS].
+** <p>For legacy compatibility, the SQLITE_DBCONFIG_INDIRECT_UNSAFE setting
+** defaults to "on". Applications that are operating on untrusted database
+** files are advised to change this setting to "off".
** </dd>
**
** [[SQLITE_DBCONFIG_LEGACY_FILE_FORMAT]]
#define SQLITE_DBCONFIG_DQS_DDL 1014 /* int int* */
#define SQLITE_DBCONFIG_ENABLE_VIEW 1015 /* int int* */
#define SQLITE_DBCONFIG_LEGACY_FILE_FORMAT 1016 /* int int* */
-#define SQLITE_DBCONFIG_UNSAFE_FUNC_IN_VIEW 1017 /* int int* */
-#define SQLITE_DBCONFIG_VTAB_IN_VIEW 1018 /* int int* */
-#define SQLITE_DBCONFIG_MAX 1018 /* Largest DBCONFIG */
+#define SQLITE_DBCONFIG_ENABLE_UNSAFE_DDL 1017 /* int int* */
+#define SQLITE_DBCONFIG_MAX 1017 /* Largest DBCONFIG */
/*
** CAPI3REF: Enable Or Disable Extended Result Codes
#define SQLITE_CkptFullFSync 0x00000010 /* Use full fsync for checkpoint */
#define SQLITE_CacheSpill 0x00000020 /* OK to spill pager cache */
#define SQLITE_ShortColNames 0x00000040 /* Show short columns names */
-#define SQLITE_UnsafeInView 0x00000080 /* Allow functions with side-effect
- ** in triggers and views */
-#define SQLITE_VtabInView 0x00000100 /* Allow views and triggers to access
- ** virtual tables */
+#define SQLITE_UnsafeDDL 0x00000080 /* Allow unsafe functions and vtabs
+ ** in the schema definition */
+#define SQLITE_NullCallback 0x00000100 /* Invoke the callback once if the */
+ /* result set is empty */
#define SQLITE_IgnoreChecks 0x00000200 /* Do not enforce check constraints */
#define SQLITE_ReadUncommit 0x00000400 /* READ UNCOMMITTED in shared-cache */
#define SQLITE_NoCkptOnClose 0x00000800 /* No checkpoint on close()/DETACH */
#define SQLITE_CountRows HI(0x00001) /* Count rows changed by INSERT, */
/* DELETE, or UPDATE and return */
/* the count using a callback. */
-#define SQLITE_NullCallback HI(0000002) /* Invoke the callback once if the */
- /* result set is empty */
/* Flags used only if debugging */
#ifdef SQLITE_DEBUG
projects / thirdparty / sqlite.git / commitdiff
