-C Add\stests\sto\sinsure\sVACUUM\sworks\sin\sthe\spresence\sof\sI/O\serrors.\s\sFix\ssome\nproblems\sthat\scame\sto\slight\sby\sthese\stests.\s(CVS\s935)
-D 2003-04-25T15:37:58
+C Report\sthe\scorrect\sauthorization\scontext\sin\sthe\sauthorization\scallback\nwhen\scoding\san\sINSTEAD\sOF\strigger\son\san\supdate\sor\sdelete.\s(CVS\s936)
+D 2003-04-25T17:52:11
F Makefile.in 004acec253ecdde985c8ecd5b7c9accdb210378f
F Makefile.linux-gcc b86a99c493a5bfb402d1d9178dcdc4bd4b32f906
F README f1de682fbbd94899d50aca13d387d1b3fd3be2dd
F sqlite.1 83f4a9d37bdf2b7ef079a82d54eaf2e3509ee6ea
F sqlite.pc.in 30552343140c53304c2a658c080fbe810cd09ca2
F src/attach.c 7ebc7487de43e357a64226f8abef81f2669f2183
-F src/auth.c a4afd27964fb9f661147115790c8ae2ee230ebcc
+F src/auth.c 3be3c7434592117f049703966b940e0b07088ae2
F src/btree.c 077d75aee4ed63f3628698611ba43c87097d458d
F src/btree.h 23c50e00709de16a5dce1fcea9c0429cc955ff0e
F src/btree_rb.c 8e00e40be264716e1929987878672e55d9e0e76d
F src/build.c d5a26baeffa5bc49b4b7009a7723c6ab7e1b02d9
F src/copy.c 44b13fd4d2444fb53bff8a5ecee1c5f6f86a8263
-F src/delete.c 23d33fd8967c6cc492943bbecea93be6491edc6a
+F src/delete.c 0f7c26aaebc417ad66a2a1099e59cc4056512c31
F src/encode.c faf03741efe921755ec371cf4a6984536de00042
F src/expr.c 46e2bb93abd6c70e67c8cdc5d92fdcd0b95498f3
F src/func.c 882c3ed5a02be18cd904715c7ec62947a34a3605
F src/shell.c e0b3da1f44a2cc72daf41a4559b1c5f0545944a5
F src/shell.tcl 27ecbd63dd88396ad16d81ab44f73e6c0ea9d20e
F src/sqlite.h.in eec06462cba262c0ee03f38462a18a4bc66dda4e
-F src/sqliteInt.h 5d15d1dea3f0c497a78c6a123eec5b4b92811c1c
+F src/sqliteInt.h 0c7474068c37a5aad715810c8190266edcbd4f4c
F src/table.c eed2098c9b577aa17f8abe89313a9c4413f57d63
F src/tclsqlite.c 9e25f98f1765afa0716144ef57abda75c88f688d
F src/test1.c 4484806861a3099670188a09e12f858ec65aa56c
F src/test3.c 30985ebdfaf3ee1462a9b0652d3efbdc8d9798f5
F src/threadtest.c d641a5219e718e18a1a80a50eb9bb549f451f42e
F src/tokenize.c 067d1a477a94af7712ca74e09aaa6bd0f7299527
-F src/trigger.c e763f4015c96e06b694184ead5754985c1dfdae0
-F src/update.c b7fa7c427b74aee6db56ecfa09e5e151e6f9fa6a
+F src/trigger.c 62d1e1b837a98f1fa7511c77977d51c8516ddb65
+F src/update.c f40376ed2e092a7040c6fc6fa0add59fad5c5e76
F src/util.c 87635cfdfffa056a8d3147719357aa442374f78c
F src/vacuum.c 14ac3073203fa021e01ffe33db56968ad79a8344
F src/vdbe.c 48098080d2b5d35d4cc28ac2a4855c7730f6ee7b
F src/where.c f632cd30f013163484a4d60c249d36fe31f5be12
F test/all.test 569a92a8ee88f5300c057cc4a8f50fbbc69a3242
F test/attach.test b311c83e370e6b22b79a8279317039440ce64862
-F test/auth.test d25a76f21494b61483787caa7b28c713bc7c7c7f
+F test/auth.test dee78be1f4f920bd6b15c4c947ce4d01bfe2826d
F test/bigfile.test 1cd8256d4619c39bea48147d344f348823e78678
F test/bigrow.test 8ab252dba108f12ad64e337b0f2ff31a807ac578
F test/btree.test 1e3463c7838e7e71bbf37c9c6e45beee9c8975ba
F www/sqlite.tcl ae3dcfb077e53833b59d4fcc94d8a12c50a44098
F www/tclsqlite.tcl 1db15abeb446aad0caf0b95b8b9579720e4ea331
F www/vdbe.tcl 2013852c27a02a091d39a766bc87cff329f21218
-P c3b1f84dfce13b2523c9923e4270577862ca0595
-R 40330553c4eb619fb11602a7f62ead1c
+P 8d3e879349fc9523c72cb46111e0058b57ce9341
+R fbd9cacc0c39e890456b02e579584ea3
U drh
-Z 09a1f9c6aa9e8c12d787618e6052f340
+Z d170dde2366e1aeda159869f0f0e19bb
-8d3e879349fc9523c72cb46111e0058b57ce9341
\ No newline at end of file
+67746833fc8de3afff80db413bd63a362bb28218
\ No newline at end of file
** systems that do not need this facility may omit it by recompiling
** the library with -DSQLITE_OMIT_AUTHORIZATION=1
**
-** $Id: auth.c,v 1.7 2003/04/24 01:45:04 drh Exp $
+** $Id: auth.c,v 1.8 2003/04/25 17:52:11 drh Exp $
*/
#include "sqliteInt.h"
return rc;
}
+/*
+** Push an authorization context. After this routine is called, the
+** zArg3 argument to authorization callbacks will be zContext until
+** popped. Or if pParse==0, this routine is a no-op.
+*/
+void sqliteAuthContextPush(
+ Parse *pParse,
+ AuthContext *pContext,
+ const char *zContext
+){
+ pContext->pParse = pParse;
+ if( pParse ){
+ pContext->zAuthContext = pParse->zAuthContext;
+ pParse->zAuthContext = zContext;
+ }
+}
+
+/*
+** Pop an authorization context that was previously pushed
+** by sqliteAuthContextPush
+*/
+void sqliteAuthContextPop(AuthContext *pContext){
+ if( pContext->pParse ){
+ pContext->pParse->zAuthContext = pContext->zAuthContext;
+ pContext->pParse = 0;
+ }
+}
+
#endif /* SQLITE_OMIT_AUTHORIZATION */
** This file contains C code routines that are called by the parser
** to handle DELETE FROM statements.
**
-** $Id: delete.c,v 1.54 2003/04/24 01:45:04 drh Exp $
+** $Id: delete.c,v 1.55 2003/04/25 17:52:11 drh Exp $
*/
#include "sqliteInt.h"
int base; /* Index of the first available table cursor */
sqlite *db; /* Main database structure */
int isView; /* True if attempting to delete from a view */
+ AuthContext sContext; /* Authorization context */
int row_triggers_exist = 0; /* True if any triggers exist */
int before_triggers; /* True if there are BEFORE triggers */
int after_triggers; /* True if there are AFTER triggers */
int oldIdx = -1; /* Cursor for the OLD table of AFTER triggers */
+ sContext.pParse = 0;
if( pParse->nErr || sqlite_malloc_failed ){
pTabList = 0;
goto delete_from_cleanup;
}
}
+ /* Start the view context
+ */
+ if( isView ){
+ sqliteAuthContextPush(pParse, &sContext, pTab->zName);
+ }
+
/* Begin generating code.
*/
v = sqliteGetVdbe(pParse);
}
delete_from_cleanup:
+ sqliteAuthContextPop(&sContext);
sqliteSrcListDelete(pTabList);
sqliteExprDelete(pWhere);
return;
*************************************************************************
** Internal interface definitions for SQLite.
**
-** @(#) $Id: sqliteInt.h,v 1.180 2003/04/24 01:45:04 drh Exp $
+** @(#) $Id: sqliteInt.h,v 1.181 2003/04/25 17:52:11 drh Exp $
*/
#include "config.h"
#include "sqlite.h"
typedef struct TriggerStack TriggerStack;
typedef struct FKey FKey;
typedef struct Db Db;
+typedef struct AuthContext AuthContext;
/*
** Each database file to be accessed by the system is an instance
TriggerStack *trigStack; /* Trigger actions being coded */
};
+/*
+** An instance of the following structure can be declared on a stack and used
+** to save the Parse.zAuthContext value so that it can be restored later.
+*/
+struct AuthContext {
+ const char *zAuthContext; /* Put saved Parse.zAuthContext here */
+ Parse *pParse; /* The Parse structure */
+};
+
/*
* Each trigger present in the database schema is stored as an instance of
* struct Trigger.
#ifndef SQLITE_OMIT_AUTHORIZATION
void sqliteAuthRead(Parse*,Expr*,SrcList*,int);
int sqliteAuthCheck(Parse*,int, const char*, const char*, const char*);
+ void sqliteAuthContextPush(Parse*, AuthContext*, const char*);
+ void sqliteAuthContextPop(AuthContext*);
#else
# define sqliteAuthRead(a,b,c,d)
# define sqliteAuthCheck(a,b,c,d) SQLITE_OK
+# define sqliteAuthContextPush(a,b,c)
+# define sqliteAuthContextPop(a)
#endif
void sqliteAttach(Parse*, Token*, Token*);
void sqliteDetach(Parse*, Token*);
int endTrigger;
SrcList dummyTablist;
Expr * whenExpr;
- const char *zSavedAuthContext;
+ AuthContext sContext;
dummyTablist.nSrc = 0;
pTriggerStack->pNext = pParse->trigStack;
pTriggerStack->ignoreJump = ignoreJump;
pParse->trigStack = pTriggerStack;
- zSavedAuthContext = pParse->zAuthContext;
- pParse->zAuthContext = pTrigger->name;
+ sqliteAuthContextPush(pParse, &sContext, pTrigger->name);
/* code the WHEN clause */
endTrigger = sqliteVdbeMakeLabel(pParse->pVdbe);
/* Pop the entry off the trigger stack */
pParse->trigStack = pParse->trigStack->pNext;
- pParse->zAuthContext = zSavedAuthContext;
+ sqliteAuthContextPop(&sContext);
sqliteFree(pTriggerStack);
sqliteVdbeResolveLabel(pParse->pVdbe, endTrigger);
** This file contains C code routines that are called by the parser
** to handle UPDATE statements.
**
-** $Id: update.c,v 1.63 2003/04/24 01:45:05 drh Exp $
+** $Id: update.c,v 1.64 2003/04/25 17:52:11 drh Exp $
*/
#include "sqliteInt.h"
Expr *pRecnoExpr; /* Expression defining the new record number */
int openAll; /* True if all indices need to be opened */
int isView; /* Trying to update a view */
+ AuthContext sContext; /* The authorization context */
int before_triggers; /* True if there are any BEFORE triggers */
int after_triggers; /* True if there are any AFTER triggers */
int newIdx = -1; /* index of trigger "new" temp table */
int oldIdx = -1; /* index of trigger "old" temp table */
+ sContext.pParse = 0;
if( pParse->nErr || sqlite_malloc_failed ) goto update_cleanup;
db = pParse->db;
assert( pTabList->nSrc==1 );
if( sqliteIsReadOnly(pParse, pTab, before_triggers) ){
goto update_cleanup;
}
- if( isView && sqliteViewGetColumnNames(pParse, pTab) ){
- goto update_cleanup;
+ if( isView ){
+ if( sqliteViewGetColumnNames(pParse, pTab) ){
+ goto update_cleanup;
+ }
}
aXRef = sqliteMalloc( sizeof(int) * pTab->nCol );
if( aXRef==0 ) goto update_cleanup;
pParse->nTab++;
}
- /* Resolve the column names in all the expressions in both the
- ** WHERE clause and in the new values. Also find the column index
+ /* Resolve the column names in all the expressions of the
+ ** of the UPDATE statement. Also find the column index
** for each column to be updated in the pChanges array. For each
** column to be updated, make sure we have authorization to change
** that column.
*/
- if( pWhere ){
- if( sqliteExprResolveIds(pParse, base, pTabList, 0, pWhere) ){
- goto update_cleanup;
- }
- if( sqliteExprCheck(pParse, pWhere, 0, 0) ){
- goto update_cleanup;
- }
- }
chngRecno = 0;
for(i=0; i<pChanges->nExpr; i++){
if( sqliteExprResolveIds(pParse, base, pTabList, 0, pChanges->a[i].pExpr) ){
}
}
+ /* Resolve the column names in all the expressions in the
+ ** WHERE clause.
+ */
+ if( pWhere ){
+ if( sqliteExprResolveIds(pParse, base, pTabList, 0, pWhere) ){
+ goto update_cleanup;
+ }
+ if( sqliteExprCheck(pParse, pWhere, 0, 0) ){
+ goto update_cleanup;
+ }
+ }
+
+ /* Start the view context
+ */
+ if( isView ){
+ sqliteAuthContextPush(pParse, &sContext, pTab->zName);
+ }
+
/* Begin generating code.
*/
v = sqliteGetVdbe(pParse);
** a temporary table.
*/
if( isView ){
- Select *pView = sqliteSelectDup(pTab->pSelect);
+ Select *pView;
+ pView = sqliteSelectDup(pTab->pSelect);
sqliteSelect(pParse, pView, SRT_TempTable, base, 0, 0, 0);
sqliteSelectDelete(pView);
}
}
update_cleanup:
+ sqliteAuthContextPop(&sContext);
sqliteFree(apIdx);
sqliteFree(aXRef);
sqliteSrcListDelete(pTabList);
# focus of this script is testing the ATTACH and DETACH commands
# and related functionality.
#
-# $Id: auth.test,v 1.8 2003/04/22 20:30:40 drh Exp $
+# $Id: auth.test,v 1.9 2003/04/25 17:52:11 drh Exp $
#
set testdir [file dirname $argv0]
}
} {12 112 2 2 {} {} 8 108 8 8 {} {}}
+# Make sure the names of views and triggers are passed on on arg4.
+#
+do_test auth-4.1 {
+ proc auth {code arg1 arg2 arg3 arg4} {
+ lappend ::authargs $code $arg1 $arg2 $arg3 $arg4
+ return SQLITE_OK
+ }
+ set authargs {}
+ execsql {
+ UPDATE t2 SET a=a+1;
+ }
+ set authargs
+} [list \
+ SQLITE_READ t2 a main {} \
+ SQLITE_UPDATE t2 a main {} \
+ SQLITE_INSERT tx {} main r1 \
+ SQLITE_READ t2 a main r1 \
+ SQLITE_READ t2 a main r1 \
+ SQLITE_READ t2 b main r1 \
+ SQLITE_READ t2 b main r1 \
+ SQLITE_READ t2 c main r1 \
+ SQLITE_READ t2 c main r1]
+do_test auth-4.2 {
+ execsql {
+ CREATE VIEW v1 AS SELECT a+b AS x FROM t2;
+ CREATE TABLE v1chng(x1,x2);
+ CREATE TRIGGER r2 INSTEAD OF UPDATE ON v1 BEGIN
+ INSERT INTO v1chng VALUES(OLD.x,NEW.x);
+ END;
+ SELECT * FROM v1;
+ }
+} {115 117}
+do_test auth-4.3 {
+ set authargs {}
+ execsql {
+ UPDATE v1 SET x=1 WHERE x=117
+ }
+ set authargs
+} [list \
+ SQLITE_UPDATE v1 x main {} \
+ SQLITE_READ v1 x main {} \
+ SQLITE_SELECT {} {} {} v1 \
+ SQLITE_READ t2 a main v1 \
+ SQLITE_READ t2 b main v1 \
+ SQLITE_INSERT v1chng {} main r2 \
+ SQLITE_READ v1 x main r2 \
+ SQLITE_READ v1 x main r2]
+do_test auth-4.4 {
+ execsql {
+ CREATE TRIGGER r3 INSTEAD OF DELETE ON v1 BEGIN
+ INSERT INTO v1chng VALUES(OLD.x,NULL);
+ END;
+ SELECT * FROM v1;
+ }
+} {115 117}
+do_test auth-4.5 {
+ set authargs {}
+ execsql {
+ DELETE FROM v1 WHERE x=117
+ }
+ set authargs
+} [list \
+ SQLITE_DELETE v1 {} main {} \
+ SQLITE_READ v1 x main {} \
+ SQLITE_SELECT {} {} {} v1 \
+ SQLITE_READ t2 a main v1 \
+ SQLITE_READ t2 b main v1 \
+ SQLITE_INSERT v1chng {} main r3 \
+ SQLITE_READ v1 x main r3]
finish_test
projects / thirdparty / sqlite.git / commitdiff
