Disable the authorizer callback when reparsing the schema. This avoids

author drh <drh@noemail.net>

Thu, 28 Jul 2016 18:38:13 +0000 (18:38 +0000)

committer drh <drh@noemail.net>

Thu, 28 Jul 2016 18:38:13 +0000 (18:38 +0000)
author drh <drh@noemail.net>
Thu, 28 Jul 2016 18:38:13 +0000 (18:38 +0000)
committer drh <drh@noemail.net>
Thu, 28 Jul 2016 18:38:13 +0000 (18:38 +0000)
diff --git a/manifest b/manifest

index c71c10048d20b1eb84c907875e6092e034f55f02..b3d969ce8706f7c4aeba6c7afce1f68e49263528 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Improvements\sto\sthe\sway\sthe\sCOMPILER\scompile-time\soption\sis\sset\swhen\scompiling\nwith\sClang.
-D 2016-07-28T17:24:16.495
+C Disable\sthe\sauthorizer\scallback\swhen\sreparsing\sthe\sschema.\s\sThis\savoids\nundesirable\sauthorization\sfailures\sfollowing\san\sALTER\sTABLE.
+D 2016-07-28T18:38:13.187
  F Makefile.in 6c20d44f72d4564f11652b26291a214c8367e5db
  F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434
  F Makefile.msc d66d0395c38571aab3804f8db0fa20707ae4609a
@@ -323,7 +323,7 @@ F sqlite3.pc.in 48fed132e7cb71ab676105d2a4dc77127d8c1f3a
  F src/alter.c cc28ab933ae615b22add0d609794ffb6596b42ea
  F src/analyze.c 37fedc80ac966ce1745811746e68e4d8fa64c7fe
  F src/attach.c 771153bd1f4ab0b97a44a13dde2c7e5e1efeba22
-F src/auth.c b56c78ebe40a2110fd361379f7e8162d23f92240
+F src/auth.c 5c8e0f37f785f935f589496801edd19840485853
  F src/backup.c 6df65fdd569c901a418887a1a76f82ec35044556
  F src/bitvec.c 3ee4c8b2c94ed3a7377256e18199e6ff5cf33f63
  F src/btmutex.c bc87dd3b062cc26edfe79918de2200ccb8d41e73
@@ -506,8 +506,8 @@ F test/attach3.test 359eb65d00102cdfcef6fa4e81dc1648f8f80b27
  F test/attach4.test 53bf502f17647c6d6c5add46dda6bac8b6f4665c
  F test/attachmalloc.test 3a4bfca9545bfe906a8d2e622de10fbac5b711b0
  F test/auth.test 872a122b3977c1d1bb9fd637dc20016e5c01880f
-F test/auth2.test 264c6af53cad9aba5218c68bbe18036e39007bfa
-F test/auth3.test 5cfa94ed90c6617c42b7ba4b133fd79678b251c7
+F test/auth2.test 9eb7fce9f34bf1f50d3f366fb3e606be5a2000a1
+F test/auth3.test b810826b193831929951c0d50783a200e5ef6b72
  F test/autoinc.test c58912526998a39e11f66b533e23cfabea7f25b7
  F test/autoindex1.test 14b63a9f1e405fe6d5bfc8c8d00249c2ebaf13ea
  F test/autoindex2.test 12ef578928102baaa0dc23ad397601a2f4ecb0df
@@ -1508,7 +1508,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
  F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
  F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
  F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 6feff15cae8f0427be790355841d49c479c1c586
-R 675b3da4289ec2d84ea94ee475054664
+P 81f9cf86c48f3cd43755ded4dc97388ec650f8af
+R ae8bfc7314166cec8de9b44e7e9859e8
  U drh
-Z 0881f39f36c917424fb94c651f3aec11
+Z 7b0f6930a62d02daa8f4147d6dafd3a6
diff --git a/manifest.uuid b/manifest.uuid

index 060502d9322292175b0759fd39790be95d56e6ea..53827a11618ea6b38117a716b07366e4cd24c2d4 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-81f9cf86c48f3cd43755ded4dc97388ec650f8af
-\ No newline at end of file
+805d01cdabb48a69eb986a7f084e53eb25d76b7f
+\ No newline at end of file
diff --git a/src/auth.c b/src/auth.c

index 9768fc2fc0efbd8393557d7b60af3216bde16de1..8a3f8e7d08b1bd626722ae3a480cb66cee8de84f 100644 (file)
--- a/src/auth.c
+++ b/src/auth.c
@@ -111,6 +111,7 @@ int sqlite3AuthReadCol(
    char *zDb = db->aDb[iDb].zName; /* Name of attached database */
    int rc;                         /* Auth callback return code */
  
+  if( db->init.busy ) return SQLITE_OK;
    rc = db->xAuth(db->pAuthArg, SQLITE_READ, zTab,zCol,zDb,pParse->zAuthContext
  #ifdef SQLITE_USER_AUTHENTICATION
                   ,db->auth.zAuthUser
diff --git a/test/auth2.test b/test/auth2.test

index a9d64d08af837e4b2d7fc7c3e26b5a6b2e524029..08d46cac57f471324ff99999e655031145bed4c8 100644 (file)
--- a/test/auth2.test
+++ b/test/auth2.test
@@ -98,12 +98,6 @@ SQLITE_UPDATE sqlite_master tbl_name main {}
  SQLITE_UPDATE sqlite_master rootpage main {}
  SQLITE_UPDATE sqlite_master sql main {}
  SQLITE_READ sqlite_master ROWID main {}
-SQLITE_READ sqlite_master name main {}
-SQLITE_READ sqlite_master rootpage main {}
-SQLITE_READ sqlite_master sql main {}
-SQLITE_READ sqlite_master tbl_name main {}
-SQLITE_READ sqlite_master type main {}
-SQLITE_READ sqlite_master ROWID main {}
  }
  do_test auth2-2.2 {
    set ::authargs {}
@@ -119,12 +113,6 @@ SQLITE_UPDATE sqlite_master tbl_name main {}
  SQLITE_UPDATE sqlite_master rootpage main {}
  SQLITE_UPDATE sqlite_master sql main {}
  SQLITE_READ sqlite_master ROWID main {}
-SQLITE_READ sqlite_master name main {}
-SQLITE_READ sqlite_master rootpage main {}
-SQLITE_READ sqlite_master sql main {}
-SQLITE_READ sqlite_master tbl_name main {}
-SQLITE_READ sqlite_master type main {}
-SQLITE_READ sqlite_master ROWID main {}
  }
  do_test auth2-2.3 {
    set ::authargs {}
diff --git a/test/auth3.test b/test/auth3.test

index eef10b398f03f43d4b0b62b55cb94aac846c6dcc..ca7e16c84c3f9db992f51d68063fa2f528896123 100644 (file)
--- a/test/auth3.test
+++ b/test/auth3.test
@@ -12,8 +12,7 @@
  # Test that the truncate optimization is disabled if the SQLITE_DELETE
  # authorization callback returns SQLITE_IGNORE.
  #
-# $Id: auth3.test,v 1.2 2009/05/04 01:58:31 drh Exp $
-#
+# Test that authorizer is disabled during schema parsing.
  
  set testdir [file dirname $argv0]
  source $testdir/tester.tcl
@@ -108,4 +107,22 @@ do_test auth3-2.2 {
    set sqlite_search_count
  } {1}
  
+# 2016-07-28.  A problem report from a private client complaining about
+# an authorizer failure during an ALTER TABLE.  The solution (I think) is
+# to disable the authorizer during schema parsing.
+#
+proc auth {code args} {
+  if {$code=="SQLITE_READ" && [regexp {DoNotRead} $args]} {
+    return SQLITE_DENY
+  }
+  return SQLITE_OK
+}
+do_execsql_test auth3-3.0 {
+  CREATE TEMPORARY TABLE TempTable (
+      key TEXT NOT NULL ON CONFLICT FAIL UNIQUE ON CONFLICT REPLACE,
+      value TEXT NOT NULL ON CONFLICT FAIL);
+  ALTER TABLE TempTable RENAME TO DoNotRead;
+  SELECT name FROM sqlite_temp_master;
+} {DoNotRead sqlite_autoindex_DoNotRead_1}
+
  finish_test
author	drh <drh@noemail.net>
	Thu, 28 Jul 2016 18:38:13 +0000 (18:38 +0000)
committer	drh <drh@noemail.net>
	Thu, 28 Jul 2016 18:38:13 +0000 (18:38 +0000)
manifest		patch \| blob \| blame \| history
manifest.uuid		patch \| blob \| blame \| history
src/auth.c		patch \| blob \| blame \| history
test/auth2.test		patch \| blob \| blame \| history
test/auth3.test		patch \| blob \| blame \| history