# Object files for the SQLite library.
#
-LIBOBJ = btree.lo build.lo delete.lo expr.lo func.lo hash.lo insert.lo \
+LIBOBJ = auth.lo btree.lo build.lo delete.lo expr.lo func.lo hash.lo insert.lo \
main.lo opcodes.lo os.lo pager.lo parse.lo printf.lo random.lo \
select.lo table.lo tokenize.lo update.lo util.lo vdbe.lo \
where.lo trigger.lo
# All of the source code files.
#
SRC = \
+ $(TOP)/src/auth.c \
$(TOP)/src/btree.c \
$(TOP)/src/btree.h \
$(TOP)/src/build.c \
printf.lo: $(TOP)/src/printf.c $(HDR)
$(LIBTOOL) $(TCC) $(TCL_FLAGS) -c $(TOP)/src/printf.c
+auth.lo: $(TOP)/src/auth.c $(HDR)
+ $(LIBTOOL) $(TCC) $(TCL_FLAGS) -c $(TOP)/src/auth.c
+
tclsqlite: $(TOP)/src/tclsqlite.c libsqlite.la
$(LIBTOOL) $(TCC) $(TCL_FLAGS) -DTCLSH=1 -o tclsqlite \
$(TOP)/src/tclsqlite.c libsqlite.la $(LIBTCL)
# Object files for the SQLite library.
#
-LIBOBJ = btree.o build.o delete.o expr.o func.o hash.o insert.o \
+LIBOBJ = auth.o btree.o build.o delete.o expr.o func.o hash.o insert.o \
main.o opcodes.o os.o pager.o parse.o printf.o random.o \
select.o table.o tokenize.o trigger.o update.o util.o \
vdbe.o where.o tclsqlite.o
# All of the source code files.
#
SRC = \
+ $(TOP)/src/auth.c \
$(TOP)/src/btree.c \
$(TOP)/src/btree.h \
$(TOP)/src/build.c \
printf.o: $(TOP)/src/printf.c $(HDR)
$(TCCX) $(TCL_FLAGS) -c $(TOP)/src/printf.c
+auth.o: $(TOP)/src/auth.c $(HDR)
+ $(TCCX) -c $(TOP)/src/auth.c
+
tclsqlite: $(TOP)/src/tclsqlite.c libsqlite.a
$(TCCX) $(TCL_FLAGS) -DTCLSH=1 -o tclsqlite \
$(TOP)/src/tclsqlite.c libsqlite.a $(LIBTCL)
-C Remove\san\sunused\svariable\sfrom\sthe\sVDBE.\s\sTicket\s#223.\s(CVS\s826)
-D 2003-01-12T17:35:00
-F Makefile.in 868c17a1ae1c07603d491274cc8f86c04acf2a1e
+C Initial\scheck-in\sof\sthe\scode\sfor\sthe\snew\ssqlite_set_authorizer()\sAPI\sfunction.\nThe\scode\sis\smostly\suntested\sat\sthis\spoint.\s(CVS\s827)
+D 2003-01-12T18:02:17
+F Makefile.in 6606854b1512f185b8e8c779b8d7fc2750463d64
F Makefile.linux-gcc b86a99c493a5bfb402d1d9178dcdc4bd4b32f906
F README f1de682fbbd94899d50aca13d387d1b3fd3be2dd
F VERSION 0b1d326c46b00250dfbd9b1a55dc0f4b7d74febc
F install-sh 9d4de14ab9fb0facae2f48780b874848cbf2f895
F libtool c56e618713c9510a103bda6b95f3ea3900dcacd6
F ltmain.sh e9ed72eb1d690f447c13945eaf69e28af531eda1
-F main.mk 9d13839b9697af332d788fe6e801e68da027cc5c
+F main.mk 8b10c5df8a21cdd343986a90c75247bafaebb3aa
F publish.sh e5b83867d14708ed58cec8cba0a4f201e969474d
F spec.template 238f7db425a78dc1bb7682e56e3834c7270a3f5e
F sqlite.1 83f4a9d37bdf2b7ef079a82d54eaf2e3509ee6ea
F src/btree.c 131b5903f66e148f0f9af0cedd1c6654932c4e04
F src/btree.h 17710339f7a8f46e3c7d6d0d4648ef19c584ffda
-F src/build.c f355fa02bb53cdaa417ea1c34a43de1129a57e94
-F src/delete.c 1c677cad4879485c2aea5ef40f417b3ec3f7be12
+F src/build.c 3136d7fc765cc2feee2ad987bac1c1696fdc0f0e
+F src/delete.c bc807a756dde6aa16db38f6e05a90408053d2f2c
F src/encode.c 09d1fe8a2e97ff94cce496e2909e2ebc8947960b
-F src/expr.c 9427b4d1d04ede1095994b8e042abe2e6fea7443
+F src/expr.c d8b319f25335443a415a639aec8e0edc64e3ab6c
F src/func.c 90c583f0b91220f7cd411a2407deaf9327245d63
F src/hash.c 4fc39feb7b7711f6495ee9f2159559bedb043e1f
F src/hash.h cd0433998bc1a3759d244e1637fe5a3c13b53bf8
-F src/insert.c 74018ec733f2c443671840018e5e5f1ddbc37838
-F src/main.c cee05c2ba23b5e78f9671f319dbd68e2130e0f68
+F src/insert.c 0ea9427f7242a4432842100b41b4b81fd1999ad6
+F src/main.c c8f8fdfe4548a8404fab90ff6ad374b217e6b7fa
F src/md5.c fe4f9c9c6f71dfc26af8da63e4d04489b1430565
F src/os.c 28447687e7914306650f72058f62f7162faeef1f
F src/os.h afa3e096213bad86845f8bdca81a9e917505e401
-F src/pager.c 6874ea294cbca2aef6e83eb745a67c01cbb5f94b
+F src/pager.c 5b81639b38eb4250810ed2b31aada9fb040ed86b
F src/pager.h 540833e8cb826b80ce2e39aa917deee5e12db626
F src/parse.y 427a17888c117cc9cc35311eda0603d55437f02b
F src/printf.c 5c50fc1da75c8f5bf432b1ad17d91d6653acd167
F src/random.c 19e8e00fe0df32a742f115773f57651be327cabe
-F src/select.c b52c1dccbfc35ff13c84b4321a0bd2ac3a23d2f2
+F src/select.c 1b7d20b659621bf8621dec710e9680b4c380563c
F src/shell.c c9946847b81b8b7f32ad195498dafbc623c6874f
F src/shell.tcl 27ecbd63dd88396ad16d81ab44f73e6c0ea9d20e
-F src/sqlite.h.in 98b1574b2362abe02c4a4c73b9dbf99bcd713ab3
-F src/sqliteInt.h 4f7511446a7616ffa24542dda5bf596776852c2d
+F src/sqlite.h.in 7b35872afdba0d46890773470a12aa71d78f6d21
+F src/sqliteInt.h 01b59d2ecbd36b7ec750339bbd9401c012b463c2
F src/table.c eed2098c9b577aa17f8abe89313a9c4413f57d63
F src/tclsqlite.c 9f2c00a92338c51171ded8943bd42d77f7e69e64
-F src/test1.c 5efd7a8b18ff63e570e94cd7c842a74fb08dd511
+F src/test1.c 2a0e5cf7e66cbbb46d9f0c97ea8f406141e8b263
F src/test2.c 03f05e984c8e2f2badc44644d42baf72b249096b
F src/test3.c c12ea7f1c3fbbd58904e81e6cb10ad424e6fc728
F src/threadtest.c d641a5219e718e18a1a80a50eb9bb549f451f42e
F src/tokenize.c 7ac1c33e0149647c9eb5959c48992df6906d4809
-F src/trigger.c 5ba917fc226b96065108da28186c2efaec53e481
-F src/update.c ab3182eae676d7f198354df6a54e8611aac6ae9c
-F src/util.c e2d108842e02810d3d3242cac0e024b09cdb3c4a
+F src/trigger.c dd3fb6595643e29b71d6f3ecb22afb930224633c
+F src/update.c 9f2e9105c697b11b06b381910d0e429718f01cc3
+F src/util.c 354336da4a6f1c98f687a13db0c45ed9314a892b
F src/vdbe.c e103bd5a154b1790dd344662dceb14566a51a879
F src/vdbe.h 754eba497cfe0c3e352b9c101ab2f811f10d0a55
F src/where.c 5bf7f1e1d756ab3d25a18b24bb42106cb8e14d18
F www/sqlite.tcl ae3dcfb077e53833b59d4fcc94d8a12c50a44098
F www/tclsqlite.tcl 1db15abeb446aad0caf0b95b8b9579720e4ea331
F www/vdbe.tcl 2013852c27a02a091d39a766bc87cff329f21218
-P fc11fa50b8f39f5e0b3674d7df832ffbca0d948f
-R 87a0a3cad3f27526e1ddc77d411afd4e
+P 0deaf563fd9784bf0795107cd10e6b3269dfecea
+R 0161ffe233937639f6afc181720e6e82
U drh
-Z 6813c7f1dfa42fe98f14f8fc0a2f75cc
+Z 0354e92c05e165e223123b5629b1da94
-0deaf563fd9784bf0795107cd10e6b3269dfecea
\ No newline at end of file
+52d5007f64d0af5286b2a0e1f0b9e53c86bece3f
\ No newline at end of file
** ROLLBACK
** PRAGMA
**
-** $Id: build.c,v 1.119 2003/01/11 13:30:57 drh Exp $
+** $Id: build.c,v 1.120 2003/01/12 18:02:17 drh Exp $
*/
#include "sqliteInt.h"
#include <ctype.h>
pParse->sFirstToken = *pStart;
zName = sqliteTableNameFromToken(pName);
if( zName==0 ) return;
+ if( sqliteAuthInsert(pParse, SCHEMA_TABLE(isTemp), 1) ){
+ return;
+ }
/* Before trying to create a temporary table, make sure the Btree for
** holding temporary tables is open.
sqliteStartTable(pParse, pBegin, pName, isTemp);
p = pParse->pNewTable;
- if( p==0 ){
+ if( p==0 || pParse->nErr ){
sqliteSelectDelete(pSelect);
return;
}
if( pParse->nErr || sqlite_malloc_failed ) return;
pTable = sqliteTableFromToken(pParse, pName);
if( pTable==0 ) return;
+ if( sqliteAuthDelete(pParse, SCHEMA_TABLE(pTable->isTemp), 1) ){
+ return;
+ }
if( pTable->readOnly ){
sqliteSetString(&pParse->zErrMsg, "table ", pTable->zName,
" may not be dropped", 0);
pParse->nErr++;
return;
}
+ if( sqliteAuthDelete(pParse, pTable->zName, 1) ){
+ return;
+ }
/* Generate code to remove the table from the master table
** on disk.
pParse->nErr++;
goto exit_create_index;
}
+ if( sqliteAuthInsert(pParse, SCHEMA_TABLE(pTab->isTemp), 1) ){
+ goto exit_create_index;
+ }
/* If this index is created while re-reading the schema from sqlite_master
** but the table associated with this index is a temporary table, it can
pParse->nErr++;
return;
}
+ if( sqliteAuthDelete(pParse, SCHEMA_TABLE(pIndex->pTable->isTemp), 1) ){
+ return;
+ }
/* Generate code to remove the index and from the master table */
v = sqliteGetVdbe(pParse);
pTab = sqliteTableNameToTable(pParse, zTab);
sqliteFree(zTab);
if( pTab==0 ) goto copy_cleanup;
+ if( sqliteAuthInsert(pParse, zTab, 0) ){
+ goto copy_cleanup;
+ }
+ if( sqliteAuthCommand(pParse, "COPY", zTab) ){
+ goto copy_cleanup;
+ }
v = sqliteGetVdbe(pParse);
if( v ){
int openOp;
if( pParse==0 || (db=pParse->db)==0 || db->pBe==0 ) return;
if( pParse->nErr || sqlite_malloc_failed ) return;
+ if( sqliteAuthCommand(pParse, "BEGIN", "") ) return;
if( db->flags & SQLITE_InTrans ){
pParse->nErr++;
sqliteSetString(&pParse->zErrMsg, "cannot start a transaction "
if( pParse==0 || (db=pParse->db)==0 || db->pBe==0 ) return;
if( pParse->nErr || sqlite_malloc_failed ) return;
+ if( sqliteAuthCommand(pParse, "COMMIT", "") ) return;
if( (db->flags & SQLITE_InTrans)==0 ){
pParse->nErr++;
sqliteSetString(&pParse->zErrMsg,
if( pParse==0 || (db=pParse->db)==0 || db->pBe==0 ) return;
if( pParse->nErr || sqlite_malloc_failed ) return;
+ if( sqliteAuthCommand(pParse, "ROLLBACK", "") ) return;
if( (db->flags & SQLITE_InTrans)==0 ){
pParse->nErr++;
sqliteSetString(&pParse->zErrMsg,
zRight = sqliteStrNDup(pRight->z, pRight->n);
sqliteDequote(zRight);
}
+ if( sqliteAuthCommand(pParse, "PRAGMA", zLeft) ) return;
/*
** PRAGMA default_cache_size
** This file contains C code routines that are called by the parser
** to handle DELETE FROM statements.
**
-** $Id: delete.c,v 1.43 2003/01/11 13:30:57 drh Exp $
+** $Id: delete.c,v 1.44 2003/01/12 18:02:18 drh Exp $
*/
#include "sqliteInt.h"
int row_triggers_exist = 0;
int oldIdx = -1;
- if( pParse->nErr || sqlite_malloc_failed ){
+ if( pParse->nErr || sqlite_malloc_failed
+ || sqliteAuthCommand(pParse,"DELETE",0) ){
pTabList = 0;
goto delete_from_cleanup;
}
assert( pTabList->nSrc==1 );
pTab = pTabList->a[0].pTab;
assert( pTab->pSelect==0 ); /* This table is not a view */
+ if( sqliteAuthDelete(pParse, pTab->zName, 0) ) goto delete_from_cleanup;
/* Allocate a cursor used to store the old.* data for a trigger.
*/
** This file contains routines used for analyzing expressions and
** for generating VDBE code that evaluates expressions in SQLite.
**
-** $Id: expr.c,v 1.83 2002/10/31 00:09:40 drh Exp $
+** $Id: expr.c,v 1.84 2003/01/12 18:02:18 drh Exp $
*/
#include "sqliteInt.h"
#include <ctype.h>
case TK_ID: {
int cnt = 0; /* Number of matches */
int i; /* Loop counter */
+ int rc; /* Return code */
char *z;
assert( pExpr->token.z );
z = sqliteStrNDup(pExpr->token.z, pExpr->token.n);
pParse->nErr++;
return 1;
}
+ if( pExpr->op==TK_COLUMN ){
+ sqliteAuthRead(pParse, pExpr, pTabList, base);
+ }
break;
}
sqliteExprDelete(pRight);
pExpr->pRight = 0;
pExpr->op = TK_COLUMN;
+ sqliteAuthRead(pParse, pExpr, pTabList, base);
break;
}
** This file contains C code routines that are called by the parser
** to handle INSERT statements in SQLite.
**
-** $Id: insert.c,v 1.68 2003/01/11 13:30:58 drh Exp $
+** $Id: insert.c,v 1.69 2003/01/12 18:02:18 drh Exp $
*/
#include "sqliteInt.h"
int newIdx = -1;
if( pParse->nErr || sqlite_malloc_failed ) goto insert_cleanup;
+ if( sqliteAuthCommand(pParse, "INSERT", 0) ) goto insert_cleanup;
db = pParse->db;
/* Locate the table into which we will be inserting new information.
** other files are for internal use by SQLite and should not be
** accessed by users of the library.
**
-** $Id: main.c,v 1.105 2002/12/02 04:25:21 drh Exp $
+** $Id: main.c,v 1.106 2003/01/12 18:02:18 drh Exp $
*/
#include "sqliteInt.h"
#include "os.h"
case SQLITE_MISMATCH: z = "datatype mismatch"; break;
case SQLITE_MISUSE: z = "library routine called out of sequence";break;
case SQLITE_NOLFS: z = "kernel lacks large file support"; break;
+ case SQLITE_AUTH: z = "authorization denied"; break;
default: z = "unknown error"; break;
}
return z;
** file simultaneously, or one process from reading the database while
** another is writing.
**
-** @(#) $Id: pager.c,v 1.66 2003/01/11 13:30:58 drh Exp $
+** @(#) $Id: pager.c,v 1.67 2003/01/12 18:02:18 drh Exp $
*/
#include "os.h" /* Must be first to enable large file support */
#include "sqliteInt.h"
}
pPg->pgno = pgno;
if( pPager->aInJournal && (int)pgno<=pPager->origDbSize ){
+ sqliteCheckMemory(pPager->aInJournal, pgno/8);
pPg->inJournal = (pPager->aInJournal[pgno/8] & (1<<(pgno&7)))!=0;
}else{
pPg->inJournal = 0;
** This file contains C code routines that are called by the parser
** to handle SELECT statements in SQLite.
**
-** $Id: select.c,v 1.119 2003/01/11 14:19:52 drh Exp $
+** $Id: select.c,v 1.120 2003/01/12 18:02:18 drh Exp $
*/
#include "sqliteInt.h"
int rc = 1; /* Value to return from this function */
if( sqlite_malloc_failed || pParse->nErr || p==0 ) return 1;
+ if( sqliteAuthCommand(pParse, "SELECT", 0) ) return 1;
/* If there is are a sequence of queries, do the earlier ones first.
*/
** This header file defines the interface that the SQLite library
** presents to client programs.
**
-** @(#) $Id: sqlite.h.in,v 1.35 2002/11/09 00:33:17 drh Exp $
+** @(#) $Id: sqlite.h.in,v 1.36 2003/01/12 18:02:18 drh Exp $
*/
#ifndef _SQLITE_H_
#define _SQLITE_H_
#define SQLITE_MISMATCH 20 /* Data type mismatch */
#define SQLITE_MISUSE 21 /* Library used incorrectly */
#define SQLITE_NOLFS 22 /* Uses OS features not supported on host */
+#define SQLITE_AUTH 23 /* Authorization denied */
/*
** Each entry in an SQLite table has a unique integer key. (The key is
*/
int sqlite_aggregate_count(sqlite_func*);
+/*
+** This routine registers a callback with the SQLite library. The
+** callback is invoked for every attempt to access a column of a table
+** in the database. The callback returns SQLITE_OK if access is allowed,
+** SQLITE_DENY if the entire SQL statement should be aborted with an error
+** and SQLITE_IGNORE if the column should be treated as a NULL value.
+*/
+int sqlite_set_authorizer(
+ sqlite*,
+ int (*xAuth)(void*,int,const char*,const char*),
+ void*
+);
+
+/*
+** The second parameter to the access authorization function above will
+** be one of these values:
+*/
+#define SQLITE_READ_COLUMN 1 /* Is it OK to read the specified column? */
+#define SQLITE_WRITE_COLUMN 2 /* Is it OK to update the specified column? */
+#define SQLITE_DELETE_ROW 3 /* Is it OK to delete a row from the table? */
+#define SQLITE_INSERT_ROW 4 /* Is it OK to insert a new row in the table? */
+#define SQLITE_COMMAND 5 /* Is it OK to execute a particular command? */
+
+/*
+** The return value of the authorization function should be one of the
+** following constants:
+*/
+/* #define SQLITE_OK 0 // Allow access (This is actually defined above) */
+#define SQLITE_DENY 1 /* Abort the SQL statement with an error */
+#define SQLITE_IGNORE 2 /* Don't allow access, but don't generate an error */
+
/*
** Attempt to open the file named in the argument as the auxiliary database
** file. The auxiliary database file is used to store TEMP tables. But
*************************************************************************
** Internal interface definitions for SQLite.
**
-** @(#) $Id: sqliteInt.h,v 1.152 2003/01/11 13:30:58 drh Exp $
+** @(#) $Id: sqliteInt.h,v 1.153 2003/01/12 18:02:18 drh Exp $
*/
#include "config.h"
#include "sqlite.h"
#define MASTER_NAME "sqlite_master"
#define TEMP_MASTER_NAME "sqlite_temp_master"
+/*
+** The name of the schema table.
+*/
+#define SCHEMA_TABLE(x) (x?TEMP_MASTER_NAME:MASTER_NAME)
+
/*
** A convenience macro that returns the number of elements in
** an array.
int magic; /* Magic number for detect library misuse */
int nChange; /* Number of rows changed */
int recursionDepth; /* Number of nested calls to sqlite_exec() */
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ int (*xAuth)(void*,int,const char*,const char*); /* Access Auth function */
+ void *pAuthArg; /* 1st argument to the access auth function */
+#endif
};
/*
void *sqliteRealloc_(void*,int,char*,int);
char *sqliteStrDup_(const char*,char*,int);
char *sqliteStrNDup_(const char*, int,char*,int);
+ void sqliteCheckMemory(void*,int);
#else
void *sqliteMalloc(int);
void *sqliteMallocRaw(int);
void *sqliteRealloc(void*,int);
char *sqliteStrDup(const char*);
char *sqliteStrNDup(const char*, int);
+# define sqliteCheckMemory(a,b)
#endif
void sqliteSetString(char **, const char *, ...);
void sqliteSetNString(char **, ...);
int sqliteJoinType(Parse*, Token*, Token*, Token*);
void sqliteCreateForeignKey(Parse*, IdList*, Token*, IdList*, int);
void sqliteDeferForeignKey(Parse*, int);
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ void sqliteAuthRead(Parse*,Expr*,SrcList*,int);
+ int sqliteAuthDelete(Parse*,const char*, int);
+ int sqliteAuthInsert(Parse*,const char*, int);
+ int sqliteAuthCommand(Parse*,const char*,const char*);
+#else
+# define sqliteAuthRead(a,b,c,d)
+# define sqliteAuthDelete(a,b,c) SQLITE_OK
+# define sqliteAuthInsert(a,b,c) SQLITE_OK
+# define sqliteAuthWrite(a,b,c) SQLITE_OK
+# define sqliteAuthCommand(a,b,c) SQLITE_OK
+#endif
** is not included in the SQLite library. It is used for automated
** testing of the SQLite library.
**
-** $Id: test1.c,v 1.14 2003/01/11 14:19:52 drh Exp $
+** $Id: test1.c,v 1.15 2003/01/12 18:02:19 drh Exp $
*/
#include "sqliteInt.h"
#include "tcl.h"
return TCL_OK;
}
+#ifndef SQLITE_OMIT_AUTHORIZATION
+/*
+** Information used by the authentication function.
+*/
+typedef struct AuthInfo AuthInfo;
+struct AuthInfo {
+ Tcl_Interp *interp; /* Interpreter to use */
+ int nCmd; /* Number of characters in zCmd[] */
+ char zCmd[500]; /* Command to invoke */
+};
+
+/*
+** We create a single static authenticator. This won't work in a
+** multi-threaded environment, but the test fixture is not multithreaded.
+** And be making it static, we don't have to worry about deallocating
+** after a test in order to void memory leaks.
+*/
+static AuthInfo authInfo;
+
+/*
+** This is the authentication function. It appends the authentication
+** type code and the two arguments to zCmd[] then invokes the result
+** on the interpreter. The reply is examined to determine if the
+** authentication fails or succeeds.
+*/
+static int auth_callback(
+ void *NotUsed,
+ int code,
+ const char *zArg1,
+ const char *zArg2
+){
+ char *zCode;
+ Tcl_DString str;
+ int rc;
+ const char *zReply;
+ switch( code ){
+ case SQLITE_READ_COLUMN: zCode="SQLITE_READ_COLUMN"; break;
+ case SQLITE_WRITE_COLUMN: zCode="SQLITE_WRITE_COLUMN"; break;
+ case SQLITE_INSERT_ROW: zCode="SQLITE_INSERT_ROW"; break;
+ case SQLITE_DELETE_ROW: zCode="SQLITE_DELETE_ROW"; break;
+ case SQLITE_COMMAND: zCode="SQLITE_COMMAND"; break;
+ default: zCode="unknown code"; break;
+ }
+ Tcl_DStringInit(&str);
+ Tcl_DStringAppend(&str, authInfo.zCmd, -1);
+ Tcl_DStringAppendElement(&str, zCode);
+ Tcl_DStringAppendElement(&str, zArg1);
+ Tcl_DStringAppendElement(&str, zArg2 ? zArg2 : "");
+ rc = Tcl_GlobalEval(authInfo.interp, Tcl_DStringValue(&str));
+ Tcl_DStringFree(&str);
+ zReply = Tcl_GetStringResult(authInfo.interp);
+ if( strcmp(zReply,"SQLITE_OK")==0 ){
+ rc = SQLITE_OK;
+ }else if( strcmp(zReply,"SQLITE_DENY")==0 ){
+ rc = SQLITE_DENY;
+ }else if( strcmp(zReply,"SQLITE_IGNORE")==0 ){
+ rc = SQLITE_IGNORE;
+ }else{
+ rc = 999;
+ }
+ return rc;
+}
+
+/*
+** This routine creates a new authenticator. It fills in the zCmd[]
+** field of the authentication function state variable and then registers
+** the authentication function with the SQLite library.
+*/
+static int test_set_authorizer(
+ void *NotUsed,
+ Tcl_Interp *interp, /* The TCL interpreter that invoked this command */
+ int argc, /* Number of arguments */
+ char **argv /* Text of each argument */
+){
+ sqlite *db;
+ char *zCmd;
+ if( argc!=3 ){
+ Tcl_AppendResult(interp, "wrong # args: should be \"", argv[0],
+ " DB CALLBACK\"", 0);
+ return TCL_ERROR;
+ }
+ db = (sqlite*)strtol(argv[1], 0, 0);
+ zCmd = argv[2];
+ if( zCmd[0]==0 ){
+ sqlite_set_authorizer(db, 0, 0);
+ return TCL_OK;
+ }
+ if( strlen(zCmd)>sizeof(authInfo.zCmd) ){
+ Tcl_AppendResult(interp, "command too big", 0);
+ return TCL_ERROR;
+ }
+ authInfo.interp = interp;
+ authInfo.nCmd = strlen(zCmd);
+ strcpy(authInfo.zCmd, zCmd);
+ sqlite_set_authorizer(db, auth_callback, 0);
+ return TCL_OK;
+}
+#endif /* SQLITE_OMIT_AUTHORIZATION */
/*
** Register commands with the TCL interpreter.
{ "sqlite_register_test_function", (Tcl_CmdProc*)test_register_func },
{ "sqlite_abort", (Tcl_CmdProc*)sqlite_abort },
{ "sqlite_datatypes", (Tcl_CmdProc*)sqlite_datatypes },
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ { "sqlite_set_authorizer", (Tcl_CmdProc*)test_set_authorizer },
+#endif
#ifdef MEMORY_DEBUG
{ "sqlite_malloc_fail", (Tcl_CmdProc*)sqlite_malloc_fail },
{ "sqlite_malloc_stat", (Tcl_CmdProc*)sqlite_malloc_stat },
Trigger *nt;
Table *tab;
+ if( sqliteAuthCommand(pParse, "CREATE", "TRIGGER") ) goto trigger_cleanup;
+
/* Check that:
** 1. the trigger name does not already exist.
** 2. the table (or view) does exist.
" trigger on table: ", -1, pTableName->z, pTableName->n, 0);
goto trigger_cleanup;
}
+ if( sqliteAuthInsert(pParse, SCHEMA_TABLE(tab->isTemp), 1) ){
+ goto trigger_cleanup;
+ }
}
if (tr_tm == TK_INSTEAD){
Table *pTable;
Vdbe *v;
+ if( sqliteAuthCommand(pParse, "DROP", "TRIGGER") ) return;
zName = sqliteStrNDup(pName->z, pName->n);
/* ensure that the trigger being dropped exists */
sqliteFree(zName);
return;
}
+ pTable = sqliteFindTable(pParse->db, pTrigger->table);
+ assert(pTable);
+ if( sqliteAuthDelete(pParse, SCHEMA_TABLE(pTable->isTemp), 1) ){
+ sqliteFree(zName);
+ return;
+ }
+
/*
* If this is not an "explain", then delete the trigger structure.
*/
if( !pParse->explain ){
- pTable = sqliteFindTable(pParse->db, pTrigger->table);
- assert(pTable);
if( pTable->pTrigger == pTrigger ){
pTable->pTrigger = pTrigger->pNext;
}else{
** This file contains C code routines that are called by the parser
** to handle UPDATE statements.
**
-** $Id: update.c,v 1.51 2003/01/11 13:30:58 drh Exp $
+** $Id: update.c,v 1.52 2003/01/12 18:02:19 drh Exp $
*/
#include "sqliteInt.h"
int oldIdx = -1; /* index of trigger "old" temp table */
if( pParse->nErr || sqlite_malloc_failed ) goto update_cleanup;
+ if( sqliteAuthCommand(pParse, "UPDATE", 0) ) goto update_cleanup;
db = pParse->db;
/* Check for the special case of a VIEW with one or more ON UPDATE triggers
/* Resolve the column names in all the expressions in both the
** WHERE clause and in the new values. Also find the column index
- ** for each column to be updated in the pChanges array.
+ ** for each column to be updated in the pChanges array. For each
+ ** column to be updated, make sure we have authorization to change
+ ** that column.
*/
if( pWhere ){
if( sqliteExprResolveIds(pParse, base, pTabList, 0, pWhere) ){
pParse->nErr++;
goto update_cleanup;
}
+#ifndef SQLITE_OMIT_AUTHORIZATION
+ if( sqliteAuthWrite(pParse, pTab, j)==SQLITE_IGNORE ){
+ aXRef[j] = -1;
+ }
+#endif
}
/* Allocate memory for the array apIdx[] and fill it with pointers to every
** This file contains functions for allocating memory, comparing
** strings, and stuff like that.
**
-** $Id: util.c,v 1.54 2003/01/02 14:43:57 drh Exp $
+** $Id: util.c,v 1.55 2003/01/12 18:02:19 drh Exp $
*/
#include "sqliteInt.h"
#include <stdarg.h>
return p;
}
+/*
+** Check to see if the given pointer was obtained from sqliteMalloc()
+** and is able to hold at least N bytes. Raise an exception if this
+** is not the case.
+**
+** This routine is used for testing purposes only.
+*/
+void sqliteCheckMemory(void *p, int N){
+ int *pi = p;
+ int n, k;
+ pi -= 2;
+ assert( pi[0]==0xdead1122 );
+ n = pi[1];
+ assert( N>=0 && N<n );
+ k = (n+sizeof(int)-1)/sizeof(int);
+ assert( pi[k+2]==0xdead3344 );
+}
+
/*
** Free memory previously obtained from sqliteMalloc()
*/
projects / thirdparty / sqlite.git / commitdiff
