Begin making changes to turn off trusted schema in command-line tools that

open SQLite databases.  There are a lot of these, and a lot of places to
change, which makes me wonder if trusted schema out to be off by default.

FossilOrigin-Name: 3d23a275ab5d7d5052130c74cc59025cf6a99cc933cd30cfbcca2a3eaddbb999

diff --git a/manifest b/manifest
index eaa24e1e047b2475db0552be08ffd71c8e1bafe6..3db60a141bada7df8b554ddc74888b79fc2705c4 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Documentation\supdates\son\snewer\sAPIs.\s\sNo\schanges\sto\scode.
-D 2020-01-10T00:00:18.770
+C Begin\smaking\schanges\sto\sturn\soff\strusted\sschema\sin\scommand-line\stools\sthat\nopen\sSQLite\sdatabases.\s\sThere\sare\sa\slot\sof\sthese,\sand\sa\slot\sof\splaces\sto\nchange,\swhich\smakes\sme\swonder\sif\strusted\sschema\sout\sto\sbe\soff\sby\sdefault.
+D 2020-01-10T00:20:41.072
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -531,7 +531,7 @@ F src/random.c 80f5d666f23feb3e6665a6ce04c7197212a88384
 F src/resolve.c 1139e3157c710c6e6f04fe726f4e0d8bdb1ae89a276d3b0ca4975af163141c9c
 F src/rowset.c d977b011993aaea002cab3e0bb2ce50cf346000dff94e944d547b989f4b1fe93
 F src/select.c 924b61cef57033a8ca1ed3dcffd02445a7dd0c837cc849b2e4117251cac831f5
-F src/shell.c.in 43d3cfbee97d78ca5782dc53e4c1e22d3cc15c91beff20889dc60551f47eab9f
+F src/shell.c.in a68cd2a90e86dfb63fbf5a003a807013f30ea490ffb6cf54d10499bb12d2116a
 F src/sqlite.h.in 0ed2c973fcfa1e2ce120b35827a23e252719c3337ff64a1f76b800b53169d56e
 F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
 F src/sqlite3ext.h 72af51aa4e912e14cd495fb6e7fac65f0940db80ed950d90911aff292cc47ce2
@@ -1821,7 +1821,7 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
 F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
 F tool/speedtest8inst1.c 7ce07da76b5e745783e703a834417d725b7d45fd
 F tool/split-sqlite3c.tcl 3efcd4240b738f6bb2b5af0aea7e1e0ef9bc1c61654f645076cec883030b710c
-F tool/sqldiff.c 7b9b7238284f02131dbb8f21a4e862409bff728045c5473139d28c67ac87580e
+F tool/sqldiff.c 270266966100dcb57490bdd933bb145c06cdef85afc856f7354d3f3a25c0ff1c
 F tool/sqlite3_analyzer.c.in 7eeaae8b0d7577662acaabbb11107af0659d1b41bc1dfdd4d91422de27127968
 F tool/sqltclsh.c.in 1bcc2e9da58fadf17b0bf6a50e68c1159e602ce057210b655d50bad5aaaef898
 F tool/sqltclsh.tcl 862f4cf1418df5e1315b5db3b5ebe88969e2a784525af5fbf9596592f14ed848
@@ -1856,7 +1856,10 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 20237d5dc4451f142b511e50a4acef4574cef17b9222c87dcebfe1ed1bab0ad9
-R 62d7e9ceb3c6bf2163d7b131b5c92b18
+P 8845a8c22a4ceabee130ce2addbe07e13b0496eeb542c89850f8658d21a48f89
+R 6d7d6cc0b2b3dc095c65be57f394a405
+T *branch * default-untrusted-schema
+T *sym-default-untrusted-schema *
+T -sym-trunk *
 U drh
-Z 8e437f19b27b8e5454199c775779247a
+Z 910a86746ff9d57b9bd1611487c6e73d

diff --git a/manifest.uuid b/manifest.uuid
index d68bfd43b560fb47f3700e000d94b5d784ae6544..18fb356fae47de1e506c6d0e81f639298460d4b1 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-8845a8c22a4ceabee130ce2addbe07e13b0496eeb542c89850f8658d21a48f89
\ No newline at end of file
+3d23a275ab5d7d5052130c74cc59025cf6a99cc933cd30cfbcca2a3eaddbb999
\ No newline at end of file

diff --git a/src/shell.c.in b/src/shell.c.in
index 118205532c0c0dc4942adb3f052ff3633b6997b7..806c329acc86080fa8413da585ebbb1c604a849e 100644 (file)
--- a/src/shell.c.in
+++ b/src/shell.c.in
@@ -4162,6 +4162,7 @@ static void open_db(ShellState *p, int openFlags){
       }
       exit(1);
     }
+    sqlite3_db_config(p->db, SQLITE_DBCONFIG_TRUSTED_SCHEMA, 0, 0);
 #ifndef SQLITE_OMIT_LOAD_EXTENSION
     sqlite3_enable_load_extension(p->db, 1);
 #endif
@@ -4848,6 +4849,7 @@ static void tryToClone(ShellState *p, const char *zNewDb){
             sqlite3_errmsg(newDb));
   }else{
     sqlite3_exec(p->db, "PRAGMA writable_schema=ON;", 0, 0, 0);
+    sqlite3_db_config(newDb, SQLITE_DBCONFIG_TRUSTED_SCHEMA, 0, 0);
     sqlite3_exec(newDb, "BEGIN EXCLUSIVE;", 0, 0, 0);
     tryToCloneSchema(p, newDb, "type='table'", tryToCloneData);
     tryToCloneSchema(p, newDb, "type!='table'", 0);
@@ -6171,6 +6173,7 @@ static int arDotCommand(
         );
         goto end_ar_command;
       }
+      sqlite3_db_config(cmd.db, SQLITE_DBCONFIG_TRUSTED_SCHEMA, 0, 0);
       sqlite3_fileio_init(cmd.db, 0, 0);
       sqlite3_sqlar_init(cmd.db, 0, 0);
       sqlite3_create_function(cmd.db, "shell_putsnl", 1, SQLITE_UTF8, cmd.p,
@@ -7023,6 +7026,7 @@ static int do_meta_command(char *zLine, ShellState *p){
       close_db(pDest);
       return 1;
     }
+    sqlite3_db_config(pDest, SQLITE_DBCONFIG_TRUSTED_SCHEMA, 0, 0);
     if( bAsync ){
       sqlite3_exec(pDest, "PRAGMA synchronous=OFF; PRAGMA journal_mode=OFF;",
                    0, 0, 0);
@@ -8390,6 +8394,7 @@ static int do_meta_command(char *zLine, ShellState *p){
       return 1;
     }
     open_db(p, 0);
+    sqlite3_db_config(pSrc, SQLITE_DBCONFIG_TRUSTED_SCHEMA, 0, 0);
     pBackup = sqlite3_backup_init(p->db, zDb, pSrc, "main");
     if( pBackup==0 ){
       utf8_printf(stderr, "Error: %s\n", sqlite3_errmsg(p->db));

diff --git a/tool/sqldiff.c b/tool/sqldiff.c
index 9f5b6fe6d95efb50c9e2148fa786afd86b6a67e7..e9571d497b28d58a903c315c47cb74948c658cdd 100644 (file)
--- a/tool/sqldiff.c
+++ b/tool/sqldiff.c
@@ -1955,6 +1955,7 @@ int main(int argc, char **argv){
   if( rc ){
     cmdlineError("cannot open database file \"%s\"", zDb1);
   }
+  sqlite3_db_config(g.db, SQLITE_DBCONFIG_TRUSTED_SCHEMA, 0, 0);
   rc = sqlite3_exec(g.db, "SELECT * FROM sqlite_master", 0, 0, &zErrMsg);
   if( rc || zErrMsg ){
     cmdlineError("\"%s\" does not appear to be a valid SQLite database", zDb1);