From: drh Date: Wed, 20 Apr 2016 00:30:05 +0000 (+0000) Subject: API Change: Modify sqlite3_enable_load_extension() so that it only X-Git-Tag: version-3.13.0~76^2~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1a55dedf7ba312cc357fdfa669b14323693b6b90;p=thirdparty%2Fsqlite.git API Change: Modify sqlite3_enable_load_extension() so that it only enables/disables the load_extension() SQL function, and leaves the C-APIs enabled at all times. In this way, applications can enable extension loading for the C interface without having to expose that capability to the SQL. FossilOrigin-Name: edb454e45ae008e051e2f48d704a855b0c3e4be9 --- diff --git a/manifest b/manifest index eb27e8449c..154ad7c55d 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Remove\squotes\sfrom\sidentifiers\sused\sas\sdatatype\snames\sin\sa\sCREATE\sTABLE\nstatement.\s\sFix\sfor\sticket\s[7d7525cb01b68] -D 2016-04-18T15:46:14.499 +C API\sChange:\sModify\ssqlite3_enable_load_extension()\sso\sthat\sit\sonly\nenables/disables\sthe\sload_extension()\sSQL\sfunction,\sand\sleaves\sthe\sC-APIs\nenabled\sat\sall\stimes.\s\sIn\sthis\sway,\sapplications\scan\senable\sextension\sloading\nfor\sthe\sC\sinterface\swithout\shaving\sto\sexpose\sthat\scapability\sto\sthe\sSQL. +D 2016-04-20T00:30:05.107 F Makefile.in eba680121821b8a60940a81454316f47a341487a F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434 F Makefile.msc 71b8b16cf9393f68e2e2035486ca104872558836 @@ -332,14 +332,14 @@ F src/delete.c 78eb999114ec04fcf1b7d123ccedb4b5b734930e F src/expr.c 17d4e745ef6a3fd2e4ef863f5f9a4912f1ba1198 F src/fault.c 160a0c015b6c2629d3899ed2daf63d75754a32bb F src/fkey.c 4c0bd09e602b8ae8d36d81e31e4872d0b53c87bb -F src/func.c 552d300265aed09eea21f68ac742a440550c0062 +F src/func.c 2105701329de3fc2bf47c4153181d412f9f1531c F src/global.c c45ea22aff29334f6a9ec549235ac3357c970015 F src/hash.c 4263fbc955f26c2e8cdc0cf214bc42435aa4e4f5 F src/hash.h c8f3c31722cf3277d03713909761e152a5b81094 F src/hwtime.h d32741c8f4df852c7d959236615444e2b1063b08 F src/insert.c 8f4e9fcbd8e95e85f15647ba8b413b18d556ec2b F src/legacy.c 75d3023be8f0d2b99d60f905090341a03358c58e -F src/loadext.c e70f8f9e97624a232870ea5486e682c813ac3002 +F src/loadext.c 3f74ec102096acc2e33379c8379fced14b66858a F src/main.c 5ac9dccc03faadd6f867f67b9018ff41eeeadb46 F src/malloc.c 1443d1ad95d67c21d77af7ae3f44678252f0efec F src/mem0.c 6a55ebe57c46ca1a7d98da93aaa07f99f1059645 @@ -1482,7 +1482,10 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 3a7d72986fabe9434ff5bd02c93169314f072b23 -R 761e3cafabae5f2f003bf21bdc2befe8 +P eba27d4d17a76884292667d570d542e580ee3e77 +R 9873f5bcb700ee71f0df5e53b0b9f6e3 +T *branch * load-ext-security +T *sym-load-ext-security * +T -sym-trunk * U drh -Z 8a9e64fdc933327d2408de0f01f55efc +Z 9467a7a3e92ef67650d6a6e01e05bbf1 diff --git a/manifest.uuid b/manifest.uuid index 540eda5836..6aaf8e7765 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -eba27d4d17a76884292667d570d542e580ee3e77 \ No newline at end of file +edb454e45ae008e051e2f48d704a855b0c3e4be9 \ No newline at end of file diff --git a/src/func.c b/src/func.c index 662a08f504..17ca7ab9a8 100644 --- a/src/func.c +++ b/src/func.c @@ -1386,6 +1386,14 @@ static void loadExt(sqlite3_context *context, int argc, sqlite3_value **argv){ sqlite3 *db = sqlite3_context_db_handle(context); char *zErrMsg = 0; + /* Disallow the load_extension function unless the SQLITE_LoadExtension + ** flag is set. See the sqlite3_enable_load_extension() API. + */ + if( (db->flags & SQLITE_LoadExtension)==0 ){ + sqlite3_result_error(context, "not authorized", -1); + return; + } + if( argc==2 ){ zProc = (const char *)sqlite3_value_text(argv[1]); }else{ diff --git a/src/loadext.c b/src/loadext.c index 495001e55a..7be43cb86d 100644 --- a/src/loadext.c +++ b/src/loadext.c @@ -460,22 +460,7 @@ static int sqlite3LoadExtension( if( pzErrMsg ) *pzErrMsg = 0; - - /* Ticket #1863. To avoid a creating security problems for older - ** applications that relink against newer versions of SQLite, the - ** ability to run load_extension is turned off by default. One - ** must call sqlite3_enable_load_extension() to turn on extension - ** loading. Otherwise you get the following error. - */ - if( (db->flags & SQLITE_LoadExtension)==0 ){ - if( pzErrMsg ){ - *pzErrMsg = sqlite3_mprintf("not authorized"); - } - return SQLITE_ERROR; - } - zEntry = zProc ? zProc : "sqlite3_extension_init"; - handle = sqlite3OsDlOpen(pVfs, zFile); #if SQLITE_OS_UNIX || SQLITE_OS_WIN for(ii=0; ii