From: drh <> Date: Mon, 25 Mar 2024 18:24:28 +0000 (+0000) Subject: Revert the previous change. Instead, do a pre-check of the CREATE TABLE X-Git-Tag: version-3.46.0~96 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=791b6f36cc8ed25766e709dfe2dc6d23782652b8;p=thirdparty%2Fsqlite.git Revert the previous change. Instead, do a pre-check of the CREATE TABLE statement that is the second argument to sqlite3_declare_vtab() and if the first two keywords are not "CREATE" and "TABLE", then raise an SQLITE_MISUSE error. FossilOrigin-Name: 6a2ff8351244da2336055454dfad2dd40534b7cfb51e840f7f8cf2ddacf8649e --- diff --git a/manifest b/manifest index 991d1c97d7..3e57f6173d 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Remove\san\sALWAYS()\sfrom\sa\scondition\sthat\scan\sbe\strue. -D 2024-03-25T17:43:11.374 +C Revert\sthe\sprevious\schange.\s\sInstead,\sdo\sa\spre-check\sof\sthe\sCREATE\sTABLE\nstatement\sthat\sis\sthe\ssecond\sargument\sto\ssqlite3_declare_vtab()\sand\sif\nthe\sfirst\stwo\skeywords\sare\snot\s"CREATE"\sand\s"TABLE",\sthen\sraise\san\nSQLITE_MISUSE\serror. +D 2024-03-25T18:24:28.496 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -830,7 +830,7 @@ F src/vdbemem.c 213bf303826c0ef702e3a2a69dab2309d84b8381b822c6787885859fd7cd4c4e F src/vdbesort.c 237840ca1947511fa59bd4e18b9eeae93f2af2468c34d2427b059f896230a547 F src/vdbetrace.c fe0bc29ebd4e02c8bc5c1945f1d2e6be5927ec12c06d89b03ef2a4def34bf823 F src/vdbevtab.c 2143db7db0ceed69b21422581f434baffc507a08d831565193a7a02882a1b6a7 -F src/vtab.c cd53fee1d4ca6c9dd6eb673aeb87ecaa1c5a067da30e3b231678bd9e3f771b60 +F src/vtab.c 13481f3532a3a89624d1853ebc8c980215e716e275a729444c12e3f1005b4b74 F src/vxworks.h d2988f4e5a61a4dfe82c6524dd3d6e4f2ce3cdb9 F src/wal.c 887fc4ca3f020ebb2e376f222069570834ac63bf50111ef0cbf3ae417048ed89 F src/wal.h ba252daaa94f889f4b2c17c027e823d9be47ce39da1d3799886bbd51f0490452 @@ -2182,8 +2182,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P fdc9406f1c8ba4a7341c1e408f6042ddc788cf65f98e1de2ee101390bfb0abae -R f76b08b792dbded66ddcd94e7cec15b2 +P 715fcf033a6c0c64fa3076d58be8c39246aebef922c1a44a31831b40e165015e +R 56888bcd4145065d254cef5a88e451fc U drh -Z b7fa3cba61650ea05eb1778d7cc33597 +Z d2c55463ac4c41ce779d550b765c534c # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index ae66038eef..8fc054c745 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -715fcf033a6c0c64fa3076d58be8c39246aebef922c1a44a31831b40e165015e \ No newline at end of file +6a2ff8351244da2336055454dfad2dd40534b7cfb51e840f7f8cf2ddacf8649e \ No newline at end of file diff --git a/src/vtab.c b/src/vtab.c index 199ae32171..aad93fef8b 100644 --- a/src/vtab.c +++ b/src/vtab.c @@ -813,12 +813,27 @@ int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){ Table *pTab; Parse sParse; int initBusy; + int i; + const unsigned char *z; + static const u8 aKeyword[] = { TK_CREATE, TK_TABLE, 0 }; #ifdef SQLITE_ENABLE_API_ARMOR if( !sqlite3SafetyCheckOk(db) || zCreateTable==0 ){ return SQLITE_MISUSE_BKPT; } #endif + + /* Verify that the first two keywords in the CREATE TABLE statement + ** really are "CREATE" and "TABLE". If this is not the case, then + ** sqlite3_declare_vtab() is being misused. + */ + z = (const unsigned char*)zCreateTable; + for(i=0; aKeyword[i]; i++){ + int tokenType = 0; + do{ z += sqlite3GetToken(z, &tokenType); }while( tokenType==TK_SPACE ); + if( tokenType!=aKeyword[i] ) return SQLITE_MISUSE_BKPT; + } + sqlite3_mutex_enter(db->mutex); pCtx = db->pVtabCtx; if( !pCtx || pCtx->bDeclared ){ @@ -826,6 +841,7 @@ int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){ sqlite3_mutex_leave(db->mutex); return SQLITE_MISUSE_BKPT; } + pTab = pCtx->pTab; assert( IsVirtual(pTab) ); @@ -840,7 +856,7 @@ int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){ db->init.busy = 0; sParse.nQueryLoop = 1; if( SQLITE_OK==sqlite3RunParser(&sParse, zCreateTable) - && sParse.pNewTable!=0 + && ALWAYS(sParse.pNewTable!=0) && ALWAYS(!db->mallocFailed) && IsOrdinaryTable(sParse.pNewTable) ){