From: dan Date: Tue, 7 Nov 2023 19:02:14 +0000 (+0000) Subject: Do not allow aggregate or window functions in UPDATE statements. X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fheads%2Fno-aggregates-in-update;p=thirdparty%2Fsqlite.git Do not allow aggregate or window functions in UPDATE statements. FossilOrigin-Name: fce776ccce57beec31492c52270e82bf8c626e0951b153df97564df44d47e67b --- diff --git a/manifest b/manifest index 4a41fc1505..abd235d6c4 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C JNI:\sduring\sstatic\sinit\srecord\swhether\sthe\scurrent\sJVM\ssupports\sJNI-level\saccess\sto\sjava.nio.ByteBuffer\sraw\smemory,\sand\sadd\ssqlite3_jni_supports_nio()\sto\squery\sthat. -D 2023-11-07T17:15:55.097 +C Do\snot\sallow\saggregate\sor\swindow\sfunctions\sin\sUPDATE\sstatements. +D 2023-11-07T19:02:14.350 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -722,7 +722,7 @@ F src/pragma.h e690a356c18e98414d2e870ea791c1be1545a714ba623719deb63f7f226d8bb7 F src/prepare.c bde74add20fc0e8ce0c4e937a1f70a36d17413afe4f71d3e103f5cb74b17c8d9 F src/printf.c 9da63b9ae1c14789bcae12840f5d800fd9302500cd2d62733fac77f0041b4750 F src/random.c 606b00941a1d7dd09c381d3279a058d771f406c5213c9932bbd93d5587be4b9c -F src/resolve.c d017bad7ba8e778617701a0e986fdeb393d67d6afa84fb28ef4e8b8ad2acf916 +F src/resolve.c b352cca51ca3a201e9241c5b67c4f245837b8e4738dc73555e137f93c08743f6 F src/rowset.c 8432130e6c344b3401a8874c3cb49fefe6873fec593294de077afea2dce5ec97 F src/select.c a19daa26e95f7245106a31f288b2f50c72d1f2cc156703f04c8c91450e111515 F src/shell.c.in aebfbedaa7706d2c73ab7366a19fc8bc40ea68b70d2529f7feef54e6eb077ea2 @@ -1860,10 +1860,10 @@ F test/unixexcl.test d936ba2b06794018e136418addd59a2354eeae97 F test/unordered.test 0edaf3411d300693bca595897c5201421c6c5ec787990a1dfe2f7f60ae93f1e2 F test/update.test 85d3f46d0863033370bd881b1097f5694369a8730e53c5f85d96f32b7b310b47 F test/update2.test 67455bc61fcbcf96923c45b3bc4f87bc72be7d67575ad35f134906148c7b06d3 -F test/upfrom1.tcl 8859d9d437f03b44174c4524a7a734a391fd4526fcff65be08285dafc9dc9041 -F test/upfrom1.test 8cb06689e99cd707d884faa16da0e8eb26ff658bb01c47ddf72fadade666e6e1 -F test/upfrom2.test 66f3ebf721b3cebd922faee5c386bf244f816d416b57c000753ff51af62328a1 -F test/upfrom3.test 6130f24ebf97f5ea865e5d2a14a2d543fe5428a62e87cc60f62d875e45c1f5f0 +F test/upfrom1.tcl cff9c9d57581799d38a787a1c9e86ae825cb1f895048bc6a904c5491bc24f6ea +F test/upfrom1.test 12ad93200f1e3a5395b2be634a4f46253f1ec198af669a7f52c2d99faeae360a +F test/upfrom2.test 17174930f0e72c3ed97bba48414db883ddd097a62366ef832c21fd9990b10dab +F test/upfrom3.test 275ba18a2133198178a5bcbc1479def60e7dbdeb4004fa57a05a37686fbd6ba5 F test/upfrom4.test 78f742a6577c91a7a55c64edb8811004e7c6aa99b8d57b2320f70a918c357807 F test/upfromfault.test 3a10075a0043f0c4fad6614b2c371f88a8ba5a4acab68b907438413865d6a8d6 F test/upsert1.test a512e2f884d3a36159fce2e45108c236f78ae38e35bda55f4050db580ceb25d3 @@ -1985,7 +1985,7 @@ F test/win32heap.test 10fd891266bd00af68671e702317726375e5407561d859be1aa04696f2 F test/win32lock.test e0924eb8daac02bf80e9da88930747bd44dd9b230b7759fed927b1655b467c9c F test/win32longpath.test 4baffc3acb2e5188a5e3a895b2b543ed09e62f7c72d713c1feebf76222fe9976 F test/win32nolock.test ac4f08811a562e45a5755e661f45ca85892bdbbc -F test/window1.test 5e8abe56a7d667eeddbba6de180086dcf69ed528d046447a25464f945ece101f +F test/window1.test e38b3dbe7cf8259ed30dde7c66b643a4d1b4a5ba47fafebc2fd4322533c99ffe F test/window2.tcl 492c125fa550cda1dd3555768a2303b3effbeceee215293adf8871efc25f1476 F test/window2.test e466a88bd626d66edc3d352d7d7e1d5531e0079b549ba44efb029d1fbff9fd3c F test/window3.tcl acea6e86a4324a210fd608d06741010ca83ded9fde438341cb978c49928faf03 @@ -2142,8 +2142,11 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P e4670d68b52233ab376a1725983e148aaf2a2c3658a41f5768e37a0f1f87428a -R 73b75ed4c87333bbc1b63a547227eff1 -U stephan -Z ff630bf6abb02dbe33113baf6eccc049 +P fb8dbb77a4d8efafd6772333824b4ab589828cf155a63ca6a26730314d0a4bd9 +R 73f89adca3990354a0ed1d5d6a5683e1 +T *branch * no-aggregates-in-update +T *sym-no-aggregates-in-update * +T -sym-trunk * +U dan +Z 1a3ef3ddb0d965ec13f82ad772a5052a # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index 997a53ff67..4569e44f80 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -fb8dbb77a4d8efafd6772333824b4ab589828cf155a63ca6a26730314d0a4bd9 \ No newline at end of file +fce776ccce57beec31492c52270e82bf8c626e0951b153df97564df44d47e67b \ No newline at end of file diff --git a/src/resolve.c b/src/resolve.c index 5f675c1d2d..3e74cb855c 100644 --- a/src/resolve.c +++ b/src/resolve.c @@ -1845,7 +1845,9 @@ static int resolveSelectStep(Walker *pWalker, Select *p){ /* Set up the local name-context to pass to sqlite3ResolveExprNames() to ** resolve the result-set expression list. */ - sNC.ncFlags = NC_AllowAgg|NC_AllowWin; + if( (p->selFlags & SF_UpdateFrom)==0 ){ + sNC.ncFlags = NC_AllowAgg|NC_AllowWin; + } sNC.pSrcList = p->pSrc; sNC.pNext = pOuterNC; diff --git a/test/upfrom1.tcl b/test/upfrom1.tcl index 22fc68a31c..081fe5654f 100644 --- a/test/upfrom1.tcl +++ b/test/upfrom1.tcl @@ -110,6 +110,13 @@ errorsql_test 2.3.2 { UPDATE t5 AS apples SET b=1 FROM t5 AS apples; } +errorsql_test 2.3.3 { + UPDATE m1 SET y = min(v) FROM m2; +} +errorsql_test 2.3.4 { + UPDATE m1 SET y = min(v) OVER () FROM m2; +} + finish_test diff --git a/test/upfrom1.test b/test/upfrom1.test index 204f3512e5..a8d341f770 100644 --- a/test/upfrom1.test +++ b/test/upfrom1.test @@ -164,47 +164,14 @@ do_test 2.3.2 { catch { execsql { UPDATE t5 AS apples SET b=1 FROM t5 AS apples; } } } 1 -# Problem found by OSSFuzz on 2020-07-20 -# https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24282 -# -reset_db -do_execsql_test 3.1 { - CREATE TABLE t0(a); - CREATE TABLE t1(b); - UPDATE t1 SET b=sum(a) FROM t0; - SELECT * FROM t0, t1; -} {} - -# Problem described by forum post https://sqlite.org/forum/forumpost/a274248080 -# -reset_db -do_execsql_test 4.1 { - CREATE TABLE t1(x INT); INSERT INTO t1 VALUES(1); - CREATE TABLE t2(y INT); INSERT INTO t2 VALUES(2); - WITH t1 AS (SELECT y+100 AS x FROM t2) - UPDATE t1 SET x=(SELECT x FROM t1); - SELECT x, y FROM t1, t2; -} {102 2} -do_execsql_test 4.2 { - WITH t1 AS (SELECT y+100 AS x FROM t2) - UPDATE t1 SET x=x+y FROM t2; - SELECT x, y FROM t1, t2; -} {104 2} - -# 2021-05-20 -# Forum https://sqlite.org/forum/forumpost/339f487de5 by Yu Liang -# A bad assert() -# -reset_db -do_execsql_test 5.1 { - CREATE TABLE t1(a); - INSERT INTO t1(a) VALUES(5); - CREATE VIEW t2 AS SELECT a FROM t1 UNION ALL SELECT a FROM t1; - CREATE TABLE t3(b,c); - INSERT INTO t3(b,c) VALUES(1,2); - UPDATE t3 SET (c,b) = (SELECT 3,4) FROM t1, t2; - SELECT * FROM t3; -} {4 3} +# PG says ERROR: aggregate functions are not allowed in UPDATE +do_test 2.3.3 { catch { execsql { + UPDATE m1 SET y = min(v) FROM m2; +} } } 1 +# PG says ERROR: window functions are not allowed in UPDATE +do_test 2.3.4 { catch { execsql { + UPDATE m1 SET y = min(v) OVER () FROM m2; +} } } 1 finish_test diff --git a/test/upfrom2.test b/test/upfrom2.test index 600fa05e4b..df7e13a2e2 100644 --- a/test/upfrom2.test +++ b/test/upfrom2.test @@ -401,5 +401,46 @@ do_execsql_test 7.1 { SELECT * FROM t3; } {11 11 22 22 33 33 44 44 55 55} +# Problem found by OSSFuzz on 2020-07-20 +# https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24282 +# +reset_db +do_catchsql_test 3.1 { + CREATE TABLE t0(a); + CREATE TABLE t1(b); + UPDATE t1 SET b=sum(a) FROM t0; + SELECT * FROM t0, t1; +} {1 {misuse of aggregate function sum()}} + +# Problem described by forum post https://sqlite.org/forum/forumpost/a274248080 +# +reset_db +do_execsql_test 4.1 { + CREATE TABLE t1(x INT); INSERT INTO t1 VALUES(1); + CREATE TABLE t2(y INT); INSERT INTO t2 VALUES(2); + WITH t1 AS (SELECT y+100 AS x FROM t2) + UPDATE t1 SET x=(SELECT x FROM t1); + SELECT x, y FROM t1, t2; +} {102 2} +do_execsql_test 4.2 { + WITH t1 AS (SELECT y+100 AS x FROM t2) + UPDATE t1 SET x=x+y FROM t2; + SELECT x, y FROM t1, t2; +} {104 2} + +# 2021-05-20 +# Forum https://sqlite.org/forum/forumpost/339f487de5 by Yu Liang +# A bad assert() +# +reset_db +do_execsql_test 5.1 { + CREATE TABLE t1(a); + INSERT INTO t1(a) VALUES(5); + CREATE VIEW t2 AS SELECT a FROM t1 UNION ALL SELECT a FROM t1; + CREATE TABLE t3(b,c); + INSERT INTO t3(b,c) VALUES(1,2); + UPDATE t3 SET (c,b) = (SELECT 3,4) FROM t1, t2; + SELECT * FROM t3; +} {4 3} finish_test diff --git a/test/upfrom3.test b/test/upfrom3.test index 9936716b51..990b316c97 100644 --- a/test/upfrom3.test +++ b/test/upfrom3.test @@ -258,4 +258,40 @@ foreach {tn wo} { }] } +#------------------------------------------------------------------------- +reset_db + +do_execsql_test 5.0 { + CREATE TABLE t1(a INTEGER PRIMARY KEY, b); + CREATE TABLE t2(d, e); + + INSERT INTO t1 VALUES(1, NULL); + INSERT INTO t1 VALUES(2, NULL); + INSERT INTO t1 VALUES(3, NULL); + INSERT INTO t1 VALUES(4, NULL); + + INSERT INTO t2 VALUES(1, 10), (1, 20), (1, 22); + INSERT INTO t2 VALUES(2, 1), (2, 2), (2, 2); + INSERT INTO t2 VALUES(3, 44), (3, 4), (3, 444); +} +do_catchsql_test 5.1 { + UPDATE t1 SET b = min(d) FROM t2; +} {1 {misuse of aggregate function min()}} +do_catchsql_test 5.2 { + UPDATE t1 SET b = max(d) OVER () FROM t2; +} {1 {misuse of window function max()}} + +do_execsql_test 5.3 { + WITH up(a, b) AS ( + SELECT d, min(e) FROM t2 GROUP BY d + ) + UPDATE t1 SET b=up.b FROM up WHERE t1.a=up.a; +} +do_execsql_test 5.4 { + SELECT * FROM t1 +} { + 1 10 2 1 3 4 4 {} +} + + finish_test diff --git a/test/window1.test b/test/window1.test index d8348a8980..e188f48097 100644 --- a/test/window1.test +++ b/test/window1.test @@ -2253,19 +2253,9 @@ do_execsql_test 73.3 { 4 2 4 15 4 4 4 15 } -do_execsql_test 73.4 { +do_catchsql_test 73.4 { UPDATE t2 SET c=nth_value(15,2) OVER() FROM (SELECT * FROM t1) WHERE b=4 RETURNING *; -} { - 4 15 - 4 15 - 4 15 - 4 15 - 4 15 - 4 15 - 4 15 - 4 15 - 4 15 -} +} {1 {misuse of window function nth_value()}} do_execsql_test 73.5 { DROP TRIGGER x1; }