From: Erlend Egeberg Aasland <erlend.aasland@innova.no>
Date: Sun, 2 May 2021 22:55:33 +0000 (+0200)
Subject: bpo-43434: Move sqlite3.connect audit events to sqlite3.Connection.__init__ (GH-25818)
X-Git-Tag: v3.8.10~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=10665ac37313560fe87460cf4a5c26677049bf62;p=thirdparty%2FPython%2Fcpython.git

bpo-43434: Move sqlite3.connect audit events to sqlite3.Connection.__init__ (GH-25818)

(cherry picked from commit c96cc089f60d2bf7e003c27413c3239ee9de2990)

Co-authored-by: Erlend Egeberg Aasland <erlend.aasland@innova.no>
---

diff --git a/Misc/NEWS.d/next/Security/2021-05-02-17-50-23.bpo-43434.cy7xz6.rst b/Misc/NEWS.d/next/Security/2021-05-02-17-50-23.bpo-43434.cy7xz6.rst
new file mode 100644
index 000000000000..28b7fc538534
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2021-05-02-17-50-23.bpo-43434.cy7xz6.rst
@@ -0,0 +1,4 @@
+Creating a :class:`sqlite3.Connection` object now also produces
+a ``sqlite3.connect`` :ref:`auditing event <auditing>`.
+Previously this event was only produced by :func:`sqlite3.connect`
+calls. Patch by Erlend E. Aasland.
diff --git a/Modules/_sqlite/connection.c b/Modules/_sqlite/connection.c
index b6188a36733e..d1d5f9fd07cd 100644
--- a/Modules/_sqlite/connection.c
+++ b/Modules/_sqlite/connection.c
@@ -98,6 +98,10 @@ int pysqlite_connection_init(pysqlite_Connection* self, PyObject* args, PyObject
         return -1;
     }
 
+    if (PySys_Audit("sqlite3.connect", "O", database_obj) < 0) {
+        return -1;
+    }
+
     database = PyBytes_AsString(database_obj);
 
     self->initialized = 1;
diff --git a/Modules/_sqlite/module.c b/Modules/_sqlite/module.c
index 9fe0dc952f0b..d3ce2839eecc 100644
--- a/Modules/_sqlite/module.c
+++ b/Modules/_sqlite/module.c
@@ -71,8 +71,6 @@ static PyObject* module_connect(PyObject* self, PyObject* args, PyObject*
     int uri = 0;
     double timeout = 5.0;
 
-    PyObject* result;
-
     if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O|diOiOip", kwlist,
                                      &database, &timeout, &detect_types,
                                      &isolation_level, &check_same_thread,
@@ -85,13 +83,7 @@ static PyObject* module_connect(PyObject* self, PyObject* args, PyObject*
         factory = (PyObject*)&pysqlite_ConnectionType;
     }
 
-    if (PySys_Audit("sqlite3.connect", "O", database) < 0) {
-        return NULL;
-    }
-
-    result = PyObject_Call(factory, args, kwargs);
-
-    return result;
+    return PyObject_Call(factory, args, kwargs);
 }
 
 PyDoc_STRVAR(module_connect_doc,