diff --git a/manifest b/manifest index ccdb2a9a21..1bc73261ba 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Convert\sa\sK&R\sstyle\sfunction\sto\sANSI\sstyle.\s\sTicket\s#2548.\s(CVS\s4487) -D 2007-10-12T19:35:49 +C Do\snot\sinvoke\sthe\sauthorizer\swhen\sreparsing\sthe\sschema\safter\sa\sschema\nchange\sor\swhen\strying\sto\sfigure\sout\sthe\sresult\sset\sof\sa\sview.\s(CVS\s4488) +D 2007-10-12T20:42:29 F Makefile.in 75b729d562e9525d57d9890ec598b38e1a8b02bc F Makefile.linux-gcc 65241babba6faf1152bf86574477baab19190499 F README 9c4e2d6706bdcc3efdd773ce752a8cdab4f90028 @@ -84,7 +84,7 @@ F src/btmutex.c 442be6f068d77ca9ffd69899cf0a3943c244548c F src/btree.c a491c45b4412e6f19458e122bafa0cca8f22d224 F src/btree.h d0736ebca4b6eafbdd823c46a8de574cea078211 F src/btreeInt.h 4330c19b8314545fdb209cc77e2a57f6a5290e9c -F src/build.c fec792576c6e64200259ae5c0f7ee34a6c1abbae +F src/build.c a400945db0c43f077e06d45a670bf9ad0c6fd4a2 F src/callback.c 77b302b0d41468dcda78c70e706e5b84577f0fa0 F src/complete.c 4cf68fd75d60257524cbe74f87351b9848399131 F src/date.c 49c5a6d2de6c12000905b4d36868b07d3011bbf6 @@ -124,7 +124,7 @@ F src/pager.c 0a92a08192785af79547b017cda45eb683b22552 F src/pager.h d783e7f184afdc33adff37ba58d4e029bd8793b3 F src/parse.y 2d2ce439dc6184621fb0b86f4fc5aca7f391a590 F src/pragma.c 363e548dafb52327face8d99757ab56a7b1c1b26 -F src/prepare.c 920d09a5fc690ccd48ec8c82717a11d53365dae3 +F src/prepare.c 663284f62a73a48b89f5f4e769e155fefba60384 F src/printf.c 96c8d55315a13fc53cb3754cb15046f3ff891ea2 F src/random.c 4a22746501bf36b0a088c66e38dde5daba6a35da F src/select.c 4706a6115da1bdc09a2be5991168a6cc2c0df267 @@ -190,7 +190,7 @@ F test/attach2.test 099e46a9a753035ff1b8ec0954e18ea50a934df3 F test/attach3.test 7b92dc8e40c1ebca9732ca6f2d3fefbd46f196df F test/attachmalloc.test 56c5e55563dba6d64641ef2f70ce06900df16912 F test/auth.test 6d98da67f40475ff9eba99b4a74954c123ba1792 -F test/auth2.test 8da06f0ffcfd98154dda78e0f3b35a6503c27b64 +F test/auth2.test 65ac294b8d52cbdd463f61e77ad0165268373126 F test/autoinc.test 0e67964f4855081e3a325e484adfebaab41f23a1 F test/autovacuum.test 4339e66003b9cf813dd667a83aed2dee27c4c36d F test/autovacuum_crash.test 05a63b8805b20cfba7ace82856ce4ccdda075a31 @@ -581,7 +581,7 @@ F www/tclsqlite.tcl 8be95ee6dba05eabcd27a9d91331c803f2ce2130 F www/vdbe.tcl 87a31ace769f20d3627a64fa1fade7fed47b90d0 F www/version3.tcl 890248cf7b70e60c383b0e84d77d5132b3ead42b F www/whentouse.tcl fc46eae081251c3c181bd79c5faef8195d7991a5 -P 4a807d48ea9923c1e3df4a5ad503710e62ae29f8 -R 4b8c327d78cb80cdce0615f0d18610ed +P e1b2e7c24ce0f838687a503dc98188a0e67c79de +R 525828fdeb77c0b3207ff7d87dd55a9d U drh -Z 9f848e6120696622a7cbb1f37bdcaef8 +Z 10cf92f8870071423d4027eef109f9ac diff --git a/manifest.uuid b/manifest.uuid index ba70c11fd6..f959c6cbc7 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -e1b2e7c24ce0f838687a503dc98188a0e67c79de \ No newline at end of file +e756bc9b74ef357c088b3044527c41e6834ba1a2 \ No newline at end of file diff --git a/src/build.c b/src/build.c index fe94663b6c..966ab465f1 100644 --- a/src/build.c +++ b/src/build.c @@ -22,7 +22,7 @@ ** COMMIT ** ROLLBACK ** -** $Id: build.c,v 1.445 2007/10/04 18:11:16 danielk1977 Exp $ +** $Id: build.c,v 1.446 2007/10/12 20:42:29 drh Exp $ */ #include "sqliteInt.h" #include @@ -1679,6 +1679,7 @@ int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){ int nErr = 0; /* Number of errors encountered */ int n; /* Temporarily holds the number of cursors assigned */ sqlite3 *db = pParse->db; /* Database connection for malloc errors */ + int (*xAuth)(void*,int,const char*,const char*,const char*,const char*); assert( pTable ); @@ -1724,7 +1725,10 @@ int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){ n = pParse->nTab; sqlite3SrcListAssignCursors(pParse, pSel->pSrc); pTable->nCol = -1; + xAuth = db->xAuth; + db->xAuth = 0; pSelTab = sqlite3ResultSetOfSelect(pParse, 0, pSel); + db->xAuth = xAuth; pParse->nTab = n; if( pSelTab ){ assert( pTable->aCol==0 ); diff --git a/src/prepare.c b/src/prepare.c index a1a0a40537..350e0a3087 100644 --- a/src/prepare.c +++ b/src/prepare.c @@ -13,7 +13,7 @@ ** interface, and routines that contribute to loading the database schema ** from disk. ** -** $Id: prepare.c,v 1.61 2007/10/03 08:46:45 danielk1977 Exp $ +** $Id: prepare.c,v 1.62 2007/10/12 20:42:30 drh Exp $ */ #include "sqliteInt.h" #include @@ -301,7 +301,17 @@ static int sqlite3InitOne(sqlite3 *db, int iDb, char **pzErrMsg){ "SELECT name, rootpage, sql FROM '%q'.%s", db->aDb[iDb].zName, zMasterName); sqlite3SafetyOff(db); - rc = sqlite3_exec(db, zSql, sqlite3InitCallback, &initData, 0); +#ifndef SQLITE_OMIT_AUTHORIZATION + { + int (*xAuth)(void*,int,const char*,const char*,const char*,const char*); + xAuth = db->xAuth; + db->xAuth = 0; +#endif + rc = sqlite3_exec(db, zSql, sqlite3InitCallback, &initData, 0); +#ifndef SQLITE_OMIT_AUTHORIZATION + db->xAuth = xAuth; + } +#endif if( rc==SQLITE_ABORT ) rc = initData.rc; sqlite3SafetyOn(db); sqlite3_free(zSql); diff --git a/test/auth2.test b/test/auth2.test index 6e9a463fed..d02c0f006c 100644 --- a/test/auth2.test +++ b/test/auth2.test @@ -12,7 +12,7 @@ # focus of this script is testing the sqlite3_set_authorizer() API # and related functionality. # -# $Id: auth2.test,v 1.1 2006/08/24 14:59:46 drh Exp $ +# $Id: auth2.test,v 1.2 2007/10/12 20:42:30 drh Exp $ # set testdir [file dirname $argv0] @@ -72,4 +72,97 @@ do_test auth2-1.8 { set ::flist } coalesce +# Make sure the authorizer is not called when parsing the schema +# and when computing the result set of a view. +# +db close +sqlite3 db test.db +sqlite3 db2 test.db +proc auth {args} { + global authargs + append authargs $args\n + return SQLITE_OK +} +db auth auth +do_test auth2-2.1 { + set ::authargs {} + db eval { + CREATE TABLE t2(x,y,z); + } + set ::authargs +} {SQLITE_INSERT sqlite_master {} main {} +SQLITE_CREATE_TABLE t2 {} main {} +SQLITE_UPDATE sqlite_master type main {} +SQLITE_UPDATE sqlite_master name main {} +SQLITE_UPDATE sqlite_master tbl_name main {} +SQLITE_UPDATE sqlite_master rootpage main {} +SQLITE_UPDATE sqlite_master sql main {} +SQLITE_READ sqlite_master ROWID main {} +SQLITE_READ sqlite_master name main {} +SQLITE_READ sqlite_master rootpage main {} +SQLITE_READ sqlite_master sql main {} +SQLITE_READ sqlite_master tbl_name main {} +} +do_test auth2-2.2 { + set ::authargs {} + db eval { + CREATE VIEW v2 AS SELECT x+y AS a, y+z AS b from t2; + } + set ::authargs +} {SQLITE_INSERT sqlite_master {} main {} +SQLITE_CREATE_VIEW v2 {} main {} +SQLITE_UPDATE sqlite_master type main {} +SQLITE_UPDATE sqlite_master name main {} +SQLITE_UPDATE sqlite_master tbl_name main {} +SQLITE_UPDATE sqlite_master rootpage main {} +SQLITE_UPDATE sqlite_master sql main {} +SQLITE_READ sqlite_master ROWID main {} +SQLITE_READ sqlite_master name main {} +SQLITE_READ sqlite_master rootpage main {} +SQLITE_READ sqlite_master sql main {} +SQLITE_READ sqlite_master tbl_name main {} +} +do_test auth2-2.3 { + set ::authargs {} + db eval { + SELECT a, b FROM v2; + } + set ::authargs +} {SQLITE_SELECT {} {} {} {} +SQLITE_READ v2 a main {} +SQLITE_READ v2 b main {} +SQLITE_SELECT {} {} {} v2 +SQLITE_READ t2 x main v2 +SQLITE_READ t2 y main v2 +SQLITE_READ t2 y main v2 +SQLITE_READ t2 z main v2 +} +do_test auth2-2.4 { + db2 eval { + CREATE TABLE t3(p,q,r); + } + set ::authargs {} + db eval { + SELECT b, a FROM v2; + } + set ::authargs +} {SQLITE_SELECT {} {} {} {} +SQLITE_READ v2 b main {} +SQLITE_READ v2 a main {} +SQLITE_SELECT {} {} {} v2 +SQLITE_READ t2 x main v2 +SQLITE_READ t2 y main v2 +SQLITE_READ t2 y main v2 +SQLITE_READ t2 z main v2 +SQLITE_SELECT {} {} {} {} +SQLITE_READ v2 b main {} +SQLITE_READ v2 a main {} +SQLITE_SELECT {} {} {} v2 +SQLITE_READ t2 x main v2 +SQLITE_READ t2 y main v2 +SQLITE_READ t2 y main v2 +SQLITE_READ t2 z main v2 +} +db2 close + finish_test