Fix enforcement of the LIKE_PATTERN limit. (CVS 3962)
FossilOrigin-Name: 8819617b7cf7ccd64bf6bb4ba208f37126964ec2
This commit is contained in:
danielk1977
parent
37cd66a6a0
commit
b56fe1ff27
18
manifest
18
manifest
@ -1,5 +1,5 @@
|
||||
C Remove\sa\skeyword\sfrom\sthe\sheader\scomment\sin\sdate.c\s(CVS\s3961)
|
||||
D 2007-05-08T21:56:00
|
||||
C Fix\senforcement\sof\sthe\sLIKE_PATTERN\slimit.\s(CVS\s3962)
|
||||
D 2007-05-09T08:24:44
|
||||
F Makefile.in 87b200ad9970907f76df734d29dff3d294c10935
|
||||
F Makefile.linux-gcc 2d8574d1ba75f129aba2019f0b959db380a90935
|
||||
F README 9c4e2d6706bdcc3efdd773ce752a8cdab4f90028
|
||||
@ -71,7 +71,7 @@ F src/date.c 6049db7d5a8fdf2c677ff7d58fa31d4f6593c988
|
||||
F src/delete.c 5c0d89b3ef7d48fe1f5124bfe8341f982747fe29
|
||||
F src/experimental.c 1b2d1a6cd62ecc39610e97670332ca073c50792b
|
||||
F src/expr.c eb91a54d0c2a3bebfcf91deda95508a188c2ed63
|
||||
F src/func.c 1fccb0372041188f4240350553164704e8aebeb4
|
||||
F src/func.c 6282d2025d8e0db80b43783a4778cbb04e98f2f6
|
||||
F src/hash.c 67b23e14f0257b69a3e8aa663e4eeadc1a2b6fd5
|
||||
F src/hash.h 1b3f7e2609141fd571f62199fc38687d262e9564
|
||||
F src/insert.c e595ca26805dfb3a9ebaabc28e7947c479f3b14d
|
||||
@ -119,7 +119,7 @@ F src/test9.c c0f38f7795cc51d37db6c63874d90f40f10d0f0e
|
||||
F src/test_async.c 9d326ceda4306bcab252b8f7e8e480ed45d7ccb6
|
||||
F src/test_autoext.c 855157d97aa28cf84233847548bfacda21807436
|
||||
F src/test_btree.c 882d59acad48bab3b1fe3daf3645059b590cfc79
|
||||
F src/test_config.c 8a66329b3f2fbb17d8ce00716eb611fa49f0887e
|
||||
F src/test_config.c c267103cac3733a0d14a0b8d3fa8c22b22fb468a
|
||||
F src/test_hexio.c 32204b5ce281ebc85f789c69c4ec725129e7e7f5
|
||||
F src/test_loadext.c 22065d601a18878e5542191001f0eaa5d77c0ed8
|
||||
F src/test_md5.c 6c42bc0a3c0b54be34623ff77a0eec32b2fa96e3
|
||||
@ -340,7 +340,7 @@ F test/shared_err.test cc528f6e78665787e93d9ce3a782a2ce5179d821
|
||||
F test/sort.test 0e4456e729e5a92a625907c63dcdedfbe72c5dc5
|
||||
F test/speed1.test 22e1b27af0683ed44dcd2f93ed817a9c3e65084a
|
||||
F test/speed2.test 53177056baf6556dcbdcf032bbdfc41c1aa74ded
|
||||
F test/sqllimits1.test 02a33a7f6c0064be4e5133327975ce5e69342a4f
|
||||
F test/sqllimits1.test 7fff0aaf860bdd65ba9c45969f1d17ca4f6c9a8c
|
||||
F test/subquery.test ae324ee928c5fb463a3ce08a8860d6e7f1ca5797
|
||||
F test/subselect.test 974e87f8fc91c5f00dd565316d396a5a6c3106c4
|
||||
F test/sync.test d05397b8f89f423dd6dba528692019ab036bc1c3
|
||||
@ -486,7 +486,7 @@ F www/tclsqlite.tcl bb0d1357328a42b1993d78573e587c6dcbc964b9
|
||||
F www/vdbe.tcl 87a31ace769f20d3627a64fa1fade7fed47b90d0
|
||||
F www/version3.tcl 890248cf7b70e60c383b0e84d77d5132b3ead42b
|
||||
F www/whentouse.tcl fc46eae081251c3c181bd79c5faef8195d7991a5
|
||||
P c5754530c6b1a8151c558f33d27fed70c95a988b
|
||||
R b5f8e28bbaf447fb3e0fb1a48ce02db9
|
||||
U drh
|
||||
Z 0e6336c72c0c38d732834ceb058795ef
|
||||
P 03349ec0be208fd8701d94515a2ed13129cb8422
|
||||
R f2e9dd7272549bf53a2372232b2e3902
|
||||
U danielk1977
|
||||
Z ddbbd47818532a8c09b0749d1c22ef8a
|
||||
|
||||
@ -1 +1 @@
|
||||
03349ec0be208fd8701d94515a2ed13129cb8422
|
||||
8819617b7cf7ccd64bf6bb4ba208f37126964ec2
|
||||
11
src/func.c
11
src/func.c
@ -16,7 +16,7 @@
|
||||
** sqliteRegisterBuildinFunctions() found at the bottom of the file.
|
||||
** All other code has file scope.
|
||||
**
|
||||
** $Id: func.c,v 1.152 2007/05/08 20:37:39 drh Exp $
|
||||
** $Id: func.c,v 1.153 2007/05/09 08:24:44 danielk1977 Exp $
|
||||
*/
|
||||
#include "sqliteInt.h"
|
||||
#include <ctype.h>
|
||||
@ -540,14 +540,13 @@ static void likeFunc(
|
||||
/* Limit the length of the LIKE or GLOB pattern to avoid problems
|
||||
** of deep recursion and N*N behavior in patternCompare().
|
||||
*/
|
||||
if( sqlite3_value_bytes(argv[1])>SQLITE_MAX_LIKE_PATTERN_LENGTH ){
|
||||
if( sqlite3_value_bytes(argv[0])>SQLITE_MAX_LIKE_PATTERN_LENGTH ){
|
||||
sqlite3_result_error(context, "LIKE or GLOB pattern too complex", -1);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
zA = sqlite3_value_text(argv[0]);
|
||||
zB = sqlite3_value_text(argv[1]);
|
||||
zB = sqlite3_value_text(argv[0]);
|
||||
zA = sqlite3_value_text(argv[1]);
|
||||
int escape = 0;
|
||||
if( argc==3 ){
|
||||
/* The escape character string must consist of a single UTF-8 character.
|
||||
@ -568,7 +567,7 @@ static void likeFunc(
|
||||
sqlite3_like_count++;
|
||||
#endif
|
||||
|
||||
sqlite3_result_int(context, patternCompare(zA, zB, pInfo, escape));
|
||||
sqlite3_result_int(context, patternCompare(zB, zA, pInfo, escape));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -16,7 +16,7 @@
|
||||
** The focus of this file is providing the TCL testing layer
|
||||
** access to compile-time constants.
|
||||
**
|
||||
** $Id: test_config.c,v 1.1 2007/05/08 01:08:49 drh Exp $
|
||||
** $Id: test_config.c,v 1.2 2007/05/09 08:24:44 danielk1977 Exp $
|
||||
*/
|
||||
#include "sqliteInt.h"
|
||||
#include "tcl.h"
|
||||
@ -376,6 +376,11 @@ static void set_options(Tcl_Interp *interp){
|
||||
Tcl_LinkVar(interp, "SQLITE_MAX_COLUMN",
|
||||
(char*)&sqlite_max_column, TCL_LINK_INT|TCL_LINK_READ_ONLY);
|
||||
}
|
||||
{
|
||||
static int sqlite_max_sql_length = SQLITE_MAX_SQL_LENGTH;
|
||||
Tcl_LinkVar(interp, "SQLITE_MAX_SQL_LENGTH",
|
||||
(char*)&sqlite_max_sql_length, TCL_LINK_INT|TCL_LINK_READ_ONLY);
|
||||
}
|
||||
{
|
||||
static int sqlite_max_expr_length = SQLITE_MAX_EXPR_LENGTH;
|
||||
Tcl_LinkVar(interp, "SQLITE_MAX_EXPR_LENGTH",
|
||||
@ -432,6 +437,11 @@ static void set_options(Tcl_Interp *interp){
|
||||
Tcl_LinkVar(interp, "SQLITE_DEFAULT_FILE_FORMAT",
|
||||
(char*)&sqlite_default_file_format, TCL_LINK_INT|TCL_LINK_READ_ONLY);
|
||||
}
|
||||
{
|
||||
static int sqlite_max_like_pattern = SQLITE_MAX_LIKE_PATTERN_LENGTH;
|
||||
Tcl_LinkVar(interp, "SQLITE_MAX_LIKE_PATTERN_LENGTH",
|
||||
(char*)&sqlite_max_like_pattern, TCL_LINK_INT|TCL_LINK_READ_ONLY);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -12,11 +12,30 @@
|
||||
# This file contains tests to verify that the limits defined in
|
||||
# sqlite source file limits.h are enforced.
|
||||
#
|
||||
# $Id: sqllimits1.test,v 1.3 2007/05/08 17:54:44 danielk1977 Exp $
|
||||
# $Id: sqllimits1.test,v 1.4 2007/05/09 08:24:44 danielk1977 Exp $
|
||||
|
||||
set testdir [file dirname $argv0]
|
||||
source $testdir/tester.tcl
|
||||
|
||||
# Test organization:
|
||||
#
|
||||
# sqllimits-1.*: SQLITE_MAX_LENGTH
|
||||
# sqllimits-2.*: SQLITE_MAX_SQL_LENGTH
|
||||
# sqllimits-3.*: SQLITE_MAX_PAGE_COUNT
|
||||
# sqllimits-4.*: SQLITE_MAX_COLUMN
|
||||
#
|
||||
# Todo:
|
||||
#
|
||||
# sqllimits-5.*: SQLITE_MAX_EXPR_LENGTH (sqlite todo)
|
||||
# sqllimits-6.*: SQLITE_MAX_VDBE_OP (sqlite todo)
|
||||
# sqllimits-7.*: SQLITE_MAX_FUNCTION_ARG
|
||||
# sqllimits-8.*: SQLITE_MAX_ATTACHED
|
||||
# sqllimits-9.*: SQLITE_MAX_VARIABLE_NUMBER
|
||||
# sqllimits-10.*: SQLITE_MAX_PAGE_SIZE
|
||||
# sqllimits-11.*: SQLITE_MAX_PAGE_COUNT
|
||||
# sqllimits-12.*: SQLITE_MAX_LIKE_PATTERN_LENGTH
|
||||
#
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# Test cases sqllimits-1.* test that the SQLITE_MAX_LENGTH limit
|
||||
# is enforced.
|
||||
@ -44,12 +63,13 @@ do_test sqllimits-1.4 {
|
||||
} {1 {string or blob too big}}
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# Test cases sqllimits-2.* test that the SQLITE_MAX_SQL limit
|
||||
# Test cases sqllimits-2.* test that the SQLITE_MAX_SQL_LENGTH limit
|
||||
# is enforced.
|
||||
#
|
||||
do_test sqllimits-2.1 {
|
||||
set sql "SELECT 1 WHERE 1==1"
|
||||
append sql [string repeat " AND 1==1" 200000]
|
||||
set N [expr {$::SQLITE_MAX_SQL_LENGTH / [string length " AND 1==1"]}]
|
||||
append sql [string repeat " AND 1==1" $N]
|
||||
catchsql $sql
|
||||
} {1 {String or BLOB exceeded size limit}}
|
||||
|
||||
@ -141,6 +161,7 @@ do_test sqllimits1-3.6 {
|
||||
# Test cases sqllimits1-4.* test the SQLITE_MAX_COLUMN limit.
|
||||
#
|
||||
do_test sqllimits-1.4.1 {
|
||||
# Columns in a table.
|
||||
set cols [list]
|
||||
for {set i 0} {$i <= $SQLITE_MAX_COLUMN} {incr i} {
|
||||
lappend cols "c$i"
|
||||
@ -149,6 +170,7 @@ do_test sqllimits-1.4.1 {
|
||||
} {1 {too many columns on t}}
|
||||
|
||||
do_test sqllimits-1.4.2 {
|
||||
# Columns in the result-set of a SELECT.
|
||||
set cols [list]
|
||||
for {set i 0} {$i <= $SQLITE_MAX_COLUMN} {incr i} {
|
||||
lappend cols "sql AS sql$i"
|
||||
@ -157,6 +179,7 @@ do_test sqllimits-1.4.2 {
|
||||
} {1 {too many columns in result set}}
|
||||
|
||||
do_test sqllimits-1.4.3 {
|
||||
# Columns in the result-set of a sub-SELECT.
|
||||
set cols [list]
|
||||
for {set i 0} {$i <= $SQLITE_MAX_COLUMN} {incr i} {
|
||||
lappend cols "sql AS sql$i"
|
||||
@ -165,6 +188,7 @@ do_test sqllimits-1.4.3 {
|
||||
} {1 {too many columns in result set}}
|
||||
|
||||
do_test sqllimits-1.4.4 {
|
||||
# Columns in an index.
|
||||
set cols [list]
|
||||
for {set i 0} {$i <= $SQLITE_MAX_COLUMN} {incr i} {
|
||||
lappend cols c
|
||||
@ -175,14 +199,17 @@ do_test sqllimits-1.4.4 {
|
||||
} {1 {too many columns in index}}
|
||||
|
||||
do_test sqllimits-1.4.5 {
|
||||
# Columns in a GROUP BY clause.
|
||||
catchsql "SELECT * FROM t1 GROUP BY [join $cols ,]"
|
||||
} {1 {too many terms in GROUP BY clause}}
|
||||
|
||||
do_test sqllimits-1.4.6 {
|
||||
# Columns in an ORDER BY clause.
|
||||
catchsql "SELECT * FROM t1 ORDER BY [join $cols ,]"
|
||||
} {1 {too many terms in ORDER BY clause}}
|
||||
|
||||
do_test sqllimits-1.4.7 {
|
||||
# Assignments in an UPDATE statement.
|
||||
set cols [list]
|
||||
for {set i 0} {$i <= $SQLITE_MAX_COLUMN} {incr i} {
|
||||
lappend cols "c = 1"
|
||||
@ -190,6 +217,59 @@ do_test sqllimits-1.4.7 {
|
||||
catchsql "UPDATE t1 SET [join $cols ,];"
|
||||
} {1 {too many columns in set list}}
|
||||
|
||||
do_test sqllimits-1.4.8 {
|
||||
# Columns in a view definition:
|
||||
set cols [list]
|
||||
for {set i 0} {$i <= $SQLITE_MAX_COLUMN} {incr i} {
|
||||
lappend cols "c$i"
|
||||
}
|
||||
catchsql "CREATE VIEW v1 AS SELECT [join $cols ,] FROM t1;"
|
||||
} {1 {too many columns in result set}}
|
||||
|
||||
do_test sqllimits-1.4.9 {
|
||||
# Columns in a view definition (testing * expansion):
|
||||
set cols [list]
|
||||
for {set i 0} {$i < $SQLITE_MAX_COLUMN} {incr i} {
|
||||
lappend cols "c$i"
|
||||
}
|
||||
catchsql "CREATE TABLE t2([join $cols ,])"
|
||||
catchsql "CREATE VIEW v1 AS SELECT *, c1 AS o FROM t2;"
|
||||
} {1 {too many columns in result set}}
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# These tests - sqllimits-5.* - test that the SQLITE_MAX_EXPR_LENGTH
|
||||
# limit is enforced. The limit refers to the number of terms in
|
||||
# the expression.
|
||||
#
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
# Test cases sqllimits-12.* verify that the
|
||||
# SQLITE_MAX_LIKE_PATTERN_LENGTH limit is enforced. This limit only
|
||||
# applies to the built-in LIKE operator, supplying an external
|
||||
# implementation by overriding the like() scalar function bypasses
|
||||
# this limitation.
|
||||
#
|
||||
# These tests check that the limit is not incorrectly applied to
|
||||
# the left-hand-side of the LIKE operator (the string being tested
|
||||
# against the pattern).
|
||||
#
|
||||
do_test sqllimits-1.12.1 {
|
||||
set max $::SQLITE_MAX_LIKE_PATTERN_LENGTH
|
||||
set ::pattern [string repeat "A%" [expr $max/2]]
|
||||
set ::string [string repeat "A" [expr {$max*2}]]
|
||||
execsql {
|
||||
SELECT $::string LIKE $::pattern;
|
||||
}
|
||||
} {1}
|
||||
do_test sqllimits-1.12.2 {
|
||||
set max $::SQLITE_MAX_LIKE_PATTERN_LENGTH
|
||||
set ::pattern [string repeat "A%" [expr {($max/2) + 1}]]
|
||||
set ::string [string repeat "A" [expr {$max*2}]]
|
||||
catchsql {
|
||||
SELECT $::string LIKE $::pattern;
|
||||
}
|
||||
} {1 {LIKE or GLOB pattern too complex}}
|
||||
|
||||
finish_test
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user