Stronger defenses against corrupt schemas in the ALTER TABLE logic.

FossilOrigin-Name: 13fbde28173332522a7ad307c1aad2b83c9aa1fe737583afa2b29f6da4de6370
This commit is contained in:
drh 2022-03-10 21:04:49 +00:00
parent 551b650236
commit fde3043200
6 changed files with 28 additions and 23 deletions

View File

@ -1,5 +1,5 @@
C Amend\ssqlite3_column_*()\sdoc\stable.\s(no\scode\schange)
D 2022-03-10T19:44:04.358
C Stronger\sdefenses\sagainst\scorrupt\sschemas\sin\sthe\sALTER\sTABLE\slogic.
D 2022-03-10T21:04:49.750
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@ -485,7 +485,7 @@ F spec.template 86a4a43b99ebb3e75e6b9a735d5fd293a24e90ca
F sqlite.pc.in 42b7bf0d02e08b9e77734a47798d1a55a9e0716b
F sqlite3.1 fc7ad8990fc8409983309bb80de8c811a7506786
F sqlite3.pc.in 48fed132e7cb71ab676105d2a4dc77127d8c1f3a
F src/alter.c e31cae888bc3077e34f9a82c6b4a96e4e44d37861eeb6472d68a378f1e8e46ba
F src/alter.c 006325f8844c65d885b3ba469b4c08d9dd0cd3e9ec481d5bcff621f224cb2302
F src/analyze.c 3a119baeb03053c154029877454d41bb8fd79d4d1eb583392f2289b3554a75bc
F src/attach.c f26d400f3ffe2cdca01406bca70e5f58c5488bf165b4fc37c228136dfcf1b583
F src/auth.c f4fa91b6a90bbc8e0d0f738aa284551739c9543a367071f55574681e0f24f8cf
@ -495,7 +495,7 @@ F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6
F src/btree.c f00f7323b3e7d2bf5192055b4a325a5b813686d424b59815e725690d2c215451
F src/btree.h 74d64b8f28cfa4a894d14d4ed64fa432cd697b98b61708d4351482ae15913e22
F src/btreeInt.h 8ce1332edd89dfd2461d561ac10a0ab5601c8e06200cb5230596c3caaf54482e
F src/build.c 9891c2160886cf7e344d7e8f1f7177f9612916c7c67ffeacd64cb34a92d387a8
F src/build.c a0cc68fe8172c0a31b54576f9c6c0fe6f7c82b1b5e1387afdd6a5a13132bc131
F src/callback.c 4c19af69835787bfe790ac560f3071a824eb629f34e41f97b52ce5235c77de1c
F src/complete.c a3634ab1e687055cd002e11b8f43eb75c17da23e
F src/ctime.c 2cce39df1a13e05b7633e6d21b651f21492471f991dd7b323a4ee4e7b7f0b7f1
@ -643,7 +643,7 @@ F src/where.c baec5c64db111227b6c7f07f65d91706a51d9f8c72d3f3ec7e65c39450b592d0
F src/whereInt.h 15d2975c3b4c193c78c26674400a840da8647fe1777ae3b026e2d15937b38a03
F src/wherecode.c 555f598a9ddad81761f084710fdb4f8733fe31bc14cd6b19f8ca4274a7eaa04c
F src/whereexpr.c 2a71f5491798460c9590317329234d332d9eb1717cba4f3403122189a75c465e
F src/window.c 457434edca750340462c84f2747381dfd15e3295e834821a18e48bde6d40da5f
F src/window.c 42a71595263dbd8ef8248218e4fc7d4b5ddccece52146ad48e079342d93f6f8f
F test/8_3_names.test ebbb5cd36741350040fd28b432ceadf495be25b2
F test/affinity2.test ce1aafc86e110685b324e9a763eab4f2a73f737842ec3b687bd965867de90627
F test/affinity3.test eecb0dabee4b7765a8465439d5e99429279ffba23ca74a7eae270a452799f9e7
@ -666,7 +666,7 @@ F test/alterlegacy.test f38c6d06cda39e1f7b955bbce57f2e3ef5b7cb566d3d1234502093e2
F test/altermalloc.test 167a47de41b5c638f5f5c6efb59784002b196fff70f98d9b4ed3cd74a3fb80c9
F test/altermalloc2.test 17fb3724c4b004c469c27dc4ef181608aa644555fbd3f3236767584f73747c81
F test/altermalloc3.test 55e606edf4b0acfbbd851ddfe93cfdddfae43d103644dcfd6008ae4ab3c44adf
F test/alterqf.test 3008318ba9e16b4ac0b5f83cf7683caa4b0a3154aafe3b4099838a250d4ba74a
F test/alterqf.test ff6c6f881485c29ed699b8ef4774864ca1b0c01a6c08f5cdd624a008e4b40fca
F test/altertab.test 7273b8506eab46342be016af78028df49f3bd99037412f997a8f1011b37a6912
F test/altertab2.test 62597b6fd08feaba1b6bfe7d31dac6117c67e06dc9ce9c478a3abe75b5926de0
F test/altertab3.test 5929f522fd6fd708396ad9f317d4af9ff1a93e460df85bb1d54d4499eeb94960
@ -1944,8 +1944,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
P 58de3c2b1a773a71b2d6a5d9a4dc0f839185d78d64519e7d267ad133b9830120
R 453123152676a643644021462da06059
U larrybr
Z 7a65559d2f8fe7a81c1e2aa9ebb98f60
P 1f473099776249f774a285fa117316636e00c3ff030ba0f22ed5bd05641c1bc9
R 2ae2925ec91f5619d1a35088b1bcfad0
U drh
Z e232808c8eb653b66c1790d6c0687a0f
# Remove this line to create a well-formed Fossil manifest.

View File

@ -1 +1 @@
1f473099776249f774a285fa117316636e00c3ff030ba0f22ed5bd05641c1bc9
13fbde28173332522a7ad307c1aad2b83c9aa1fe737583afa2b29f6da4de6370

View File

@ -1131,19 +1131,21 @@ static int renameParseSql(
){
int rc;
db->init.iDb = bTemp ? 1 : sqlite3FindDbName(db, zDb);
/* Parse the SQL statement passed as the first argument. If no error
** occurs and the parse does not result in a new table, index or
** trigger object, the database must be corrupt. */
sqlite3ParseObjectInit(p, db);
if( zSql==0 ){
return SQLITE_NOMEM;
}
if( sqlite3StrNICmp(zSql,"CREATE ",7)!=0 ){
return SQLITE_CORRUPT_BKPT;
}
db->init.iDb = bTemp ? 1 : sqlite3FindDbName(db, zDb);
p->eParseMode = PARSE_MODE_RENAME;
p->db = db;
p->nQueryLoop = 1;
rc = zSql ? sqlite3RunParser(p, zSql) : SQLITE_NOMEM;
rc = sqlite3RunParser(p, zSql);
if( db->mallocFailed ) rc = SQLITE_NOMEM;
if( rc==SQLITE_OK
&& p->pNewTable==0 && p->pNewIndex==0 && p->pNewTrigger==0
&& NEVER(p->pNewTable==0 && p->pNewIndex==0 && p->pNewTrigger==0)
){
rc = SQLITE_CORRUPT_BKPT;
}

View File

@ -2826,6 +2826,11 @@ void sqlite3EndTable(
int addrInsLoop; /* Top of the loop for inserting rows */
Table *pSelTab; /* A table that describes the SELECT results */
if( IN_SPECIAL_PARSE ){
pParse->rc = SQLITE_ERROR;
pParse->nErr++;
return;
}
regYield = ++pParse->nMem;
regRec = ++pParse->nMem;
regRowid = ++pParse->nMem;

View File

@ -960,7 +960,7 @@ int sqlite3WindowRewrite(Parse *pParse, Select *p){
if( p->pWin
&& p->pPrior==0
&& ALWAYS((p->selFlags & SF_WinRewrite)==0)
&& !IN_RENAME_OBJECT
&& ALWAYS(!IN_RENAME_OBJECT)
){
Vdbe *v = sqlite3GetVdbe(pParse);
sqlite3 *db = pParse->db;

View File

@ -63,8 +63,7 @@ foreach {tn before after} {
10 {CREATE TABLE t2(abc, xyz CHECK (xyz != "123"))}
{CREATE TABLE t2(abc, xyz CHECK (xyz != '123'))}
11 {
CREATE TRIGGER ott AFTER UPDATE ON t1 BEGIN
11 {CREATE TRIGGER ott AFTER UPDATE ON t1 BEGIN
SELECT max("str", new."a") FROM t1
WHERE group_concat("b", ",") OVER (ORDER BY c||"str");
UPDATE t1 SET c= b + "str";
@ -72,8 +71,7 @@ foreach {tn before after} {
SELECT 1 FROM t1 AS o WHERE o."a" = "o.a" AND t1.b IN("t1.b")
);
END;
} {
CREATE TRIGGER ott AFTER UPDATE ON t1 BEGIN
} {CREATE TRIGGER ott AFTER UPDATE ON t1 BEGIN
SELECT max('str', new."a") FROM t1
WHERE group_concat("b", ',') OVER (ORDER BY c||'str');
UPDATE t1 SET c= b + 'str';