Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | In the sqlite3_limit() interface, take out the feature where zero means use the hard upper bound. If an application wants the hard upper bound, it can set the limit to 0x7fffffff and the bound will be automatically truncated. (CVS 4900) |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
d6be1f495ec57158f7bcca3e32145a9a |
User & Date: | drh 2008-03-20 18:00:49.000 |
Context
2008-03-21
| ||
14:22 | Add some more logging to the malloc system used when SQLITE_MEMDEBUG is defined. (CVS 4901) (check-in: 79738f582f user: danielk1977 tags: trunk) | |
2008-03-20
| ||
18:00 | In the sqlite3_limit() interface, take out the feature where zero means use the hard upper bound. If an application wants the hard upper bound, it can set the limit to 0x7fffffff and the bound will be automatically truncated. (CVS 4900) (check-in: d6be1f495e user: drh tags: trunk) | |
16:30 | Reinstate test cases for the limit tests. The sqlite3_limit() API is now tested and working. (CVS 4899) (check-in: 4c4be4c3c8 user: drh tags: trunk) | |
Changes
Changes to src/main.c.
︙ | ︙ | |||
10 11 12 13 14 15 16 | ** ************************************************************************* ** Main file for the SQLite library. The routines in this file ** implement the programmer interface to the library. Routines in ** other files are for internal use by SQLite and should not be ** accessed by users of the library. ** | | | 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | ** ************************************************************************* ** Main file for the SQLite library. The routines in this file ** implement the programmer interface to the library. Routines in ** other files are for internal use by SQLite and should not be ** accessed by users of the library. ** ** $Id: main.c,v 1.428 2008/03/20 18:00:49 drh Exp $ */ #include "sqliteInt.h" #include <ctype.h> #ifdef SQLITE_ENABLE_FTS3 # include "fts3.h" #endif |
︙ | ︙ | |||
997 998 999 1000 1001 1002 1003 | int sqlite3_limit(sqlite3 *db, int limitId, int newLimit){ int oldLimit; if( limitId<0 || limitId>SQLITE_N_LIMIT ){ return -1; } oldLimit = db->aLimit[limitId]; if( newLimit>=0 ){ | | < < | 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 | int sqlite3_limit(sqlite3 *db, int limitId, int newLimit){ int oldLimit; if( limitId<0 || limitId>SQLITE_N_LIMIT ){ return -1; } oldLimit = db->aLimit[limitId]; if( newLimit>=0 ){ if( newLimit>aHardLimit[limitId] ){ newLimit = aHardLimit[limitId]; } db->aLimit[limitId] = newLimit; } return oldLimit; } |
︙ | ︙ |
Changes to src/sqlite.h.in.
︙ | ︙ | |||
26 27 28 29 30 31 32 | ** on how SQLite interfaces are suppose to operate. ** ** The name of this file under configuration management is "sqlite.h.in". ** The makefile makes some minor changes to this file (such as inserting ** the version number) and changes its name to "sqlite3.h" as ** part of the build process. ** | | | 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | ** on how SQLite interfaces are suppose to operate. ** ** The name of this file under configuration management is "sqlite.h.in". ** The makefile makes some minor changes to this file (such as inserting ** the version number) and changes its name to "sqlite3.h" as ** part of the build process. ** ** @(#) $Id: sqlite.h.in,v 1.298 2008/03/20 18:00:49 drh Exp $ */ #ifndef _SQLITE3_H_ #define _SQLITE3_H_ #include <stdarg.h> /* Needed for the definition of va_list */ /* ** Make sure we can call this stuff from C++. |
︙ | ︙ | |||
1615 1616 1617 1618 1619 1620 1621 | */ void sqlite3_randomness(int N, void *P); /* ** CAPI3REF: Compile-Time Authorization Callbacks {F12500} ** ** This routine registers a authorizer callback with a particular | | | | | | | > | | > > > > > | 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 | */ void sqlite3_randomness(int N, void *P); /* ** CAPI3REF: Compile-Time Authorization Callbacks {F12500} ** ** This routine registers a authorizer callback with a particular ** [database connection], supplied in the first argument. ** The authorizer callback is invoked as SQL statements are being compiled ** by [sqlite3_prepare()] or its variants [sqlite3_prepare_v2()], ** [sqlite3_prepare16()] and [sqlite3_prepare16_v2()]. At various ** points during the compilation process, as logic is being created ** to perform various actions, the authorizer callback is invoked to ** see if those actions are allowed. The authorizer callback should ** return [SQLITE_OK] to allow the action, [SQLITE_IGNORE] to disallow the ** specific action but allow the SQL statement to continue to be ** compiled, or [SQLITE_DENY] to cause the entire SQL statement to be ** rejected with an error. If the authorizer callback returns ** any value other than [SQLITE_IGNORE], [SQLITE_OK], or [SQLITE_DENY] ** then [sqlite3_prepare_v2()] or equivalent call that triggered ** the authorizer will fail with an error message. ** ** When the callback returns [SQLITE_OK], that means the operation ** requested is ok. When the callback returns [SQLITE_DENY], the ** [sqlite3_prepare_v2()] or equivalent call that triggered the ** authorizer will fail with an error message explaining that ** access is denied. If the authorizer code is [SQLITE_READ] ** and the callback returns [SQLITE_IGNORE] then the ** [prepared statement] statement is constructed to substitute ** a NULL value in place of the table column that would have ** been read if [SQLITE_OK] had been returned. The [SQLITE_IGNORE] ** return can be used to deny an untrusted user access to individual ** columns of a table. ** ** The first parameter to the authorizer callback is a copy of ** the third parameter to the sqlite3_set_authorizer() interface. ** The second parameter to the callback is an integer ** [SQLITE_COPY | action code] that specifies the particular action ** to be authorized. The third through sixth ** parameters to the callback are zero-terminated strings that contain ** additional details about the action to be authorized. ** ** An authorizer is used when [sqlite3_prepare | preparing] ** SQL statements from an untrusted ** source, to ensure that the SQL statements do not try to access data ** that they are not allowed to see, or that they do not try to ** execute malicious statements that damage the database. For ** example, an application may allow a user to enter arbitrary ** SQL queries for evaluation by a database. But the application does ** not want the user to be able to make arbitrary changes to the ** database. An authorizer could then be put in place while the ** user-entered SQL is being [sqlite3_prepare | prepared] that ** disallows everything except [SELECT] statements. ** ** Applications that need to process SQL from untrusted sources ** might also consider lowering resource limits using [sqlite3_limit()] ** and limiting database size using the [max_page_count] [PRAGMA] ** in addition to using an authorizer. ** ** Only a single authorizer can be in place on a database connection ** at a time. Each call to sqlite3_set_authorizer overrides the ** previous call. Disable the authorizer by installing a NULL callback. ** The authorizer is disabled by default. ** ** Note that the authorizer callback is invoked only during |
︙ | ︙ | |||
2162 2163 2164 2165 2166 2167 2168 | ** on a connection by connection basis. The first parameter is the ** [database connection] whose limit is to be set or queried. The ** second parameter is one of the [limit categories] that define a ** class of constructs to be size limited. The third parameter is the ** new limit for that construct. The function returns the old limit. ** ** If the new limit is a negative number, the limit is unchanged. | < < | | > | | | | > > > | | | 2168 2169 2170 2171 2172 2173 2174 2175 2176 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186 2187 2188 2189 2190 2191 2192 2193 2194 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207 2208 2209 2210 2211 2212 | ** on a connection by connection basis. The first parameter is the ** [database connection] whose limit is to be set or queried. The ** second parameter is one of the [limit categories] that define a ** class of constructs to be size limited. The third parameter is the ** new limit for that construct. The function returns the old limit. ** ** If the new limit is a negative number, the limit is unchanged. ** For the limit category of SQLITE_LIMIT_XYZ there is a hard upper ** bound set by a compile-time C-preprocess macro named SQLITE_MAX_XYZ. ** (The "_LIMIT_" in the name is changed to "_MAX_".) ** Attempts to increase a limit above its hard upper bound are ** silently truncated to the hard upper limit. ** ** Run time limits are intended for use in applications that manage ** both their own internal database and also databases that are controlled ** by untrusted external sources. An example application might be a ** webbrowser that has its own databases for storing history and ** separate databases controlled by javascript applications downloaded ** off the internet. The internal databases can be given the ** large, default limits. Databases managed by external sources can ** be given much smaller limits designed to prevent a denial of service ** attach. Developers might also want to use the [sqlite3_set_authorizer()] ** interface to further control untrusted SQL. The size of the database ** created by an untrusted script can be contained using the ** [max_page_count] [PRAGMA]. ** ** This interface is currently considered experimental and is subject ** to change or removal without prior notice. ** ** INVARIANTS: ** ** {F12762} A successful call to [sqlite3_limit(D,C,V)] where V is ** positive changes the ** limit on the size of construct C in [database connection] D ** to the lessor of V and the hard upper bound on the size ** of C that is set at compile-time. ** ** {F12764} A successful call to [sqlite3_limit(D,C,V)] where V is zero ** changes the limit on the size of construct C in ** [database connection] D to be the hard upper bound on the size ** of C that is set at compile-time. ** ** {F12766} A successful call to [sqlite3_limit(D,C,V)] where V is negative ** leaves the state of [database connection] D unchanged. ** |
︙ | ︙ |
Changes to test/sqllimits1.test.
︙ | ︙ | |||
8 9 10 11 12 13 14 | # May you share freely, never taking more than you give. # #*********************************************************************** # # This file contains tests to verify that the limits defined in # sqlite source file limits.h are enforced. # | | | 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | # May you share freely, never taking more than you give. # #*********************************************************************** # # This file contains tests to verify that the limits defined in # sqlite source file limits.h are enforced. # # $Id: sqllimits1.test,v 1.26 2008/03/20 18:00:49 drh Exp $ set testdir [file dirname $argv0] source $testdir/tester.tcl # Verify that the default per-connection limits are the same as # the compile-time hard limits. # |
︙ | ︙ | |||
219 220 221 222 223 224 225 | sqlite3_limit db SQLITE_LIMIT_LIKE_PATTERN_LENGTH -1 } $SQLITE_MAX_LIKE_PATTERN_LENGTH do_test sqllimits1-4.10.1 { sqlite3_limit db SQLITE_LIMIT_VARIABLE_NUMBER 0x7fffffff sqlite3_limit db SQLITE_LIMIT_VARIABLE_NUMBER -1 } $SQLITE_MAX_VARIABLE_NUMBER | < < | 219 220 221 222 223 224 225 226 227 228 229 230 231 232 | sqlite3_limit db SQLITE_LIMIT_LIKE_PATTERN_LENGTH -1 } $SQLITE_MAX_LIKE_PATTERN_LENGTH do_test sqllimits1-4.10.1 { sqlite3_limit db SQLITE_LIMIT_VARIABLE_NUMBER 0x7fffffff sqlite3_limit db SQLITE_LIMIT_VARIABLE_NUMBER -1 } $SQLITE_MAX_VARIABLE_NUMBER #-------------------------------------------------------------------- # Test cases sqllimits1-5.* test that the SQLITE_MAX_LENGTH limit # is enforced. # db close sqlite3 db test.db set LARGESIZE 99999 |
︙ | ︙ | |||
351 352 353 354 355 356 357 | set tail " /* A comment to take up space in order to make the string\ longer without increasing the expression depth */\ AND 1 == 1" set N [expr {(50000 / [string length $tail])+1}] append sql [string repeat $tail $N] catchsql $sql } {1 {String or BLOB exceeded size limit}} | < < < < | 349 350 351 352 353 354 355 356 357 358 359 360 361 362 | set tail " /* A comment to take up space in order to make the string\ longer without increasing the expression depth */\ AND 1 == 1" set N [expr {(50000 / [string length $tail])+1}] append sql [string repeat $tail $N] catchsql $sql } {1 {String or BLOB exceeded size limit}} do_test sqllimits1-6.3 { sqlite3_limit db SQLITE_LIMIT_SQL_LENGTH 50000 set sql "SELECT 1 WHERE 1==1" set tail " /* A comment to take up space in order to make the string\ longer without increasing the expression depth */\ AND 1 == 1" set N [expr {(50000 / [string length $tail])+1}] |
︙ | ︙ |