/ Check-in [275ba356]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Do not allow triggers on the SQLITE_MASTER table. (CVS 579)
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 275ba356f351abcf9a079ac16b765c9443750f0e
User & Date: drh 2002-05-23 00:30:31
Context
2002-05-23
02:09
Fix some places where a malloc() failure would lead to a segfault. (CVS 580) check-in: 01ad352c user: drh tags: trunk
00:30
Do not allow triggers on the SQLITE_MASTER table. (CVS 579) check-in: 275ba356 user: drh tags: trunk
2002-05-22
21:27
Fix for ticket #46: Report an error if a CREATE TABLE contains two or more columns with the same name. (CVS 578) check-in: ba1953ab user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/parse.y.

    10     10   **
    11     11   *************************************************************************
    12     12   ** This file contains SQLite's grammar for SQL.  Process this file
    13     13   ** using the lemon parser generator to generate C code that runs
    14     14   ** the parser.  Lemon will also generate a header file containing
    15     15   ** numeric codes for all of the tokens.
    16     16   **
    17         -** @(#) $Id: parse.y,v 1.66 2002/05/21 11:38:12 drh Exp $
           17  +** @(#) $Id: parse.y,v 1.67 2002/05/23 00:30:31 drh Exp $
    18     18   */
    19     19   %token_prefix TK_
    20     20   %token_type {Token}
    21     21   %default_type {Token}
    22     22   %extra_argument {Parse *pParse}
    23     23   %syntax_error {
    24     24     sqliteSetString(&pParse->zErrMsg,"syntax error",0);
................................................................................
   120    120   id(A) ::= INSTEAD(X).    {A = X;}
   121    121   id(A) ::= KEY(X).        {A = X;}
   122    122   id(A) ::= OF(X).         {A = X;}
   123    123   id(A) ::= OFFSET(X).     {A = X;}
   124    124   id(A) ::= PRAGMA(X).     {A = X;}
   125    125   id(A) ::= REPLACE(X).    {A = X;}
   126    126   id(A) ::= ROW(X).        {A = X;}
          127  +id(A) ::= STATEMENT(X).  {A = X;}
   127    128   id(A) ::= TEMP(X).       {A = X;}
   128    129   id(A) ::= TRIGGER(X).    {A = X;}
   129    130   id(A) ::= VACUUM(X).     {A = X;}
   130    131   id(A) ::= VIEW(X).       {A = X;}
   131    132   
   132    133   // And "ids" is an identifer-or-string.
   133    134   //

Changes to src/tokenize.c.

    11     11   *************************************************************************
    12     12   ** An tokenizer for SQL
    13     13   **
    14     14   ** This file contains C code that splits an SQL input string up into
    15     15   ** individual tokens and sends those tokens one-by-one over to the
    16     16   ** parser for analysis.
    17     17   **
    18         -** $Id: tokenize.c,v 1.41 2002/05/15 08:30:14 danielk1977 Exp $
           18  +** $Id: tokenize.c,v 1.42 2002/05/23 00:30:31 drh Exp $
    19     19   */
    20     20   #include "sqliteInt.h"
    21     21   #include "os.h"
    22     22   #include <ctype.h>
    23     23   #include <stdlib.h>
    24     24   
    25     25   /*
................................................................................
    96     96     { "PRAGMA",            0, TK_PRAGMA,           0 },
    97     97     { "PRIMARY",           0, TK_PRIMARY,          0 },
    98     98     { "REPLACE",           0, TK_REPLACE,          0 },
    99     99     { "ROLLBACK",          0, TK_ROLLBACK,         0 },
   100    100     { "ROW",               0, TK_ROW,              0 },
   101    101     { "SELECT",            0, TK_SELECT,           0 },
   102    102     { "SET",               0, TK_SET,              0 },
          103  +  { "STATEMENT",         0, TK_STATEMENT,        0 },
   103    104     { "TABLE",             0, TK_TABLE,            0 },
   104    105     { "TEMP",              0, TK_TEMP,             0 },
   105    106     { "TEMPORARY",         0, TK_TEMP,             0 },
   106    107     { "THEN",              0, TK_THEN,             0 },
   107    108     { "TRANSACTION",       0, TK_TRANSACTION,      0 },
   108    109     { "TRIGGER",           0, TK_TRIGGER,          0 },
   109    110     { "UNION",             0, TK_UNION,            0 },

Changes to src/trigger.c.

    55     55       tab = sqliteFindTable(pParse->db, tmp_str);
    56     56       sqliteFree(tmp_str);
    57     57       if( !tab ){
    58     58         sqliteSetNString(&pParse->zErrMsg, "no such table: ", -1,
    59     59             pTableName->z, pTableName->n, 0);
    60     60         pParse->nErr++;
    61     61         goto trigger_cleanup;
           62  +    }
           63  +    if( sqliteStrICmp(tab->zName, MASTER_NAME)==0 ){
           64  +      sqliteSetString(&pParse->zErrMsg, "cannot create trigger on system "
           65  +         "table: " MASTER_NAME, 0);
           66  +      pParse->nErr++;
           67  +      goto trigger_cleanup;
    62     68       }
    63     69     }
    64     70   
    65     71     /* Build the Trigger object */
    66     72     nt = (Trigger*)sqliteMalloc(sizeof(Trigger));
    67     73     nt->name = sqliteStrNDup(pName->z, pName->n);
    68     74     nt->table = sqliteStrNDup(pTableName->z, pTableName->n);

Changes to test/trigger1.test.

    98     98   	CREATE TRIGGER temp_trig UPDATE ON temp_table BEGIN
    99     99   	    SELECT * from sqlite_master;
   100    100   	END;
   101    101   	SELECT count(*) FROM sqlite_master WHERE name = 'temp_trig';
   102    102     } 
   103    103   } {0}
   104    104   
          105  +do_test trig_cd-1.9 {
          106  +  catchsql {
          107  +    CREATE TRIGGER tr1 AFTER UPDATE ON sqlite_master BEGIN
          108  +       SELECT * FROM sqlite_master;
          109  +    END;
          110  +  }
          111  +} {1 {cannot create trigger on system table: sqlite_master}}
          112  +
   105    113   catchsql {
   106    114     DROP TABLE temp_table;
   107    115   }
   108    116   catchsql {
   109    117     DROP TABLE t1;
   110    118   }
   111    119   
   112    120   finish_test
   113         -

Changes to test/trigger2.test.

   537    537     }
   538    538   } {4 2 3 6 3 4}
   539    539   execsql {
   540    540     DROP TABLE tbl;
   541    541   }
   542    542   
   543    543   # 7. Triggers on views
   544         -execsql {
          544  +do_test trig-7.1 {
          545  +  execsql {
   545    546     CREATE TABLE ab(a, b);
   546    547     CREATE TABLE cd(c, d);
   547    548     INSERT INTO ab VALUES (1, 2);
   548    549     INSERT INTO ab VALUES (0, 0);
   549    550     INSERT INTO cd VALUES (3, 4);
   550    551   
   551    552     CREATE TABLE tlog(ii INTEGER PRIMARY KEY, 
................................................................................
   575    576       INSERT INTO tlog VALUES(NULL, 
   576    577   	0, 0, 0, 0, new.a, new.b, new.c, new.d);
   577    578     END;
   578    579      CREATE TRIGGER after_insert AFTER INSERT ON abcd BEGIN
   579    580       INSERT INTO tlog VALUES(NULL, 
   580    581   	0, 0, 0, 0, new.a, new.b, new.c, new.d);
   581    582      END;
   582         -}
          583  +  }
          584  +} {}
   583    585   
   584         -do_test trig-7 {
          586  +do_test trig-7.2 {
   585    587     execsql {
   586    588       UPDATE abcd SET a = 100, b = 5*5 WHERE a = 1;
   587    589       DELETE FROM abcd WHERE a = 1;
   588    590       INSERT INTO abcd VALUES(10, 20, 30, 40);
   589    591       SELECT * FROM tlog;
   590    592     }
   591    593   } [ list 1 1 2 3 4 100 25 3 4 \
   592    594            2 1 2 3 4 100 25 3 4 \
   593    595    3 1 2 3 4 0 0 0 0 4 1 2 3 4 0 0 0 0 \
   594    596    5 0 0 0 0 10 20 30 40 6 0 0 0 0 10 20 30 40 ]
   595    597   
   596    598   finish_test
   597         -