/ Check-in [dac28547]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Ensure each ALTER TABLE statement makes just a single SQLITE_ALTER_TABLE call to the authorizer function.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | alter-auth-callbacks
Files: files | file ages | folders
SHA3-256: dac285474a4b09cb004b797567d050952cb12b952e5688bc4a6e4599faa21565
User & Date: dan 2018-10-06 14:33:41
Context
2018-10-06
14:33
Ensure each ALTER TABLE statement makes just a single SQLITE_ALTER_TABLE call to the authorizer function. Leaf check-in: dac28547 user: dan tags: alter-auth-callbacks
13:46
Add test cases and assert() statements to ensure that the authorizer is being called as expected from within ALTER TABLE. check-in: ff10d2c7 user: dan tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Show Whitespace Changes Patch

Changes to src/alter.c.

    94     94     char *zName = 0;          /* NULL-terminated version of pName */ 
    95     95     sqlite3 *db = pParse->db; /* Database connection */
    96     96     int nTabName;             /* Number of UTF-8 characters in zTabName */
    97     97     const char *zTabName;     /* Original name of the table */
    98     98     Vdbe *v;
    99     99     VTable *pVTab = 0;        /* Non-zero if this is a v-tab with an xRename() */
   100    100     u32 savedDbFlags;         /* Saved value of db->mDbFlags */
          101  +#ifndef SQLITE_OMIT_AUTHORIZATION
          102  +  sqlite3_xauth xAuth = db->xAuth;
          103  +#endif
   101    104   
   102    105     savedDbFlags = db->mDbFlags;  
   103    106     if( NEVER(db->mallocFailed) ) goto exit_rename_table;
   104    107     assert( pSrc->nSrc==1 );
   105    108     assert( sqlite3BtreeHoldsAllMutexes(pParse->db) );
   106    109   
   107    110     pTab = sqlite3LocateTableItem(pParse, 0, &pSrc->a[0]);
................................................................................
   141    144   #endif
   142    145   
   143    146   #ifndef SQLITE_OMIT_AUTHORIZATION
   144    147     /* Invoke the authorization callback. */
   145    148     if( sqlite3AuthCheck(pParse, SQLITE_ALTER_TABLE, zDb, pTab->zName, 0) ){
   146    149       goto exit_rename_table;
   147    150     }
          151  +  db->xAuth = 0;
   148    152   #endif
   149    153   
   150    154   #ifndef SQLITE_OMIT_VIRTUALTABLE
   151    155     if( sqlite3ViewGetColumnNames(pParse, pTab) ){
   152    156       goto exit_rename_table;
   153    157     }
   154    158     if( IsVirtual(pTab) ){
................................................................................
   240    244     }
   241    245   #endif
   242    246   
   243    247     renameReloadSchema(pParse, iDb);
   244    248     renameTestSchema(pParse, zDb, iDb==1);
   245    249   
   246    250   exit_rename_table:
          251  +#ifndef SQLITE_OMIT_AUTHORIZATION
          252  +  db->xAuth = xAuth;
          253  +#endif
   247    254     sqlite3SrcListDelete(db, pSrc);
   248    255     sqlite3DbFree(db, zName);
   249    256     db->mDbFlags = savedDbFlags;
   250    257   }
   251    258   
   252    259   /*
   253    260   ** This function is called after an "ALTER TABLE ... ADD" statement
................................................................................
   343    350     }
   344    351   
   345    352     /* Modify the CREATE TABLE statement. */
   346    353     zCol = sqlite3DbStrNDup(db, (char*)pColDef->z, pColDef->n);
   347    354     if( zCol ){
   348    355       char *zEnd = &zCol[pColDef->n-1];
   349    356       u32 savedDbFlags = db->mDbFlags;
          357  +#ifndef SQLITE_OMIT_AUTHORIZATION
          358  +    sqlite3_xauth xAuth = db->xAuth;
          359  +    db->xAuth = 0;
          360  +#endif
   350    361       while( zEnd>zCol && (*zEnd==';' || sqlite3Isspace(*zEnd)) ){
   351    362         *zEnd-- = '\0';
   352    363       }
   353    364       db->mDbFlags |= DBFLAG_PreferBuiltin;
   354    365       sqlite3NestedParse(pParse, 
   355    366           "UPDATE \"%w\".%s SET "
   356    367             "sql = substr(sql,1,%d) || ', ' || %Q || substr(sql,%d) "
   357    368           "WHERE type = 'table' AND name = %Q", 
   358    369         zDb, MASTER_NAME, pNew->addColOffset, zCol, pNew->addColOffset+1,
   359    370         zTab
   360    371       );
   361    372       sqlite3DbFree(db, zCol);
   362    373       db->mDbFlags = savedDbFlags;
          374  +#ifndef SQLITE_OMIT_AUTHORIZATION
          375  +    db->xAuth = xAuth;
          376  +#endif
   363    377     }
   364    378   
   365    379     /* Make sure the schema version is at least 3.  But do not upgrade
   366    380     ** from less than 3 to 4, as that will corrupt any preexisting DESC
   367    381     ** index.
   368    382     */
   369    383     v = sqlite3GetVdbe(pParse);
................................................................................
   516    530     Table *pTab;                    /* Table being updated */
   517    531     int iCol;                       /* Index of column being renamed */
   518    532     char *zOld = 0;                 /* Old column name */
   519    533     char *zNew = 0;                 /* New column name */
   520    534     const char *zDb;                /* Name of schema containing the table */
   521    535     int iSchema;                    /* Index of the schema */
   522    536     int bQuote;                     /* True to quote the new name */
          537  +#ifndef SQLITE_OMIT_AUTHORIZATION
          538  +  sqlite3_xauth xAuth = db->xAuth;
          539  +#endif
   523    540   
   524    541     /* Locate the table to be altered */
   525    542     pTab = sqlite3LocateTableItem(pParse, 0, &pSrc->a[0]);
   526    543     if( !pTab ) goto exit_rename_column;
   527    544   
   528    545     /* Cannot alter a system table */
   529    546     if( SQLITE_OK!=isSystemTable(pParse, pTab->zName) ) goto exit_rename_column;
................................................................................
   535    552     zDb = db->aDb[iSchema].zDbSName;
   536    553   
   537    554   #ifndef SQLITE_OMIT_AUTHORIZATION
   538    555     /* Invoke the authorization callback. */
   539    556     if( sqlite3AuthCheck(pParse, SQLITE_ALTER_TABLE, zDb, pTab->zName, 0) ){
   540    557       goto exit_rename_column;
   541    558     }
          559  +  db->xAuth = 0;
   542    560   #endif
   543    561   
   544    562     /* Make sure the old name really is a column name in the table to be
   545    563     ** altered.  Set iCol to be the index of the column being renamed */
   546    564     zOld = sqlite3NameFromToken(db, pOld);
   547    565     if( !zOld ) goto exit_rename_column;
   548    566     for(iCol=0; iCol<pTab->nCol; iCol++){
................................................................................
   580    598     );
   581    599   
   582    600     /* Drop and reload the database schema. */
   583    601     renameReloadSchema(pParse, iSchema);
   584    602     renameTestSchema(pParse, zDb, iSchema==1);
   585    603   
   586    604    exit_rename_column:
          605  +#ifndef SQLITE_OMIT_AUTHORIZATION
          606  +  db->xAuth = xAuth;
          607  +#endif
   587    608     sqlite3SrcListDelete(db, pSrc);
   588    609     sqlite3DbFree(db, zOld);
   589    610     sqlite3DbFree(db, zNew);
   590    611     return;
   591    612   }
   592    613   
   593    614   /*

Changes to test/alterauth2.test.

    52     52     END;
    53     53   }
    54     54   
    55     55   do_auth_test 1.1 {
    56     56     ALTER TABLE t1 RENAME TO t2;
    57     57   } {
    58     58       {SQLITE_ALTER_TABLE main t1 {} {}} 
    59         -    {SQLITE_FUNCTION {} like {} {}} 
    60         -  {SQLITE_FUNCTION {} sqlite_rename_table {} {}} 
    61         -  {SQLITE_FUNCTION {} sqlite_rename_test {} {}} 
    62         -    {SQLITE_FUNCTION {} substr {} {}} 
    63         -    {SQLITE_READ sqlite_master name main {}} 
    64         -    {SQLITE_READ sqlite_master sql main {}} 
    65         -    {SQLITE_READ sqlite_master tbl_name main {}} 
    66         -    {SQLITE_READ sqlite_master type main {}} 
    67         -  {SQLITE_READ sqlite_temp_master name temp {}} 
    68         -  {SQLITE_READ sqlite_temp_master sql temp {}} 
    69         -  {SQLITE_READ sqlite_temp_master tbl_name temp {}} 
    70         -  {SQLITE_READ sqlite_temp_master type temp {}} 
    71         -  {SQLITE_SELECT {} {} {} {}} 
    72         -    {SQLITE_UPDATE sqlite_master name main {}} 
    73         -    {SQLITE_UPDATE sqlite_master sql main {}} 
    74         -    {SQLITE_UPDATE sqlite_master tbl_name main {}} 
    75         -  {SQLITE_UPDATE sqlite_temp_master sql temp {}} 
    76         -  {SQLITE_UPDATE sqlite_temp_master tbl_name temp {}}
    77     59   }
    78     60   
    79     61   do_auth_test 1.2 {
    80     62     ALTER TABLE t2 RENAME a TO aaa;
    81     63   } {
    82     64     {SQLITE_ALTER_TABLE main t2 {} {}} 
    83         -  {SQLITE_FUNCTION {} like {} {}} 
    84         -  {SQLITE_FUNCTION {} sqlite_rename_column {} {}} 
    85         -  {SQLITE_FUNCTION {} sqlite_rename_test {} {}} 
    86         -  {SQLITE_READ sqlite_master name main {}} 
    87         -  {SQLITE_READ sqlite_master sql main {}} 
    88         -  {SQLITE_READ sqlite_master tbl_name main {}} 
    89         -  {SQLITE_READ sqlite_master type main {}} 
    90         -  {SQLITE_READ sqlite_temp_master name temp {}} 
    91         -  {SQLITE_READ sqlite_temp_master sql temp {}} 
    92         -  {SQLITE_READ sqlite_temp_master type temp {}} 
    93         -  {SQLITE_SELECT {} {} {} {}} 
    94         -  {SQLITE_UPDATE sqlite_master sql main {}} 
    95         -  {SQLITE_UPDATE sqlite_temp_master sql temp {}}
           65  +}
           66  +
           67  +do_auth_test 1.3 {
           68  +  ALTER TABLE t2 ADD COLUMN d;
           69  +} {
           70  +  {SQLITE_ALTER_TABLE main t2 {} {}} 
           71  +}
           72  +
           73  +do_auth_test 1.4 {
           74  +  ALTER TABLE t2 RENAME TO t3;
           75  +} {
           76  +  {SQLITE_ALTER_TABLE main t2 {} {}} 
    96     77   }
    97     78   
    98     79   finish_test