Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Limit the virtual-machine size for SQL statements run for report generators. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
307147510ca5b898ca4812435fefe206 |
| User & Date: | drh 2017-03-20 13:56:54.127 |
Context
|
2017-03-20
| ||
| 13:57 | Update the built-in SQLite to the first 3.18.0 beta. ... (check-in: affb6b5e76 user: drh tags: trunk) | |
| 13:56 | Limit the virtual-machine size for SQL statements run for report generators. ... (check-in: 307147510c user: drh tags: trunk) | |
|
2017-03-18
| ||
| 14:10 | Update to the latest pre-release of SQLite 3.18.0 that includes a fix for the harmless compiler warning on Macs. ... (check-in: 9612d43f93 user: drh tags: trunk) | |
Changes
Changes to src/report.c.
| ︙ | ︙ | |||
160 161 162 163 164 165 166 | /* ** This is the SQLite authorizer callback used to make sure that the ** SQL statements entered by users do not try to do anything untoward. ** If anything suspicious is tried, set *(char**)pError to an error ** message obtained from malloc. */ | | | 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 |
/*
** This is the SQLite authorizer callback used to make sure that the
** SQL statements entered by users do not try to do anything untoward.
** If anything suspicious is tried, set *(char**)pError to an error
** message obtained from malloc.
*/
static int report_query_authorizer(
void *pError,
int code,
const char *zArg1,
const char *zArg2,
const char *zArg3,
const char *zArg4
){
|
| ︙ | ︙ | |||
219 220 221 222 223 224 225 | } return rc; } /* ** Activate the query authorizer */ | | > | | 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 |
}
return rc;
}
/*
** Activate the query authorizer
*/
void report_restrict_sql(char **pzErr){
sqlite3_set_authorizer(g.db, report_query_authorizer, (void*)pzErr);
sqlite3_limit(g.db, SQLITE_LIMIT_VDBE_OP, 10000);
}
void report_unrestrict_sql(void){
sqlite3_set_authorizer(g.db, 0, 0);
}
/*
** Check the given SQL to see if is a valid query that does not
** attempt to do anything dangerous. Return 0 on success and a
|
| ︙ | ︙ |
Changes to src/th_main.c.
| ︙ | ︙ | |||
1586 1587 1588 1589 1590 1591 1592 |
Th_ErrorMessage(interp, "database is not open", 0, 0);
return TH_ERROR;
}
zSql = argv[1];
nSql = argl[1];
while( res==TH_OK && nSql>0 ){
zErr = 0;
| | | | 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 |
Th_ErrorMessage(interp, "database is not open", 0, 0);
return TH_ERROR;
}
zSql = argv[1];
nSql = argl[1];
while( res==TH_OK && nSql>0 ){
zErr = 0;
report_restrict_sql(&zErr);
g.dbIgnoreErrors++;
rc = sqlite3_prepare_v2(g.db, argv[1], argl[1], &pStmt, &zTail);
g.dbIgnoreErrors--;
report_unrestrict_sql();
if( rc!=0 || zErr!=0 ){
if( noComplain ) return TH_OK;
Th_ErrorMessage(interp, "SQL error: ",
zErr ? zErr : sqlite3_errmsg(g.db), -1);
return TH_ERROR;
}
n = (int)(zTail - zSql);
|
| ︙ | ︙ |