Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Validate the type, name, and tbl_name fields of the sqlite_master table when loading the schema, unless writable_schema is engaged. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
724f4df9ccc2b683f7091a3f7a8c20ee |
User & Date: | drh 2019-08-12 00:08:07.534 |
References
2019-08-13
| ||
17:27 | Update some corruption test cases to take [724f4df9c] into account. (check-in: 927cd7b4c5 user: dan tags: trunk) | |
Context
2020-01-17
| ||
15:24 | Validate the type, name, and tbl_name fields of the sqlite_master table when loading the schema, unless writable_schema is engaged. (check-in: 3d13fbf248 user: drh tags: branch-3.28) | |
2019-08-12
| ||
14:17 | Add a TESTCTRL that disables the verification of type, name, and tbl_name in the sqlite_master table. (check-in: 48d9b48ab4 user: drh tags: trunk) | |
00:08 | Validate the type, name, and tbl_name fields of the sqlite_master table when loading the schema, unless writable_schema is engaged. (check-in: 724f4df9cc user: drh tags: trunk) | |
2019-08-10
| ||
15:06 | Fix the sqliteExprImpliesExpr() routine so that it recognizes that "(NULL IS FALSE) IS FALSE" doe not imply "NULL NOT NULL". Ticket [9080b6227fabb466] (check-in: da01ba4fa4 user: drh tags: trunk) | |
Changes
Changes to src/alter.c.
︙ | |||
132 133 134 135 136 137 138 | 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 | - - + + | /* Make sure it is not a system table being altered, or a reserved name ** that the table is being renamed to. */ if( SQLITE_OK!=isAlterableTable(pParse, pTab) ){ goto exit_rename_table; } |
︙ |
Changes to src/build.c.
︙ | |||
825 826 827 828 829 830 831 832 | 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 | + + + + - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + | /* ** This routine is used to check if the UTF-8 string zName is a legal ** unqualified name for a new schema object (table, index, view or ** trigger). All names are legal except those that begin with the string ** "sqlite_" (in upper, lower or mixed case). This portion of the namespace ** is reserved for internal use. ** ** When parsing the sqlite_master table, this routine also checks to ** make sure the "type", "name", and "tbl_name" columns are consistent ** with the SQL. */ |
︙ | |||
912 913 914 915 916 917 918 | 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 | - + | zName = sqlite3NameFromToken(db, pName); if( IN_RENAME_OBJECT ){ sqlite3RenameTokenMap(pParse, (void*)zName, pName); } } pParse->sNameToken = *pName; if( zName==0 ) return; |
︙ | |||
3271 3272 3273 3274 3275 3276 3277 | 3296 3297 3298 3299 3300 3301 3302 3303 3304 3305 3306 3307 3308 3309 3310 | - + | ** dealing with a primary key or UNIQUE constraint. We have to invent our ** own name. */ if( pName ){ zName = sqlite3NameFromToken(db, pName); if( zName==0 ) goto exit_create_index; assert( pName->z!=0 ); |
︙ |
Changes to src/prepare.c.
︙ | |||
60 61 62 63 64 65 66 | 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 | + - - - + + + + - + - + - - - + + + - + + - + - + - - + + - + - + - + - + + - - - + + + + - + - + | /* ** This is the callback routine for the code that initializes the ** database. See sqlite3Init() below for additional information. ** This routine is also called from the OP_ParseSchema opcode of the VDBE. ** ** Each callback contains the following information: ** ** argv[0] = type of object: "table", "index", "trigger", or "view". |
︙ | |||
310 311 312 313 314 315 316 | 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 | - + | /* Read the schema information out of the schema tables */ assert( db->init.busy ); { char *zSql; zSql = sqlite3MPrintf(db, |
︙ |
Changes to src/sqliteInt.h.
︙ | |||
1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 | 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 | + | struct sqlite3InitInfo { /* Information used during initialization */ int newTnum; /* Rootpage of table being initialized */ u8 iDb; /* Which db file is being initialized */ u8 busy; /* TRUE if currently initializing */ unsigned orphanTrigger : 1; /* Last statement is orphaned TEMP trigger */ unsigned imposterTable : 1; /* Building an imposter table */ unsigned reopenMemdb : 1; /* ATTACH is really a reopen using MemDB */ char **azInit; /* "type", "name", and "tbl_name" columns */ } init; int nVdbeActive; /* Number of VDBEs currently running */ int nVdbeRead; /* Number of active VDBEs that read or write */ int nVdbeWrite; /* Number of active VDBEs that read and write */ int nVdbeExec; /* Number of nested calls to VdbeExec() */ int nVDestroy; /* Number of active OP_VDestroy operations */ int nExtension; /* Number of loaded extensions */ |
︙ | |||
4264 4265 4266 4267 4268 4269 4270 | 4265 4266 4267 4268 4269 4270 4271 4272 4273 4274 4275 4276 4277 4278 4279 | - + | CollSeq *sqlite3ExprNNCollSeq(Parse *pParse, Expr *pExpr); int sqlite3ExprCollSeqMatch(Parse*,Expr*,Expr*); Expr *sqlite3ExprAddCollateToken(Parse *pParse, Expr*, const Token*, int); Expr *sqlite3ExprAddCollateString(Parse*,Expr*,const char*); Expr *sqlite3ExprSkipCollate(Expr*); int sqlite3CheckCollSeq(Parse *, CollSeq *); int sqlite3WritableSchema(sqlite3*); |
︙ |
Changes to src/trigger.c.
︙ | |||
173 174 175 176 177 178 179 | 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 | + + + + - + | sqlite3ErrorMsg(pParse, "cannot create triggers on virtual tables"); goto trigger_cleanup; } /* Check that the trigger name is not reserved and that no trigger of the ** specified name exists */ zName = sqlite3NameFromToken(db, pName); if( zName==0 ){ assert( db->mallocFailed ); goto trigger_cleanup; } |
︙ |
Changes to src/vdbe.c.
︙ | |||
5959 5960 5961 5962 5963 5964 5965 | 5959 5960 5961 5962 5963 5964 5965 5966 5967 5968 5969 5970 5971 5972 5973 | - + | { zMaster = MASTER_NAME; initData.db = db; initData.iDb = iDb; initData.pzErrMsg = &p->zErrMsg; initData.mInitFlags = 0; zSql = sqlite3MPrintf(db, |
︙ |
Changes to test/corruptL.test.
︙ | |||
224 225 226 227 228 229 230 231 232 233 234 235 236 237 | 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 | + | | 4080: 01 04 04 03 08 01 13 04 03 08 01 02 03 03 08 09 ................ | page 5 offset 16384 | 0: 0d 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 ................ | end crash.txt.db }]} {} do_execsql_test 2.1 { PRAGMA writable_schema=ON; -- bypass improved sqlite_master consistency checking INSERT INTO t1(b) VALUES(X'a0fee3669f9fddefc5cba913e4225d4b6ce2b04f26b87fad3ee6f9b7d90a1ea62a169bf41e5d32707a6ca5c3d05e4bde05c9d89eaaa8c50e74333d2e9fcd7dfe95528a3a016aac1102d825c5cd70cf99d8a88e0ea7f798d4334386518b7ad359beb168b93aba059a2a3bd93112d65b44c12b9904ea786b204d80531cdf0504bf9b203dbe927061974caf7b9f30cbc3397b61f802e732012a6663d41c3607d6f1c0dbcfd489adac05ca500c0b04439d894cd93a840159225ef73b627e178b9f84b3ffe66cf22a963a8368813ff7961fc47f573211ccec95e0220dcbb3bf429f4a50ba54d7a53784ac51bfef346e6ac8ae0d0e7c3175946e62ba2b'); } do_catchsql_test 2.2 { SELECT b,c FROM t1 ORDER BY a; } {1 {database disk image is malformed}} |
︙ | |||
373 374 375 376 377 378 379 380 381 382 383 384 385 386 | 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 | + | | 464: 05 01 01 09 09 02 02 19 04 05 17 17 17 17 10 65 ...............e | 480: 76 65 6e 65 69 67 68 74 65 40 18 00 00 00 00 01 veneighte@...... | 496: 02 03 07 04 01 01 01 03 04 02 05 04 09 01 ff fd ................ | end crash-6b48ba69806134.db }]} {} do_catchsql_test 4.1 { PRAGMA writable_schema=ON; -- bypass improved sqlite_master consistency checking INSERT INTO t3 SELECT * FROM t2; } {1 {database disk image is malformed}} #------------------------------------------------------------------------- reset_db do_test 5.0 { |
︙ | |||
601 602 603 604 605 606 607 | 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 | - + | | 3808: 05 43 52 45 41 54 45 20 49 4e 44 45 58 20 74 31 .CREATE INDEX t1 | 3824: 62 20 4f 4e 20 74 31 28 62 29 50 03 06 17 2b 2b b ON t1(b)P...++ | 3840: 01 59 74 61 62 6c 65 73 71 6c 69 74 65 5f 73 65 .Ytablesqlite_se | 3856: 71 75 65 6e 63 65 73 71 6c 69 74 65 5f 73 65 71 quencesqlite_seq | 3872: 75 65 6e 63 65 04 43 52 45 41 54 45 20 54 41 42 uence.CREATE TAB | 3888: 4c 45 20 73 71 6c 69 74 65 5f 73 65 71 75 65 6e LE sqlite_sequen | 3904: 63 65 28 6e 61 6d 65 2c 73 65 71 29 81 04 01 07 ce(name,seq).... |
︙ | |||
831 832 833 834 835 836 837 838 839 840 841 842 843 844 | 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 | + | | page 4 offset 1536 | 0: 0d 00 39 00 00 02 00 00 00 00 00 00 00 00 00 00 ..9............. | end a.db }]} {} do_catchsql_test 8.1 { PRAGMA writable_schema=ON; -- bypass improved sqlite_master consistency checking INSERT INTO t3 SELECT * FROM t2; } {1 {database disk image is malformed}} #------------------------------------------------------------------------- reset_db do_test 9.0 { sqlite3 db {} |
︙ | |||
1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 | 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 | + | | 2512: 00 00 00 00 00 00 00 96 00 00 00 00 00 00 00 00 ................ | page 44 offset 176128 | 2512: 00 00 00 00 00 00 00 00 aa 00 00 00 00 00 00 00 ................ | end crash-41390d95d613b6.db }]} {} do_catchsql_test 10.1 { PRAGMA writable_schema=ON; -- bypass improved sqlite_master consistency checking SELECT * FROM t1 WHERE a<='2019-05-09' ORDER BY a DESC; } {1 {database disk image is malformed}} #------------------------------------------------------------------------- reset_db do_test 11.0 { |
︙ | |||
1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 | 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 | + | | 48: 3f 69 33 74 6e 65 78 78 74 64 33 ff 43 52 45 a0 ?i3tnexxtd3.CRE. | 64: a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 74 13 11 01 ............t... | 80: 49 45 74 00 00 00 00 00 00 00 00 00 00 00 00 00 IEt............. | end x.db }]} {} do_catchsql_test 11.1 { PRAGMA writable_schema=ON; -- bypass improved sqlite_master consistency checking DELETE FROM t3 WHERE x IN (SELECT x FROM t4); } {1 {database disk image is malformed}} finish_test |
Added test/corruptM.test.