Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Call the authorizer callback the same number of times whether or not the query flattening occurs. (CVS 5338) |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
8b88b64bb37df4e38cbfe31a14c21968 |
User & Date: | danielk1977 2008-07-02 13:13:52.000 |
Context
2008-07-02
| ||
16:10 | Fix a memory leak that can occur following a malloc failure. (CVS 5339) (check-in: cec4eba1a1 user: danielk1977 tags: trunk) | |
13:13 | Call the authorizer callback the same number of times whether or not the query flattening occurs. (CVS 5338) (check-in: 8b88b64bb3 user: danielk1977 tags: trunk) | |
2008-07-01
| ||
18:26 | Fix errors in in.test. Also add a few tests to selectB.test. (CVS 5337) (check-in: 8f9d1abb31 user: danielk1977 tags: trunk) | |
Changes
Changes to src/select.c.
︙ | ︙ | |||
8 9 10 11 12 13 14 | ** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle SELECT statements in SQLite. ** | | | 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | ** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle SELECT statements in SQLite. ** ** $Id: select.c,v 1.446 2008/07/02 13:13:52 danielk1977 Exp $ */ #include "sqliteInt.h" /* ** Delete all the content of a Select structure but do not deallocate ** the select structure itself. |
︙ | ︙ | |||
3081 3082 3083 3084 3085 3086 3087 | ** If flattening is not attempted, this routine is a no-op and returns 0. ** If flattening is attempted this routine returns 1. ** ** All of the expression analysis must occur on both the outer query and ** the subquery before this routine runs. */ static int flattenSubquery( | | > > | 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090 3091 3092 3093 3094 3095 3096 3097 3098 3099 3100 3101 3102 3103 3104 3105 3106 3107 3108 3109 3110 3111 3112 | ** If flattening is not attempted, this routine is a no-op and returns 0. ** If flattening is attempted this routine returns 1. ** ** All of the expression analysis must occur on both the outer query and ** the subquery before this routine runs. */ static int flattenSubquery( Parse *pParse, /* Parsing context */ Select *p, /* The parent or outer SELECT statement */ int iFrom, /* Index in p->pSrc->a[] of the inner subquery */ int isAgg, /* True if outer SELECT uses aggregate functions */ int subqueryIsAgg /* True if the subquery uses aggregate functions */ ){ const char *zSavedAuthContext = pParse->zAuthContext; Select *pParent; Select *pSub; /* The inner query or "subquery" */ Select *pSub1; /* Pointer to the rightmost select in sub-query */ SrcList *pSrc; /* The FROM clause of the outer query */ SrcList *pSubSrc; /* The FROM clause of the subquery */ ExprList *pList; /* The result set of the outer query */ int iParent; /* VDBE cursor number of the pSub result set temp table */ int i; /* Loop counter */ Expr *pWhere; /* The WHERE clause */ struct SrcList_item *pSubitem; /* The subquery */ sqlite3 *db = pParse->db; /* Check to see if flattening is permitted. Return 0 if not. */ if( p==0 ) return 0; pSrc = p->pSrc; assert( pSrc && iFrom>=0 && iFrom<pSrc->nSrc ); pSubitem = &pSrc->a[iFrom]; |
︙ | ︙ | |||
3181 3182 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194 | if( pSub1->isAgg || pSub1->isDistinct || (pSub1->pPrior && pSub1->op!=TK_ALL) ){ return 0; } } } /* If the sub-query is a compound SELECT statement, then it must be ** a UNION ALL and the parent query must be of the form: ** ** SELECT <expr-list> FROM (<sub-query>) <where-clause> ** ** followed by any ORDER BY, LIMIT and/or OFFSET clauses. This block ** creates N copies of the parent query without any ORDER BY, LIMIT or | > > > > | 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194 3195 3196 3197 3198 3199 3200 | if( pSub1->isAgg || pSub1->isDistinct || (pSub1->pPrior && pSub1->op!=TK_ALL) ){ return 0; } } } pParse->zAuthContext = pSubitem->zName; sqlite3AuthCheck(pParse, SQLITE_SELECT, 0, 0, 0); pParse->zAuthContext = zSavedAuthContext; /* If the sub-query is a compound SELECT statement, then it must be ** a UNION ALL and the parent query must be of the form: ** ** SELECT <expr-list> FROM (<sub-query>) <where-clause> ** ** followed by any ORDER BY, LIMIT and/or OFFSET clauses. This block ** creates N copies of the parent query without any ORDER BY, LIMIT or |
︙ | ︙ | |||
3783 3784 3785 3786 3787 3788 3789 3790 3791 | */ #if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW) for(i=0; !p->pPrior && i<pTabList->nSrc; i++){ struct SrcList_item *pItem = &pTabList->a[i]; SelectDest dest; Select *pSub = pItem->pSelect; int isAggSub; if( pSub==0 || pItem->isPopulated ) continue; | > | | | | | 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 3799 3800 3801 3802 3803 3804 3805 3806 3807 3808 3809 3810 3811 3812 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833 3834 3835 3836 | */ #if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW) for(i=0; !p->pPrior && i<pTabList->nSrc; i++){ struct SrcList_item *pItem = &pTabList->a[i]; SelectDest dest; Select *pSub = pItem->pSelect; int isAggSub; char *zName = pItem->zName; if( pSub==0 || pItem->isPopulated ) continue; if( zName!=0 ){ /* An sql view */ const char *zSavedAuthContext = pParse->zAuthContext; pParse->zAuthContext = zName; rc = sqlite3SelectResolve(pParse, pSub, 0); pParse->zAuthContext = zSavedAuthContext; if( rc ){ goto select_end; } } /* Increment Parse.nHeight by the height of the largest expression ** tree refered to by this, the parent select. The child select ** may contain expression trees of at most ** (SQLITE_MAX_EXPR_DEPTH-Parse.nHeight) height. This is a bit ** more conservative than necessary, but much easier than enforcing ** an exact limit. */ pParse->nHeight += sqlite3SelectExprHeight(p); /* Check to see if the subquery can be absorbed into the parent. */ isAggSub = pSub->isAgg; if( flattenSubquery(pParse, p, i, isAgg, isAggSub) ){ if( isAggSub ){ p->isAgg = isAgg = 1; } i = -1; }else{ sqlite3SelectDestInit(&dest, SRT_EphemTab, pItem->iCursor); sqlite3Select(pParse, pSub, &dest, p, i, &isAgg, 0); } if( pParse->nErr || db->mallocFailed ){ goto select_end; } pParse->nHeight -= sqlite3SelectExprHeight(p); pTabList = p->pSrc; if( !IgnorableOrderby(pDest) ){ pOrderBy = p->pOrderBy; } |
︙ | ︙ |
Changes to test/auth.test.
︙ | ︙ | |||
8 9 10 11 12 13 14 | # May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script is testing the sqlite3_set_authorizer() API # and related functionality. # | | | 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | # May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script is testing the sqlite3_set_authorizer() API # and related functionality. # # $Id: auth.test,v 1.43 2008/07/02 13:13:52 danielk1977 Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is # defined during compilation. |
︙ | ︙ | |||
2247 2248 2249 2250 2251 2252 2253 | SQLITE_UPDATE v1 x main {} \ SQLITE_INSERT v1chng {} main r2 \ SQLITE_READ v1 x main r2 \ SQLITE_READ v1 x main r2 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ t2 a main v1 \ SQLITE_READ t2 b main v1 \ | | | 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 | SQLITE_UPDATE v1 x main {} \ SQLITE_INSERT v1chng {} main r2 \ SQLITE_READ v1 x main r2 \ SQLITE_READ v1 x main r2 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ t2 a main v1 \ SQLITE_READ t2 b main v1 \ SQLITE_SELECT {} {} {} {} \ SQLITE_READ v1 x main v1 \ ] do_test auth-4.4 { execsql { CREATE TRIGGER r3 INSTEAD OF DELETE ON v1 BEGIN INSERT INTO v1chng VALUES(OLD.x,NULL); END; |
︙ | ︙ | |||
2271 2272 2273 2274 2275 2276 2277 | } [list \ SQLITE_DELETE v1 {} main {} \ SQLITE_INSERT v1chng {} main r3 \ SQLITE_READ v1 x main r3 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ t2 a main v1 \ SQLITE_READ t2 b main v1 \ | | | 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 | } [list \ SQLITE_DELETE v1 {} main {} \ SQLITE_INSERT v1chng {} main r3 \ SQLITE_READ v1 x main r3 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ t2 a main v1 \ SQLITE_READ t2 b main v1 \ SQLITE_SELECT {} {} {} {} \ SQLITE_READ v1 x main v1 \ ] } ;# ifcapable view && trigger # Ticket #1338: Make sure authentication works in the presence of an AS # clause. |
︙ | ︙ |
Changes to test/auth2.test.
︙ | ︙ | |||
8 9 10 11 12 13 14 | # May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script is testing the sqlite3_set_authorizer() API # and related functionality. # | | | 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | # May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script is testing the sqlite3_set_authorizer() API # and related functionality. # # $Id: auth2.test,v 1.3 2008/07/02 13:13:53 danielk1977 Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is # defined during compilation. |
︙ | ︙ | |||
127 128 129 130 131 132 133 | db eval { SELECT a, b FROM v2; } set ::authargs } {SQLITE_SELECT {} {} {} {} SQLITE_READ v2 a main {} SQLITE_READ v2 b main {} | < > < > < > | 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 | db eval { SELECT a, b FROM v2; } set ::authargs } {SQLITE_SELECT {} {} {} {} SQLITE_READ v2 a main {} SQLITE_READ v2 b main {} SQLITE_READ t2 x main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 z main v2 SQLITE_SELECT {} {} {} v2 } do_test auth2-2.4 { db2 eval { CREATE TABLE t3(p,q,r); } set ::authargs {} db eval { SELECT b, a FROM v2; } set ::authargs } {SQLITE_SELECT {} {} {} {} SQLITE_READ v2 b main {} SQLITE_READ v2 a main {} SQLITE_READ t2 x main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 z main v2 SQLITE_SELECT {} {} {} v2 SQLITE_SELECT {} {} {} {} SQLITE_READ v2 b main {} SQLITE_READ v2 a main {} SQLITE_READ t2 x main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 z main v2 SQLITE_SELECT {} {} {} v2 } db2 close finish_test |