Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Call the authorizer callback the same number of times whether or not the query flattening occurs. (CVS 5338) |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
8b88b64bb37df4e38cbfe31a14c21968 |
| User & Date: | danielk1977 2008-07-02 13:13:52 |
Context
|
2008-07-02
| ||
| 16:10 | Fix a memory leak that can occur following a malloc failure. (CVS 5339) check-in: cec4eba1 user: danielk1977 tags: trunk | |
| 13:13 | Call the authorizer callback the same number of times whether or not the query flattening occurs. (CVS 5338) check-in: 8b88b64b user: danielk1977 tags: trunk | |
|
2008-07-01
| ||
| 18:26 | Fix errors in in.test. Also add a few tests to selectB.test. (CVS 5337) check-in: 8f9d1abb user: danielk1977 tags: trunk | |
Changes
Changes to src/select.c.
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .... 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090 3091 3092 3093 3094 3095 3096 3097 3098 3099 3100 3101 3102 3103 3104 3105 3106 3107 3108 3109 3110 .... 3181 3182 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194 .... 3783 3784 3785 3786 3787 3788 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 3799 3800 3801 .... 3806 3807 3808 3809 3810 3811 3812 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 |
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle SELECT statements in SQLite. ** ** $Id: select.c,v 1.445 2008/07/01 18:26:50 danielk1977 Exp $ */ #include "sqliteInt.h" /* ** Delete all the content of a Select structure but do not deallocate ** the select structure itself. ................................................................................ ** If flattening is not attempted, this routine is a no-op and returns 0. ** If flattening is attempted this routine returns 1. ** ** All of the expression analysis must occur on both the outer query and ** the subquery before this routine runs. */ static int flattenSubquery( sqlite3 *db, /* Database connection */ Select *p, /* The parent or outer SELECT statement */ int iFrom, /* Index in p->pSrc->a[] of the inner subquery */ int isAgg, /* True if outer SELECT uses aggregate functions */ int subqueryIsAgg /* True if the subquery uses aggregate functions */ ){ Select *pParent; Select *pSub; /* The inner query or "subquery" */ Select *pSub1; /* Pointer to the rightmost select in sub-query */ SrcList *pSrc; /* The FROM clause of the outer query */ SrcList *pSubSrc; /* The FROM clause of the subquery */ ExprList *pList; /* The result set of the outer query */ int iParent; /* VDBE cursor number of the pSub result set temp table */ int i; /* Loop counter */ Expr *pWhere; /* The WHERE clause */ struct SrcList_item *pSubitem; /* The subquery */ /* Check to see if flattening is permitted. Return 0 if not. */ if( p==0 ) return 0; pSrc = p->pSrc; assert( pSrc && iFrom>=0 && iFrom<pSrc->nSrc ); pSubitem = &pSrc->a[iFrom]; ................................................................................ if( pSub1->isAgg || pSub1->isDistinct || (pSub1->pPrior && pSub1->op!=TK_ALL) ){ return 0; } } } /* If the sub-query is a compound SELECT statement, then it must be ** a UNION ALL and the parent query must be of the form: ** ** SELECT <expr-list> FROM (<sub-query>) <where-clause> ** ** followed by any ORDER BY, LIMIT and/or OFFSET clauses. This block ** creates N copies of the parent query without any ORDER BY, LIMIT or ................................................................................ */ #if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW) for(i=0; !p->pPrior && i<pTabList->nSrc; i++){ struct SrcList_item *pItem = &pTabList->a[i]; SelectDest dest; Select *pSub = pItem->pSelect; int isAggSub; if( pSub==0 || pItem->isPopulated ) continue; if( pItem->zName!=0 ){ /* An sql view */ const char *zSavedAuthContext = pParse->zAuthContext; pParse->zAuthContext = pItem->zName; rc = sqlite3SelectResolve(pParse, pSub, 0); pParse->zAuthContext = zSavedAuthContext; if( rc ){ goto select_end; } } ................................................................................ ** more conservative than necessary, but much easier than enforcing ** an exact limit. */ pParse->nHeight += sqlite3SelectExprHeight(p); /* Check to see if the subquery can be absorbed into the parent. */ isAggSub = pSub->isAgg; if( flattenSubquery(db, p, i, isAgg, isAggSub) ){ if( isAggSub ){ p->isAgg = isAgg = 1; } i = -1; }else{ sqlite3SelectDestInit(&dest, SRT_EphemTab, pItem->iCursor); sqlite3Select(pParse, pSub, &dest, p, i, &isAgg, 0); } if( db->mallocFailed ){ goto select_end; } pParse->nHeight -= sqlite3SelectExprHeight(p); pTabList = p->pSrc; if( !IgnorableOrderby(pDest) ){ pOrderBy = p->pOrderBy; } |
| | > > > > > > > | | | | |
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .... 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090 3091 3092 3093 3094 3095 3096 3097 3098 3099 3100 3101 3102 3103 3104 3105 3106 3107 3108 3109 3110 3111 3112 .... 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194 3195 3196 3197 3198 3199 3200 .... 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 3799 3800 3801 3802 3803 3804 3805 3806 3807 3808 .... 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833 3834 3835 3836 |
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle SELECT statements in SQLite. ** ** $Id: select.c,v 1.446 2008/07/02 13:13:52 danielk1977 Exp $ */ #include "sqliteInt.h" /* ** Delete all the content of a Select structure but do not deallocate ** the select structure itself. ................................................................................ ** If flattening is not attempted, this routine is a no-op and returns 0. ** If flattening is attempted this routine returns 1. ** ** All of the expression analysis must occur on both the outer query and ** the subquery before this routine runs. */ static int flattenSubquery( Parse *pParse, /* Parsing context */ Select *p, /* The parent or outer SELECT statement */ int iFrom, /* Index in p->pSrc->a[] of the inner subquery */ int isAgg, /* True if outer SELECT uses aggregate functions */ int subqueryIsAgg /* True if the subquery uses aggregate functions */ ){ const char *zSavedAuthContext = pParse->zAuthContext; Select *pParent; Select *pSub; /* The inner query or "subquery" */ Select *pSub1; /* Pointer to the rightmost select in sub-query */ SrcList *pSrc; /* The FROM clause of the outer query */ SrcList *pSubSrc; /* The FROM clause of the subquery */ ExprList *pList; /* The result set of the outer query */ int iParent; /* VDBE cursor number of the pSub result set temp table */ int i; /* Loop counter */ Expr *pWhere; /* The WHERE clause */ struct SrcList_item *pSubitem; /* The subquery */ sqlite3 *db = pParse->db; /* Check to see if flattening is permitted. Return 0 if not. */ if( p==0 ) return 0; pSrc = p->pSrc; assert( pSrc && iFrom>=0 && iFrom<pSrc->nSrc ); pSubitem = &pSrc->a[iFrom]; ................................................................................ if( pSub1->isAgg || pSub1->isDistinct || (pSub1->pPrior && pSub1->op!=TK_ALL) ){ return 0; } } } pParse->zAuthContext = pSubitem->zName; sqlite3AuthCheck(pParse, SQLITE_SELECT, 0, 0, 0); pParse->zAuthContext = zSavedAuthContext; /* If the sub-query is a compound SELECT statement, then it must be ** a UNION ALL and the parent query must be of the form: ** ** SELECT <expr-list> FROM (<sub-query>) <where-clause> ** ** followed by any ORDER BY, LIMIT and/or OFFSET clauses. This block ** creates N copies of the parent query without any ORDER BY, LIMIT or ................................................................................ */ #if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW) for(i=0; !p->pPrior && i<pTabList->nSrc; i++){ struct SrcList_item *pItem = &pTabList->a[i]; SelectDest dest; Select *pSub = pItem->pSelect; int isAggSub; char *zName = pItem->zName; if( pSub==0 || pItem->isPopulated ) continue; if( zName!=0 ){ /* An sql view */ const char *zSavedAuthContext = pParse->zAuthContext; pParse->zAuthContext = zName; rc = sqlite3SelectResolve(pParse, pSub, 0); pParse->zAuthContext = zSavedAuthContext; if( rc ){ goto select_end; } } ................................................................................ ** more conservative than necessary, but much easier than enforcing ** an exact limit. */ pParse->nHeight += sqlite3SelectExprHeight(p); /* Check to see if the subquery can be absorbed into the parent. */ isAggSub = pSub->isAgg; if( flattenSubquery(pParse, p, i, isAgg, isAggSub) ){ if( isAggSub ){ p->isAgg = isAgg = 1; } i = -1; }else{ sqlite3SelectDestInit(&dest, SRT_EphemTab, pItem->iCursor); sqlite3Select(pParse, pSub, &dest, p, i, &isAgg, 0); } if( pParse->nErr || db->mallocFailed ){ goto select_end; } pParse->nHeight -= sqlite3SelectExprHeight(p); pTabList = p->pSrc; if( !IgnorableOrderby(pDest) ){ pOrderBy = p->pOrderBy; } |
Changes to test/auth.test.
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .... 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 .... 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 |
# May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script is testing the sqlite3_set_authorizer() API # and related functionality. # # $Id: auth.test,v 1.42 2008/04/15 14:36:42 drh Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is # defined during compilation. ................................................................................ SQLITE_UPDATE v1 x main {} \ SQLITE_INSERT v1chng {} main r2 \ SQLITE_READ v1 x main r2 \ SQLITE_READ v1 x main r2 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ t2 a main v1 \ SQLITE_READ t2 b main v1 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ v1 x main v1 \ ] do_test auth-4.4 { execsql { CREATE TRIGGER r3 INSTEAD OF DELETE ON v1 BEGIN INSERT INTO v1chng VALUES(OLD.x,NULL); END; ................................................................................ } [list \ SQLITE_DELETE v1 {} main {} \ SQLITE_INSERT v1chng {} main r3 \ SQLITE_READ v1 x main r3 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ t2 a main v1 \ SQLITE_READ t2 b main v1 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ v1 x main v1 \ ] } ;# ifcapable view && trigger # Ticket #1338: Make sure authentication works in the presence of an AS # clause. |
| | | |
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .... 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 .... 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 |
# May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script is testing the sqlite3_set_authorizer() API # and related functionality. # # $Id: auth.test,v 1.43 2008/07/02 13:13:52 danielk1977 Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is # defined during compilation. ................................................................................ SQLITE_UPDATE v1 x main {} \ SQLITE_INSERT v1chng {} main r2 \ SQLITE_READ v1 x main r2 \ SQLITE_READ v1 x main r2 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ t2 a main v1 \ SQLITE_READ t2 b main v1 \ SQLITE_SELECT {} {} {} {} \ SQLITE_READ v1 x main v1 \ ] do_test auth-4.4 { execsql { CREATE TRIGGER r3 INSTEAD OF DELETE ON v1 BEGIN INSERT INTO v1chng VALUES(OLD.x,NULL); END; ................................................................................ } [list \ SQLITE_DELETE v1 {} main {} \ SQLITE_INSERT v1chng {} main r3 \ SQLITE_READ v1 x main r3 \ SQLITE_SELECT {} {} {} v1 \ SQLITE_READ t2 a main v1 \ SQLITE_READ t2 b main v1 \ SQLITE_SELECT {} {} {} {} \ SQLITE_READ v1 x main v1 \ ] } ;# ifcapable view && trigger # Ticket #1338: Make sure authentication works in the presence of an AS # clause. |
Changes to test/auth2.test.
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
...
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
# May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script is testing the sqlite3_set_authorizer() API # and related functionality. # # $Id: auth2.test,v 1.2 2007/10/12 20:42:30 drh Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is # defined during compilation. ................................................................................ db eval { SELECT a, b FROM v2; } set ::authargs } {SQLITE_SELECT {} {} {} {} SQLITE_READ v2 a main {} SQLITE_READ v2 b main {} SQLITE_SELECT {} {} {} v2 SQLITE_READ t2 x main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 z main v2 } do_test auth2-2.4 { db2 eval { CREATE TABLE t3(p,q,r); } set ::authargs {} db eval { SELECT b, a FROM v2; } set ::authargs } {SQLITE_SELECT {} {} {} {} SQLITE_READ v2 b main {} SQLITE_READ v2 a main {} SQLITE_SELECT {} {} {} v2 SQLITE_READ t2 x main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 z main v2 SQLITE_SELECT {} {} {} {} SQLITE_READ v2 b main {} SQLITE_READ v2 a main {} SQLITE_SELECT {} {} {} v2 SQLITE_READ t2 x main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 z main v2 } db2 close finish_test |
|
<
>
<
>
<
>
|
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
...
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
# May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script is testing the sqlite3_set_authorizer() API # and related functionality. # # $Id: auth2.test,v 1.3 2008/07/02 13:13:53 danielk1977 Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is # defined during compilation. ................................................................................ db eval { SELECT a, b FROM v2; } set ::authargs } {SQLITE_SELECT {} {} {} {} SQLITE_READ v2 a main {} SQLITE_READ v2 b main {} SQLITE_READ t2 x main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 z main v2 SQLITE_SELECT {} {} {} v2 } do_test auth2-2.4 { db2 eval { CREATE TABLE t3(p,q,r); } set ::authargs {} db eval { SELECT b, a FROM v2; } set ::authargs } {SQLITE_SELECT {} {} {} {} SQLITE_READ v2 b main {} SQLITE_READ v2 a main {} SQLITE_READ t2 x main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 z main v2 SQLITE_SELECT {} {} {} v2 SQLITE_SELECT {} {} {} {} SQLITE_READ v2 b main {} SQLITE_READ v2 a main {} SQLITE_READ t2 x main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 y main v2 SQLITE_READ t2 z main v2 SQLITE_SELECT {} {} {} v2 } db2 close finish_test |