diff --git a/manifest b/manifest index cfe70a3c83..71faf05c82 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Simplify\sthe\snumber\sprocessing\scode.\s\sFix\sfor\sticket\s#281.\s(CVS\s910) -D 2003-04-16T02:17:35 +C Fix\sthe\sauthorizer\sso\sthat\sit\scorrectly\sinterprets\sattempts\sto\sread\sthe\nOLD\sand\sNEW\spseudo-tables\sof\sa\strigger.\s(CVS\s911) +D 2003-04-16T20:24:52 F Makefile.in df3a4db41a7450468b5fe934d9dd8f723b631249 F Makefile.linux-gcc b86a99c493a5bfb402d1d9178dcdc4bd4b32f906 F README f1de682fbbd94899d50aca13d387d1b3fd3be2dd @@ -20,7 +20,7 @@ F spec.template 238f7db425a78dc1bb7682e56e3834c7270a3f5e F sqlite.1 83f4a9d37bdf2b7ef079a82d54eaf2e3509ee6ea F sqlite.pc.in 30552343140c53304c2a658c080fbe810cd09ca2 F src/attach.c 7ebc7487de43e357a64226f8abef81f2669f2183 -F src/auth.c f37bfc9451b8c1fa52f34adff474560018892729 +F src/auth.c 2dd558dba4d8ffbed25fe1644e9af242f389f3e9 F src/btree.c b9487cceb9ea78af9cbae9def34114902f511736 F src/btree.h 529c98cb0715c62214544fbbe50b946f99a85540 F src/btree_rb.c 7fa4901a65de66522ce31985833f20b98f7baad4 @@ -33,7 +33,7 @@ F src/func.c 882c3ed5a02be18cd904715c7ec62947a34a3605 F src/hash.c 4fc39feb7b7711f6495ee9f2159559bedb043e1f F src/hash.h cd0433998bc1a3759d244e1637fe5a3c13b53bf8 F src/insert.c 45d27e3e8447bff4025db2f0dc3bb4e318e602f4 -F src/main.c 9b3e2e1e12d8ab950c1b99fc3805f69018a6e751 +F src/main.c e48b3b019cf34503655e9737bcb859443ab6718c F src/md5.c fe4f9c9c6f71dfc26af8da63e4d04489b1430565 F src/os.c c33ebb320921b8df6d09ea19fe846348df86a0c9 F src/os.h aa52f0c9da321ff6134d19f2ca959e18e33615d0 @@ -64,7 +64,7 @@ F src/vdbe.h 985c24f312d10f9ef8f9a8b8ea62fcdf68e82f21 F src/where.c e5733f7d5e9cc4ed3590dc3401f779e7b7bb8127 F test/all.test 569a92a8ee88f5300c057cc4a8f50fbbc69a3242 F test/attach.test 4912f001bf807b898083cfdef0f6d24f1533e4d7 -F test/auth.test bf039c94d629f64085c268e8be477fc8ff1202a7 +F test/auth.test 8128cd750830cba01b7fd0fba8ddfa1722ea6291 F test/bigfile.test 1cd8256d4619c39bea48147d344f348823e78678 F test/bigrow.test 8ab252dba108f12ad64e337b0f2ff31a807ac578 F test/btree.test 1e3463c7838e7e71bbf37c9c6e45beee9c8975ba @@ -162,7 +162,7 @@ F www/speed.tcl cb4c10a722614aea76d2c51f32ee43400d5951be F www/sqlite.tcl ae3dcfb077e53833b59d4fcc94d8a12c50a44098 F www/tclsqlite.tcl 1db15abeb446aad0caf0b95b8b9579720e4ea331 F www/vdbe.tcl 2013852c27a02a091d39a766bc87cff329f21218 -P 35cc7c7d37d9ca486e7f300efe80a78a7f1064e2 -R 909d0687af9c3ff27bb06570bec6a9fa +P 4326b52a39cad4632dc2db37aa53a285a31af138 +R ab42ed9ff9763ccb3d8ccf7bcec33d8d U drh -Z d786241d64fb8801e2ebebb18c866f00 +Z bd7545b4d009a5ef647f9ab75c0af40e diff --git a/manifest.uuid b/manifest.uuid index f276cfe6ac..62b16b7618 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -4326b52a39cad4632dc2db37aa53a285a31af138 \ No newline at end of file +f04bd43254b3ba3fccc842214115d4c298e28138 \ No newline at end of file diff --git a/src/auth.c b/src/auth.c index 933416fbd1..b47e657efa 100644 --- a/src/auth.c +++ b/src/auth.c @@ -14,7 +14,7 @@ ** systems that do not need this facility may omit it by recompiling ** the library with -DSQLITE_OMIT_AUTHORIZATION=1 ** -** $Id: auth.c,v 1.4 2003/01/31 17:21:50 drh Exp $ +** $Id: auth.c,v 1.5 2003/04/16 20:24:52 drh Exp $ */ #include "sqliteInt.h" @@ -91,12 +91,24 @@ void sqliteAuthRead( ){ sqlite *db = pParse->db; int rc; - Table *pTab; - const char *zCol; + Table *pTab; /* The table being read */ + const char *zCol; /* Name of the column of the table */ + int iSrc; /* Index in pTabList->a[] of table being read */ + if( db->xAuth==0 ) return; assert( pExpr->op==TK_COLUMN ); - assert( pExpr->iTable>=base && pExpr->iTablenSrc ); - pTab = pTabList->a[pExpr->iTable-base].pTab; + iSrc = pExpr->iTable - base; + if( iSrc>=0 && iSrcnSrc ){ + pTab = pTabList->a[iSrc].pTab; + }else{ + /* This must be an attempt to read the NEW or OLD pseudo-tables + ** of a trigger. + */ + TriggerStack *pStack = pParse->trigStack; + assert( pStack!=0 ); + assert( pExpr->iTable==pStack->newIdx || pExpr->iTable==pStack->oldIdx ); + pTab = pStack->pTab; + } if( pTab==0 ) return; if( pExpr->iColumn>=0 ){ assert( pExpr->iColumnnCol ); diff --git a/src/main.c b/src/main.c index e5db2b4fb6..c38e3d58db 100644 --- a/src/main.c +++ b/src/main.c @@ -14,7 +14,7 @@ ** other files are for internal use by SQLite and should not be ** accessed by users of the library. ** -** $Id: main.c,v 1.124 2003/04/16 01:28:16 drh Exp $ +** $Id: main.c,v 1.125 2003/04/16 20:24:52 drh Exp $ */ #include "sqliteInt.h" #include "os.h" @@ -1034,6 +1034,10 @@ void *sqlite_trace(sqlite *db, void (*xTrace)(void*,const char*), void *pArg){ ** Register functions to be invoked when a transaction is started or when ** a transaction commits. If either function returns non-zero, then the ** corresponding operation aborts with a constraint error. +** +** EXPERIMENTAL. This API is under evaluation and is not yet an +** official part of the SQLite interface. This means it could change +** or be deleted in future releases. */ void *sqlite_begin_hook( sqlite *db, diff --git a/test/auth.test b/test/auth.test index 6f53242976..4fd48daaaa 100644 --- a/test/auth.test +++ b/test/auth.test @@ -12,7 +12,7 @@ # focus of this script is testing the ATTACH and DETACH commands # and related functionality. # -# $Id: auth.test,v 1.6 2003/04/05 03:42:27 drh Exp $ +# $Id: auth.test,v 1.7 2003/04/16 20:24:52 drh Exp $ # set testdir [file dirname $argv0] @@ -1659,6 +1659,35 @@ do_test auth-2.11 { catchsql {SELECT * FROM t2, t3} } {0 {11 2 33 {} 55 66 7 8 9 {} 55 66}} +# Make sure the OLD and NEW pseudo-tables of a trigger get authorized. +# +do_test auth-3.1 { + proc auth {code arg1 arg2} { + return SQLITE_OK + } + execsql { + CREATE TABLE tx(a1,a2,b1,b2,c1,c2); + CREATE TRIGGER r1 AFTER UPDATE ON t2 FOR EACH ROW BEGIN + INSERT INTO tx VALUES(OLD.a,NEW.a,OLD.b,NEW.b,OLD.c,NEW.c); + END; + UPDATE t2 SET a=a+1; + SELECT * FROM tx; + } +} {11 12 2 2 33 33 7 8 8 8 9 9} +do_test auth-3.2 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="c"} { + return SQLITE_IGNORE + } + return SQLITE_OK + } + execsql { + DELETE FROM tx; + UPDATE t2 SET a=a+100; + SELECT * FROM tx; + } +} {12 112 2 2 {} {} 8 108 8 8 {} {}} + } ;# End of the "if( db command exists )" finish_test