database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-08-08 14:02:16 +03:00
Code Activity

Ensure that sqlite3AuthRead() is only call for TK_COLUMN and TK_TRIGGER

Browse Source 
expression nodes.  This fixes a harmless assert() identified by OSSFuzz.
Move the assert() into a position where it is tested even if the authorizer
is disabled.

FossilOrigin-Name: d0c3beef7cdc680c0768ddd18f766a4ca7be822c1eb1776b2f73b7433d9962dc
This commit is contained in:
drh
2018-06-02 11:31:15 +00:00
parent 0f86c9d8fa
commit 4344dbd3ab
4 changed files with 34 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/auth.c
View File

@@ -150,6 +150,7 @@ void sqlite3AuthRead(
int iDb; /* The index of the database the expression refers to */
int iCol; /* Index of column in table */
assert( pExpr->op==TK_COLUMN || pExpr->op==TK_TRIGGER );
if( db->xAuth==0 ) return;
iDb = sqlite3SchemaToIndex(pParse->db, pSchema);
if( iDb<0 ){
@@ -158,7 +159,6 @@ void sqlite3AuthRead(
return;
}
assert( pExpr->op==TK_COLUMN || pExpr->op==TK_TRIGGER );
if( pExpr->op==TK_TRIGGER ){
pTab = pParse->pTriggerTab;
}else{