Ensure that tables names are dequoted exactly once by the trigger logic.

FossilOrigin-Name: 9d887b92f8086961e045f8acb9ee7a443796d411

manifest

@@ -1,5 +1,5 @@
-C Fix\sa\smemory\sleak\sin\sthe\sSELECT\scode\sgenerator\stracing\slogic\s(code\sthat\sis\nomitted\sin\snon-debugging\sbuilds).
+C Ensure\sthat\stables\snames\sare\sdequoted\sexactly\sonce\sby\sthe\strigger\slogic.
-D 2015-04-21T16:09:07.623
+D 2015-04-21T16:38:49.045
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in faaf75b89840659d74501bea269c7e33414761c1
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -184,7 +184,7 @@ F src/date.c e4d50b3283696836ec1036b695ead9a19e37a5ac
 F src/delete.c 37964e6c1d73ff49cbea9ff690c9605fb15f600e
 F src/expr.c 5555f768c05d7d4a7840c6c2e72ad7aecbe0fe54
 F src/fault.c 160a0c015b6c2629d3899ed2daf63d75754a32bb
-F src/fkey.c 6040cf888922273171f30b8d6e0726aeae4ec82d
+F src/fkey.c c9b63a217d86582c22121699a47f22f524608869
 F src/func.c 1414c24c873c48796ad45942257a179a423ba42f
 F src/global.c 4f77cadbc5427d00139ba43d0f3979804cbb700e
 F src/hash.c 4263fbc955f26c2e8cdc0cf214bc42435aa4e4f5
@@ -235,7 +235,7 @@ F src/shell.c 78eabce4c16c45e36fea2368f95118116399ba8a
 F src/sqlite.h.in ca27603a36fcacdaac5a19d8ee35aaff8ce8516f
 F src/sqlite3.rc 992c9f5fb8285ae285d6be28240a7e8d3a7f2bad
 F src/sqlite3ext.h 17d487c3c91b0b8c584a32fbeb393f6f795eea7d
-F src/sqliteInt.h 3a1fccc2bb62ab16750730b6f6f24305e686a0ce
+F src/sqliteInt.h 8abcea1295138f10ef8f7ed38db5f1b573b93ece
 F src/sqliteLimit.h 216557999cb45f2e3578ed53ebefe228d779cb46
 F src/status.c f266ad8a2892d659b74f0f50cb6a88b6e7c12179
 F src/table.c e7a09215315a978057fb42c640f890160dbcc45e
@@ -288,7 +288,7 @@ F src/test_vfstrace.c bab9594adc976cbe696ff3970728830b4c5ed698
 F src/test_wsd.c 41cadfd9d97fe8e3e4e44f61a4a8ccd6f7ca8fe9
 F src/threads.c 6bbcc9fe50c917864d48287b4792d46d6e873481
 F src/tokenize.c b7fb584c2be5ec39b6fdf04b185e7c6f33f8dc15
-F src/trigger.c 45db6f59c6a945e1fe1acbdc77263c5c414d4c65
+F src/trigger.c 322f23aad694e8f31d384dcfa386d52a48d3c52f
 F src/update.c 3c4ecc282accf12d39edb8d524cf089645e55a13
 F src/utf.c fc6b889ba0779b7722634cdeaa25f1930d93820c
 F src/util.c a6431c92803b975b7322724a7b433e538d243539
@@ -1088,7 +1088,7 @@ F test/trigger8.test 30cb0530bd7c4728055420e3f739aa00412eafa4
 F test/trigger9.test 2226ec795a33b0460ab5cf8891e9054cc7edef41
 F test/triggerA.test fe5597f47ee21bacb4936dc827994ed94161e332
 F test/triggerB.test 56780c031b454abac2340dbb3b71ac5c56c3d7fe
-F test/triggerC.test a68980c5955d62ee24be6f97129d824f199f9a4c
+F test/triggerC.test 302d8995f5ffe63bbc15053abb3ef7a39cf5a092
 F test/triggerD.test 8e7f3921a92a5797d472732108109e44575fa650
 F test/triggerE.test 355e9c5cbaed5cd039a60baad1fb2197caeb8e52
 F test/tt3_checkpoint.c 9e75cf7c1c364f52e1c47fd0f14c4340a9db0fe1
@@ -1252,7 +1252,7 @@ F tool/vdbe_profile.tcl 67746953071a9f8f2f668b73fe899074e2c6d8c1
 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4
 F tool/warnings.sh 0abfd78ceb09b7f7c27c688c8e3fe93268a13b32
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P 718d5d0eab045a874107e078a857226a80ab912d
+P b623ebd859dcb1d99398aa9953f6b113bad26304
-R 7e6bc612737dab76da35e37065b9b922
+R 1545a9c9d59837055bc5d4ecbd66cac7
-U drh
+U dan
-Z ba983635f4ecc26ab029799e1b9c58b7
+Z a1ff940bb9d58b1311bd4296ffd3ef6a

manifest.uuid

@@ -1 +1 @@
-b623ebd859dcb1d99398aa9953f6b113bad26304
+9d887b92f8086961e045f8acb9ee7a443796d411

src/fkey.c

@@ -1275,13 +1275,12 @@ static Trigger *fkActionTrigger(
     pTrigger = (Trigger *)sqlite3DbMallocZero(db, 
         sizeof(Trigger) +         /* struct Trigger */
         sizeof(TriggerStep) +     /* Single step in trigger program */
-        nFrom + 1                 /* Space for pStep->target.z */
+        nFrom + 1                 /* Space for pStep->zTarget */
     );
     if( pTrigger ){
       pStep = pTrigger->step_list = (TriggerStep *)&pTrigger[1];
-      pStep->target.z = (char *)&pStep[1];
+      pStep->zTarget = (char *)&pStep[1];
-      pStep->target.n = nFrom;
+      memcpy((char *)pStep->zTarget, zFrom, nFrom);
-      memcpy((char *)pStep->target.z, zFrom, nFrom);
   
       pStep->pWhere = sqlite3ExprDup(db, pWhere, EXPRDUP_REDUCE);
       pStep->pExprList = sqlite3ExprListDup(db, pList, EXPRDUP_REDUCE);

src/sqliteInt.h

@@ -2776,7 +2776,7 @@ struct Trigger {
  * orconf    -> stores the ON CONFLICT algorithm
  * pSelect   -> If this is an INSERT INTO ... SELECT ... statement, then
  *              this stores a pointer to the SELECT statement. Otherwise NULL.
- * target    -> A token holding the quoted name of the table to insert into.
+ * zTarget   -> Dequoted name of the table to insert into.
  * pExprList -> If this is an INSERT INTO ... VALUES ... statement, then
  *              this stores values to be inserted. Otherwise NULL.
  * pIdList   -> If this is an INSERT INTO ... (<column-names>) VALUES ... 
@@ -2784,12 +2784,12 @@ struct Trigger {
  *              inserted into.
  *
  * (op == TK_DELETE)
- * target    -> A token holding the quoted name of the table to delete from.
+ * zTarget   -> Dequoted name of the table to delete from.
  * pWhere    -> The WHERE clause of the DELETE statement if one is specified.
  *              Otherwise NULL.
  * 
  * (op == TK_UPDATE)
- * target    -> A token holding the quoted name of the table to update rows of.
+ * zTarget   -> Dequoted name of the table to update.
  * pWhere    -> The WHERE clause of the UPDATE statement if one is specified.
  *              Otherwise NULL.
  * pExprList -> A list of the columns to update and the expressions to update
@@ -2801,8 +2801,8 @@ struct TriggerStep {
   u8 op;               /* One of TK_DELETE, TK_UPDATE, TK_INSERT, TK_SELECT */
   u8 orconf;           /* OE_Rollback etc. */
   Trigger *pTrig;      /* The trigger that this step is a part of */
-  Select *pSelect;     /* SELECT statment or RHS of INSERT INTO .. SELECT ... */
+  Select *pSelect;     /* SELECT statement or RHS of INSERT INTO SELECT ... */
-  Token target;        /* Target table for DELETE, UPDATE, INSERT */
+  char *zTarget;       /* Target table for DELETE, UPDATE, INSERT */
   Expr *pWhere;        /* The WHERE clause for DELETE or UPDATE steps */
   ExprList *pExprList; /* SET clause for UPDATE. */
   IdList *pIdList;     /* Column names for INSERT */

src/trigger.c

@@ -372,12 +372,12 @@ static TriggerStep *triggerStepAllocate(
 ){
   TriggerStep *pTriggerStep;
 
-  pTriggerStep = sqlite3DbMallocZero(db, sizeof(TriggerStep) + pName->n);
+  pTriggerStep = sqlite3DbMallocZero(db, sizeof(TriggerStep) + pName->n + 1);
   if( pTriggerStep ){
     char *z = (char*)&pTriggerStep[1];
     memcpy(z, pName->z, pName->n);
-    pTriggerStep->target.z = z;
+    sqlite3Dequote(z);
-    pTriggerStep->target.n = pName->n;
+    pTriggerStep->zTarget = z;
     pTriggerStep->op = op;
   }
   return pTriggerStep;
@@ -660,7 +660,7 @@ Trigger *sqlite3TriggersExist(
 }
 
 /*
-** Convert the pStep->target token into a SrcList and return a pointer
+** Convert the pStep->zTarget string into a SrcList and return a pointer
 ** to that SrcList.
 **
 ** This routine adds a specific database name, if needed, to the target when
@@ -673,18 +673,17 @@ static SrcList *targetSrcList(
   Parse *pParse,       /* The parsing context */
   TriggerStep *pStep   /* The trigger containing the target token */
 ){
+  sqlite3 *db = pParse->db;
   int iDb;             /* Index of the database to use */
   SrcList *pSrc;       /* SrcList to be returned */
 
-  pSrc = sqlite3SrcListAppend(pParse->db, 0, 0, 0);
+  pSrc = sqlite3SrcListAppend(db, 0, 0, 0);
   if( pSrc ){
     assert( pSrc->nSrc>0 );
-    pSrc->a[pSrc->nSrc-1].zName =
+    pSrc->a[pSrc->nSrc-1].zName = sqlite3DbStrDup(db, pStep->zTarget);
-        sqlite3DbStrNDup(pParse->db, pStep->target.z, pStep->target.n);
+    iDb = sqlite3SchemaToIndex(db, pStep->pTrig->pSchema);
-    iDb = sqlite3SchemaToIndex(pParse->db, pStep->pTrig->pSchema);
     if( iDb==0 || iDb>=2 ){
-      sqlite3 *db = pParse->db;
+      assert( iDb<db->nDb );
-      assert( iDb<pParse->db->nDb );
       pSrc->a[pSrc->nSrc-1].zDatabase = sqlite3DbStrDup(db, db->aDb[iDb].zName);
     }
   }

test/triggerC.test

@@ -12,6 +12,7 @@
 
 set testdir [file dirname $argv0]
 source $testdir/tester.tcl
+set testprefix triggerC
 ifcapable {!trigger} {
   finish_test
   return
@@ -993,4 +994,52 @@ reset_db
 optimization_control db factor-constants 0
 do_execsql_test triggerC-14.2 $SQL {1 2 3}
 
+#-------------------------------------------------------------------------
+# Check that table names used by trigger programs are dequoted exactly
+# once.
+#
+do_execsql_test 15.1.1 {
+  PRAGMA recursive_triggers = 1;
+  CREATE TABLE node(
+      id int not null primary key, 
+      pid int not null default 0 references node,
+      key varchar not null, 
+      path varchar default '',
+      unique(pid, key)
+      );
+  CREATE TRIGGER node_delete_referencing AFTER DELETE ON "node"
+    BEGIN
+    DELETE FROM "node" WHERE pid = old."id";
+  END;
+}
+do_execsql_test 15.1.2 {
+  INSERT INTO node(id, pid, key) VALUES(9, 0, 'test');
+  INSERT INTO node(id, pid, key) VALUES(90, 9, 'test1');
+  INSERT INTO node(id, pid, key) VALUES(900, 90, 'test2');
+  DELETE FROM node WHERE id=9;
+  SELECT * FROM node;
+}
+
+do_execsql_test 15.2.1 {
+  CREATE TABLE   x1  (x);
+
+  CREATE TABLE   x2  (a, b);
+  CREATE TABLE '"x2"'(a, b);
+
+  INSERT INTO x2 VALUES(1, 2);
+  INSERT INTO x2 VALUES(3, 4);
+  INSERT INTO '"x2"' SELECT * FROM x2;
+
+  CREATE TRIGGER x1ai AFTER INSERT ON x1 BEGIN
+    INSERT INTO """x2""" VALUES('x', 'y');
+    DELETE FROM """x2""" WHERE a=1;
+    UPDATE """x2""" SET b = 11 WHERE a = 3;
+  END;
+
+  INSERT INTO x1 VALUES('go!');
+}
+
+do_execsql_test 15.2.2 { SELECT * FROM x2;       } {1 2 3 4}
+do_execsql_test 15.2.3 { SELECT * FROM """x2"""; } {3 11 x y}
+
 finish_test