database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-12-07 20:22:20 +03:00
Code Activity

Add compile time option SQLITE_ENABLE_URI_00_ERROR. If defined, any "%00"

Browse Source 
escape found in a URI is treated as an error.

FossilOrigin-Name: e8a9bfece27e2af178a206ad6bce3f24d64e7ee4
This commit is contained in:
dan
2016-10-26 12:15:41 +00:00
parent 01e697b4ec
commit 5c35e90377
7 changed files with 90 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/main.c
View File

@@ -2615,6 +2615,7 @@ int sqlite3ParseUri(
assert( octet>=0 && octet<256 );
if( octet==0 ){
#ifndef SQLITE_ENABLE_URI_00_ERROR
/* This branch is taken when "%00" appears within the URI. In this
** case we ignore all text in the remainder of the path, name or
** value currently being parsed. So ignore the current character
@@ -2627,6 +2628,12 @@ int sqlite3ParseUri(
iIn++;
}
continue;
#else
/* If ENABLE_URI_00_ERROR is defined, "%00" in a URI is an error. */
*pzErrMsg = sqlite3_mprintf("unexpected %%00 in uri");
rc = SQLITE_ERROR;
goto parse_uri_out;
#endif
}
c = octet;
}else if( eState==1 && (c=='&' || c=='=') ){