database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-11-16 23:02:26 +03:00
Code Activity

Protect every access to the Table.u union using a nearby assert() or branch.

Browse Source 
FossilOrigin-Name: 50e08338aed7ac0cee600098d2ecd4b3b7bfd31a597bb26773badf3d2e2582c8
This commit is contained in:
drh
2021-10-07 12:11:20 +00:00
parent 16a8f28e49
commit 78b2fa8610
9 changed files with 57 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/alter.c
View File

@@ -367,6 +367,7 @@ void sqlite3AlterFinishAddColumn(Parse *pParse, Token *pColDef){
if( pDflt && pDflt->pLeft->op==TK_NULL ){
pDflt = 0;
}
assert( IsOrdinaryTable(pNew) );
if( (db->flags&SQLITE_ForeignKeys) && pNew->u.tab.pFKey && pDflt ){
sqlite3ErrorIfNotEmpty(pParse, zDb, zTab,
"Cannot add a REFERENCES column with non-NULL default value");
@@ -409,7 +410,8 @@ void sqlite3AlterFinishAddColumn(Parse *pParse, Token *pColDef){
}
/* substr() operations on characters, but addColOffset is in bytes. So we
** have to use printf() to translate between these units: */
assert( !IsVirtual(pTab) );
assert( IsOrdinaryTable(pTab) );
assert( IsOrdinaryTable(pNew) );
sqlite3NestedParse(pParse,
"UPDATE \"%w\"." DFLT_SCHEMA_TABLE " SET "
"sql = printf('%%.%ds, ',sql) || %Q"
@@ -503,6 +505,7 @@ void sqlite3AlterBeginAddColumn(Parse *pParse, SrcList *pSrc){
}
sqlite3MayAbort(pParse);
assert( IsOrdinaryTable(pTab) );
assert( pTab->u.tab.addColOffset>0 );
iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
@@ -533,7 +536,7 @@ void sqlite3AlterBeginAddColumn(Parse *pParse, SrcList *pSrc){
pCol->zCnName = sqlite3DbStrDup(db, pCol->zCnName);
pCol->hName = sqlite3StrIHash(pCol->zCnName);
}
assert( !IsVirtual(pNew) );
assert( IsOrdinaryTable(pNew) );
pNew->u.tab.pDfltList = sqlite3ExprListDup(db, pTab->u.tab.pDfltList, 0);
pNew->pSchema = db->aDb[iDb].pSchema;
pNew->u.tab.addColOffset = pTab->u.tab.addColOffset;
@@ -1531,7 +1534,7 @@ static void renameColumnFunc(
#endif
}
assert( !IsVirtual(sParse.pNewTable) );
assert( IsOrdinaryTable(sParse.pNewTable) );
for(pFKey=sParse.pNewTable->u.tab.pFKey; pFKey; pFKey=pFKey->pNextFrom){
for(i=0; i<pFKey->nCol; i++){
if( bFKOnly==0 && pFKey->aCol[i].iFrom==iCol ){
@@ -1721,7 +1724,7 @@ static void renameTableFunc(
&& !IsVirtual(pTab)
){
FKey *pFKey;
assert( !IsVirtual(pTab) );
assert( IsOrdinaryTable(pTab) );
for(pFKey=pTab->u.tab.pFKey; pFKey; pFKey=pFKey->pNextFrom){
if( sqlite3_stricmp(pFKey->zTo, zOld)==0 ){
renameTokenFind(&sParse, &sCtx, (void*)pFKey->zTo);
@@ -2042,7 +2045,7 @@ static void dropColumnFunc(
pEnd = renameTokenFind(&sParse, 0, (void*)pTab->aCol[iCol+1].zCnName);
zEnd = (const char*)pEnd->t.z;
}else{
assert( !IsVirtual(pTab) );
assert( IsOrdinaryTable(pTab) );
zEnd = (const char*)&zSql[pTab->u.tab.addColOffset];
while( ALWAYS(pCol->t.z[0]!=0) && pCol->t.z[0]!=',' ) pCol->t.z--;
}

13
src/build.c
View File

@@ -683,7 +683,7 @@ void sqlite3ColumnSetExpr(
Expr *pExpr /* The new default expression */
){
ExprList *pList;
assert( !IsVirtual(pTab) );
assert( IsOrdinaryTable(pTab) );
pList = pTab->u.tab.pDfltList;
if( pCol->iDflt==0
|| NEVER(pList==0)
@@ -704,7 +704,7 @@ void sqlite3ColumnSetExpr(
*/
Expr *sqlite3ColumnExpr(Table *pTab, Column *pCol){
if( pCol->iDflt==0 ) return 0;
if( NEVER(IsVirtual(pTab)) ) return 0;
if( NEVER(!IsOrdinaryTable(pTab)) ) return 0;
if( NEVER(pTab->u.tab.pDfltList==0) ) return 0;
if( NEVER(pTab->u.tab.pDfltList->nExpr<pCol->iDflt) ) return 0;
return pTab->u.tab.pDfltList->a[pCol->iDflt-1].pExpr;
@@ -763,13 +763,13 @@ void sqlite3DeleteColumnNames(sqlite3 *db, Table *pTable){
sqlite3DbFree(db, pCol->zCnName);
}
sqlite3DbFree(db, pTable->aCol);
if( !IsVirtual(pTable) ){
if( IsOrdinaryTable(pTable) ){
sqlite3ExprListDelete(db, pTable->u.tab.pDfltList);
}
if( db==0 || db->pnBytesFreed==0 ){
pTable->aCol = 0;
pTable->nCol = 0;
if( !IsVirtual(pTable) ){
if( IsOrdinaryTable(pTable) ){
pTable->u.tab.pDfltList = 0;
}
}
@@ -3549,6 +3549,7 @@ void sqlite3CreateForeignKey(
goto fk_end;
}
pFKey->pFrom = p;
assert( IsOrdinaryTable(p) );
pFKey->pNextFrom = p->u.tab.pFKey;
z = (char*)&pFKey->aCol[nCol];
pFKey->zTo = z;
@@ -3614,7 +3615,7 @@ void sqlite3CreateForeignKey(
/* Link the foreign key to the table as the last step.
*/
assert( !IsVirtual(p) );
assert( IsOrdinaryTable(p) );
p->u.tab.pFKey = pFKey;
pFKey = 0;
@@ -3637,7 +3638,7 @@ void sqlite3DeferForeignKey(Parse *pParse, int isDeferred){
Table *pTab;
FKey *pFKey;
if( (pTab = pParse->pNewTable)==0 ) return;
if( NEVER(IsVirtual(pTab)) ) return;
if( NEVER(!IsOrdinaryTable(pTab)) ) return;
if( (pFKey = pTab->u.tab.pFKey)==0 ) return;
assert( isDeferred==0 || isDeferred==1 ); /* EV: R-30323-21917 */
pFKey->isDeferred = (u8)isDeferred;

14
src/fkey.c
View File

@@ -720,13 +720,12 @@ static void fkTriggerDelete(sqlite3 *dbMem, Trigger *p){
*/
void sqlite3FkDropTable(Parse *pParse, SrcList *pName, Table *pTab){
sqlite3 *db = pParse->db;
if( (db->flags&SQLITE_ForeignKeys) && !IsVirtual(pTab) ){
if( (db->flags&SQLITE_ForeignKeys) && IsOrdinaryTable(pTab) ){
int iSkip = 0;
Vdbe *v = sqlite3GetVdbe(pParse);
assert( v ); /* VDBE has already been allocated */
assert( !IsView(pTab) ); /* Not a view */
assert( !IsVirtual(pTab) );
assert( IsOrdinaryTable(pTab) );
if( sqlite3FkReferences(pTab)==0 ){
/* Search for a deferred foreign key constraint for which this table
** is the child table. If one cannot be found, return without
@@ -890,13 +889,13 @@ void sqlite3FkCheck(
/* If foreign-keys are disabled, this function is a no-op. */
if( (db->flags&SQLITE_ForeignKeys)==0 ) return;
if( !IsOrdinaryTable(pTab) ) return;
iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
zDb = db->aDb[iDb].zDbSName;
/* Loop through all the foreign key constraints for which pTab is the
** child table (the table that the foreign key definition is part of). */
assert( !IsVirtual(pTab) );
for(pFKey=pTab->u.tab.pFKey; pFKey; pFKey=pFKey->pNextFrom){
Table *pTo; /* Parent table of foreign key pFKey */
Index *pIdx = 0; /* Index on key columns in pTo */
@@ -1079,10 +1078,9 @@ u32 sqlite3FkOldmask(
Table *pTab /* Table being modified */
){
u32 mask = 0;
if( pParse->db->flags&SQLITE_ForeignKeys ){
if( pParse->db->flags&SQLITE_ForeignKeys && IsOrdinaryTable(pTab) ){
FKey *p;
int i;
assert( !IsVirtual(pTab) );
for(p=pTab->u.tab.pFKey; p; p=p->pNextFrom){
for(i=0; i<p->nCol; i++) mask |= COLUMN_MASK(p->aCol[i].iFrom);
}
@@ -1133,7 +1131,7 @@ int sqlite3FkRequired(
){
int eRet = 1; /* Value to return if bHaveFK is true */
int bHaveFK = 0; /* If FK processing is required */
if( pParse->db->flags&SQLITE_ForeignKeys && !IsVirtual(pTab) ){
if( pParse->db->flags&SQLITE_ForeignKeys && IsOrdinaryTable(pTab) ){
if( !aChange ){
/* A DELETE operation. Foreign key processing is required if the
** table in question is either the child or parent table for any
@@ -1421,7 +1419,7 @@ void sqlite3FkDelete(sqlite3 *db, Table *pTab){
FKey *pFKey; /* Iterator variable */
FKey *pNext; /* Copy of pFKey->pNextFrom */
assert( !IsVirtual(pTab) );
assert( IsOrdinaryTable(pTab) );
for(pFKey=pTab->u.tab.pFKey; pFKey; pFKey=pNext){
assert( db==0 || sqlite3SchemaMutexHeld(db, 0, pTab->pSchema) );

4
src/insert.c
View File

@@ -2219,7 +2219,8 @@ void sqlite3GenerateConstraintChecks(
**
** This is not possible for ENABLE_PREUPDATE_HOOK builds, as the row
** must be explicitly deleted in order to ensure any pre-update hook
** is invoked. */
** is invoked. */
assert( IsOrdinaryTable(pTab) );
#ifndef SQLITE_ENABLE_PREUPDATE_HOOK
if( (ix==0 && pIdx->pNext==0) /* Condition 3 */
&& pPk==pIdx /* Condition 2 */
@@ -2940,6 +2941,7 @@ static int xferOptimization(
** the extra complication to make this rule less restrictive is probably
** not worth the effort. Ticket [6284df89debdfa61db8073e062908af0c9b6118e]
*/
assert( IsOrdinaryTable(pDest) );
if( (db->flags & SQLITE_ForeignKeys)!=0 && pDest->u.tab.pFKey!=0 ){
return 0;
}

8
src/pragma.c
View File

@@ -1408,7 +1408,7 @@ void sqlite3Pragma(
FKey *pFK;
Table *pTab;
pTab = sqlite3FindTable(db, zRight, zDb);
if( pTab && !IsVirtual(pTab) ){
if( pTab && IsOrdinaryTable(pTab) ){
pFK = pTab->u.tab.pFKey;
if( pFK ){
int iTabDb = sqlite3SchemaToIndex(db, pTab->pSchema);
@@ -1468,7 +1468,7 @@ void sqlite3Pragma(
pTab = (Table*)sqliteHashData(k);
k = sqliteHashNext(k);
}
if( pTab==0 || IsVirtual(pTab) || pTab->u.tab.pFKey==0 ) continue;
if( pTab==0 || !IsOrdinaryTable(pTab) || pTab->u.tab.pFKey==0 ) continue;
iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
zDb = db->aDb[iDb].zDbSName;
sqlite3CodeVerifySchema(pParse, iDb);
@@ -1476,7 +1476,7 @@ void sqlite3Pragma(
if( pTab->nCol+regRow>pParse->nMem ) pParse->nMem = pTab->nCol + regRow;
sqlite3OpenTable(pParse, 0, iDb, pTab, OP_OpenRead);
sqlite3VdbeLoadString(v, regResult, pTab->zName);
assert( !IsVirtual(pTab) );
assert( IsOrdinaryTable(pTab) );
for(i=1, pFK=pTab->u.tab.pFKey; pFK; i++, pFK=pFK->pNextFrom){
pParent = sqlite3FindTable(db, pFK->zTo, zDb);
if( pParent==0 ) continue;
@@ -1499,7 +1499,7 @@ void sqlite3Pragma(
if( pFK ) break;
if( pParse->nTab<i ) pParse->nTab = i;
addrTop = sqlite3VdbeAddOp1(v, OP_Rewind, 0); VdbeCoverage(v);
assert( !IsVirtual(pTab) );
assert( IsOrdinaryTable(pTab) );
for(i=1, pFK=pTab->u.tab.pFKey; pFK; i++, pFK=pFK->pNextFrom){
pParent = sqlite3FindTable(db, pFK->zTo, zDb);
pIdx = 0;

2
src/vdbeblob.c
View File

@@ -212,7 +212,7 @@ int sqlite3_blob_open(
** key columns must be indexed. The check below will pick up this
** case. */
FKey *pFKey;
assert( !IsVirtual(pTab) );
assert( IsOrdinaryTable(pTab) );
for(pFKey=pTab->u.tab.pFKey; pFKey; pFKey=pFKey->pNextFrom){
int j;
for(j=0; j<pFKey->nCol; j++){

19
src/vtab.c
View File

@@ -228,7 +228,10 @@ void sqlite3VtabUnlock(VTable *pVTab){
*/
static VTable *vtabDisconnectAll(sqlite3 *db, Table *p){
VTable *pRet = 0;
VTable *pVTable = p->u.vtab.p;
VTable *pVTable;
assert( IsVirtual(p) );
pVTable = p->u.vtab.p;
p->u.vtab.p = 0;
/* Assert that the mutex (if any) associated with the BtShared database
@@ -336,6 +339,7 @@ void sqlite3VtabUnlockList(sqlite3 *db){
** database connection.
*/
void sqlite3VtabClear(sqlite3 *db, Table *p){
assert( IsVirtual(p) );
if( !db || db->pnBytesFreed==0 ) vtabDisconnectAll(0, p);
if( p->u.vtab.azArg ){
int i;
@@ -353,9 +357,12 @@ void sqlite3VtabClear(sqlite3 *db, Table *p){
** deleted.
*/
static void addModuleArgument(Parse *pParse, Table *pTable, char *zArg){
sqlite3_int64 nBytes = sizeof(char *)*(2+pTable->u.vtab.nArg);
sqlite3_int64 nBytes;
char **azModuleArg;
sqlite3 *db = pParse->db;
assert( IsVirtual(pTable) );
nBytes = sizeof(char *)*(2+pTable->u.vtab.nArg);
if( pTable->u.vtab.nArg+3>=db->aLimit[SQLITE_LIMIT_COLUMN] ){
sqlite3ErrorMsg(pParse, "too many columns on %s", pTable->zName);
}
@@ -442,6 +449,7 @@ void sqlite3VtabFinishParse(Parse *pParse, Token *pEnd){
sqlite3 *db = pParse->db; /* The database connection */
if( pTab==0 ) return;
assert( IsVirtual(pTab) );
addArgumentToVtab(pParse);
pParse->sArg.z = 0;
if( pTab->u.vtab.nArg<1 ) return;
@@ -559,13 +567,16 @@ static int vtabCallConstructor(
VtabCtx sCtx;
VTable *pVTable;
int rc;
const char *const*azArg = (const char *const*)pTab->u.vtab.azArg;
const char *const*azArg;
int nArg = pTab->u.vtab.nArg;
char *zErr = 0;
char *zModuleName;
int iDb;
VtabCtx *pCtx;
assert( IsVirtual(pTab) );
azArg = (const char *const*)pTab->u.vtab.azArg;
/* Check that the virtual-table is not already being initialized */
for(pCtx=db->pVtabCtx; pCtx; pCtx=pCtx->pPrior){
if( pCtx->pTab==pTab ){
@@ -893,7 +904,7 @@ int sqlite3VtabCallDestroy(sqlite3 *db, int iDb, const char *zTab){
Table *pTab;
pTab = sqlite3FindTable(db, zTab, db->aDb[iDb].zDbSName);
if( pTab!=0 && ALWAYS(pTab->u.vtab.p!=0) ){
if( pTab!=0 && ALWAYS(IsVirtual(pTab)) && ALWAYS(pTab->u.vtab.p!=0) ){
VTable *p;
int (*xDestroy)(sqlite3_vtab *);
for(p=pTab->u.vtab.p; p; p=p->pNext){