Extend the authorization mechanism to disallow the ATTACH and DETACH commands.

Ticket #340. (CVS 1010) FossilOrigin-Name: a97dca73aed0b42d8dcf944360667ae93c5324fd
2025-07-30 19:03:16 +03:00 · 2003-06-06 19:00:42 +00:00
parent 70dc85a4c2
commit 81e293b4b2
6 changed files with 150 additions and 31 deletions
--- a/src/attach.c
+++ b/src/attach.c
@ -11,7 +11,7 @@
 *************************************************************************
 ** This file contains code used to implement the ATTACH and DETACH commands.
 **
-** $Id: attach.c,v 1.5 2003/06/03 01:47:11 drh Exp $
+** $Id: attach.c,v 1.6 2003/06/06 19:00:42 drh Exp $
 */
 #include "sqliteInt.h"

@ -43,6 +43,32 @@ void sqliteAttach(Parse *pParse, Token *pFilename, Token *pDbname){
    pParse->rc = SQLITE_ERROR;
    return;
  }
+
+  zFile = 0;
+  sqliteSetNString(&zFile, pFilename->z, pFilename->n, 0);
+  if( zFile==0 ) return;
+  sqliteDequote(zFile);
+#ifndef SQLITE_OMIT_AUTHORIZATION
+  if( sqliteAuthCheck(pParse, SQLITE_ATTACH, zFile, 0, 0)!=SQLITE_OK ){
+    sqliteFree(zFile);
+    return;
+  }
+#endif /* SQLITE_OMIT_AUTHORIZATION */
+
+  zName = 0;
+  sqliteSetNString(&zName, pDbname->z, pDbname->n, 0);
+  if( zName==0 ) return;
+  sqliteDequote(zName);
+  for(i=0; i<db->nDb; i++){
+    if( db->aDb[i].zName && sqliteStrICmp(db->aDb[i].zName, zName)==0 ){
+      sqliteErrorMsg(pParse, "database %z is already in use", zName);
+      pParse->rc = SQLITE_ERROR;
+      sqliteFree(zFile);
+      sqliteFree(zName);
+      return;
+    }
+  }
+
  if( db->aDb==db->aDbStatic ){
    aNew = sqliteMalloc( sizeof(db->aDb[0])*3 );
    if( aNew==0 ) return;
@ -58,24 +84,7 @@ void sqliteAttach(Parse *pParse, Token *pFilename, Token *pDbname){
  sqliteHashInit(&aNew->idxHash, SQLITE_HASH_STRING, 0);
  sqliteHashInit(&aNew->trigHash, SQLITE_HASH_STRING, 0);
  sqliteHashInit(&aNew->aFKey, SQLITE_HASH_STRING, 1);
-  
-  zName = 0;
-  sqliteSetNString(&zName, pDbname->z, pDbname->n, 0);
-  if( zName==0 ) return;
-  sqliteDequote(zName);
-  for(i=0; i<db->nDb; i++){
-    if( db->aDb[i].zName && sqliteStrICmp(db->aDb[i].zName, zName)==0 ){
-      sqliteErrorMsg(pParse, "database %z is already in use", zName);
-      db->nDb--;
-      pParse->rc = SQLITE_ERROR;
-      return;
-    }
-  }
  aNew->zName = zName;
-  zFile = 0;
-  sqliteSetNString(&zFile, pFilename->z, pFilename->n, 0);
-  if( zFile==0 ) return;
-  sqliteDequote(zFile);
  rc = sqliteBtreeFactory(db, zFile, 0, MAX_PAGES, &aNew->pBt);
  if( rc ){
    sqliteErrorMsg(pParse, "unable to open database: %s", zFile);
@ -117,6 +126,11 @@ void sqliteDetach(Parse *pParse, Token *pDbname){
    sqliteErrorMsg(pParse, "cannot detach database %T", pDbname);
    return;
  }
+#ifndef SQLITE_OMIT_AUTHORIZATION
+  if( sqliteAuthCheck(pParse,SQLITE_DETACH,db->aDb[i].zName,0,0)!=SQLITE_OK ){
+    return;
+  }
+#endif /* SQLITE_OMIT_AUTHORIZATION */
  sqliteBtreeClose(db->aDb[i].pBt);
  db->aDb[i].pBt = 0;
  sqliteFree(db->aDb[i].zName);
--- a/src/sqlite.h.in
+++ b/src/sqlite.h.in
@ -12,7 +12,7 @@
 ** This header file defines the interface that the SQLite library
 ** presents to client programs.
 **
-** @(#) $Id: sqlite.h.in,v 1.48 2003/06/06 15:44:01 drh Exp $
+** @(#) $Id: sqlite.h.in,v 1.49 2003/06/06 19:00:42 drh Exp $
 */
 #ifndef _SQLITE_H_
 #define _SQLITE_H_
@ -555,6 +555,9 @@ int sqlite_set_authorizer(
 #define SQLITE_SELECT               21   /* NULL            NULL            */
 #define SQLITE_TRANSACTION          22   /* NULL            NULL            */
 #define SQLITE_UPDATE               23   /* Table Name      Column Name     */
+#define SQLITE_ATTACH               24   /* Filename        NULL            */
+#define SQLITE_DETACH               25   /* Database Name   NULL            */
+

 /*
 ** The return value of the authorization function should be one of the
--- a/src/tclsqlite.c
+++ b/src/tclsqlite.c
@ -11,7 +11,7 @@
 *************************************************************************
 ** A TCL Interface to SQLite
 **
-** $Id: tclsqlite.c,v 1.48 2003/04/23 12:25:24 drh Exp $
+** $Id: tclsqlite.c,v 1.49 2003/06/06 19:00:42 drh Exp $
 */
 #ifndef NO_TCL     /* Omit this whole file if TCL is unavailable */

@ -380,6 +380,8 @@ static int auth_callback(
    case SQLITE_SELECT            : zCode="SQLITE_SELECT"; break;
    case SQLITE_TRANSACTION       : zCode="SQLITE_TRANSACTION"; break;
    case SQLITE_UPDATE            : zCode="SQLITE_UPDATE"; break;
+    case SQLITE_ATTACH            : zCode="SQLITE_ATTACH"; break;
+    case SQLITE_DETACH            : zCode="SQLITE_DETACH"; break;
    default                       : zCode="????"; break;
  }
  Tcl_DStringInit(&str);