New requirements marks and documentation for the authorizer.

FossilOrigin-Name: 3980ea0911b3ad3f86d7a7bdc6503f233315c274f473e18831e13eda2c238eeb
2025-08-08 14:02:16 +03:00 · 2017-05-11 13:43:57 +00:00
parent ee92eb80db
commit 9418921c59
7 changed files with 65 additions and 12 deletions
--- a/src/auth.c
+++ b/src/auth.c
@@ -216,6 +216,18 @@ int sqlite3AuthCheck(
  if( db->xAuth==0 ){
    return SQLITE_OK;
  }
+
+  /* EVIDENCE-OF: R-43249-19882 The third through sixth parameters to the
+  ** callback are either NULL pointers or zero-terminated strings that
+  ** contain additional details about the action to be authorized.
+  **
+  ** The following testcase() macros show that any of the 3rd through 6th
+  ** parameters can be either NULL or a string. */
+  testcase( zArg1==0 );
+  testcase( zArg2==0 );
+  testcase( zArg3==0 );
+  testcase( pParse->zAuthContext==0 );
+
  rc = db->xAuth(db->pAuthArg, code, zArg1, zArg2, zArg3, pParse->zAuthContext
 #ifdef SQLITE_USER_AUTHENTICATION
                 ,db->auth.zAuthUser