Experimental branch with new sqlite3_db_config() options that could possible

enhance security for applications reading potentially compromised database files. FossilOrigin-Name: 96a2db2612f2e47bbec0e374a242820c88f03c42ccbf8467abccaef41469bae2
2025-08-10 01:02:56 +03:00 · 2019-12-31 22:52:10 +00:00
parent 64de2a5f7b
commit b945bcdaf1
7 changed files with 85 additions and 26 deletions
--- a/src/resolve.c
+++ b/src/resolve.c
@@ -861,6 +861,16 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
          ** constant because they are constant for the duration of one query.
          ** This allows them to be factored out of inner loops. */
          ExprSetProperty(pExpr,EP_ConstFunc);
+        }else{
+          if( ExprHasProperty(pExpr, EP_Indirect)
+           && !IN_RENAME_OBJECT
+           && (pParse->db->flags & SQLITE_UnsafeInView)==0
+          ){
+            /* If SQLITE_DBCONFIG_UNSAFE_IN_VIEW is off, then functions with
+            ** side effects are not allowed inside triggers and views. */
+            sqlite3ErrorMsg(pParse, "%s() prohibited in triggers and views",
+                            pDef->zName);
+          }
        }
        if( (pDef->funcFlags & SQLITE_FUNC_CONSTANT)==0 ){
          /* Date/time functions that use 'now', and other functions like