Skip to content

Commit

Permalink
Do not allow CREATE TABLE or CREATE VIEW of an object with a name tha…
Browse files Browse the repository at this point in the history 
…t looks

like a shadow table name.

FossilOrigin-Name: 6aef58b629d89955f85f65191ba2be67b2adfac4f0327fe9a7141cb2705dbc00
  • Loading branch information
drh committed Nov 16, 2019
1 parent 070ae3b commit 527cbd4
Show file tree
Hide file tree
Showing 5 changed files with 39 additions and 22 deletions.
19 changes: 8 additions & 11 deletions manifest
View file
@@ -1,5 +1,5 @@
C Break\sout\sthe\stest\sfor\swritable\sshadow\stables\sinto\sa\sseparate\ssubroutine.
D 2019-11-16T13:51:31.727
C Do\snot\sallow\sCREATE\sTABLE\sor\sCREATE\sVIEW\sof\san\sobject\swith\sa\sname\sthat\slooks\nlike\sa\sshadow\stable\sname.
D 2019-11-16T14:15:19.202
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
Expand Down Expand Up @@ -470,7 +470,7 @@ F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6
F src/btree.c 12e251f8c3eaad05e6d0db94772bf779b3a644e18d884025da6bcbc98cad1d22
F src/btree.h f27a33c49280209a93385e218306c4ee5f46ba8d7649d2f81a7166b282232484
F src/btreeInt.h 91806f01fd1145a9a86ba3042f25c38d8faf6002701bf5e780742cf88bcff437
F src/build.c 0001fed71cad92f94b3ed3ca38007de9cf61e1d48b209ba22feaeb606bbe6de1
F src/build.c fe0b0b6dfab27a6f5778bd3dba8db879fda114c1d524a9597e5195ac55c8d01b
F src/callback.c 88615dfc0a82167b65b452b4b305dbf86be77200b3343c6ffc6d03e92a01d181
F src/complete.c a3634ab1e687055cd002e11b8f43eb75c17da23e
F src/ctime.c 1b0724e66f95f33b160b1af85caaf9cceb325d22abf39bd24df4f54a73982251
Expand Down Expand Up @@ -531,7 +531,7 @@ F src/shell.c.in c06961f202f3cc50b819744b7331d3caea3d79d958402f4900b066824855746
F src/sqlite.h.in 95f50dc42fddab20064bf308c6756fcf2fdd84998dda15ae404a89c5c8d2cd10
F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
F src/sqlite3ext.h 72af51aa4e912e14cd495fb6e7fac65f0940db80ed950d90911aff292cc47ce2
F src/sqliteInt.h 7bce951adf6bc8015accda3c204bc8da8127f7c8fa9e8684a9fcbf25e941206d
F src/sqliteInt.h 98bc9562acfc361e34182aa25b00e2c73095732ddd3ba4158f984b94f5601f96
F src/sqliteLimit.h 1513bfb7b20378aa0041e7022d04acb73525de35b80b252f1b83fedb4de6a76b
F src/status.c 46e7aec11f79dad50965a5ca5fa9de009f7d6bde08be2156f1538a0a296d4d0e
F src/table.c b46ad567748f24a326d9de40e5b9659f96ffff34
Expand Down Expand Up @@ -634,7 +634,7 @@ F test/altercol.test 54374d2ba18af25bb24e23acf18a60270d4ec120b7ec0558078b59d5aa1
F test/alterlegacy.test 82022721ce0de29cedc9a7af63bc9fcc078b0ee000f8283b4b6ea9c3eab2f44b
F test/altermalloc.test 167a47de41b5c638f5f5c6efb59784002b196fff70f98d9b4ed3cd74a3fb80c9
F test/altermalloc2.test fa7b1c1139ea39b8dec407cf1feb032ca8e0076bd429574969b619175ad0174b
F test/altertab.test 8069e5a8cbd3cb35732d3ec680dcc5273c2587ebd8e6a5d51084fa8059e468e5
F test/altertab.test 4d8b79b0b88b62b90b710390df14fe99e0a3578345526886eaa550e28e3065dc
F test/altertab2.test 8883693952f6d7fb5f754dbf1d694ed780aa883027bef04cb1fb99a3b88c9272
F test/altertab3.test f40013d333e273da57e329fac6c2268a58aa09d17c3575936b343eeb2fa09180
F test/amatch1.test b5ae7065f042b7f4c1c922933f4700add50cdb9f
Expand Down Expand Up @@ -1849,10 +1849,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
P 70390bbca49e706649ca5b7c031f0baf416fc38798c17e5f3b73746b3e66e3b5
R eb1e2d60d183f45db7dd5d6f1b4dd659
T *branch * defensive-improvements
T *sym-defensive-improvements *
T -sym-trunk *
P 8ad34d36a141fa8f5d9bd784dfeb892c983897a6dc6b867607cc668508acf944
R eb081275a7e8dd518362d4efeb289e7e
U drh
Z 25e7114e721d6c257eca936cdc80fddc
Z 5fd6ba2bd9359116ce6160036d7c9b86
2 changes: 1 addition & 1 deletion manifest.uuid
View file
@@ -1 +1 @@
8ad34d36a141fa8f5d9bd784dfeb892c983897a6dc6b867607cc668508acf944
6aef58b629d89955f85f65191ba2be67b2adfac4f0327fe9a7141cb2705dbc00
11 changes: 5 additions & 6 deletions src/build.c
View file
Expand Up @@ -856,13 +856,14 @@ int sqlite3CheckObjectName(
}
}
}else{
if( pParse->nested==0
&& 0==sqlite3StrNICmp(zName, "sqlite_", 7)
if( (pParse->nested==0 && 0==sqlite3StrNICmp(zName, "sqlite_", 7))
|| (sqlite3ReadOnlyShadowTables(db) && sqlite3ShadowTableName(db, zName))
){
sqlite3ErrorMsg(pParse, "object name reserved for internal use: %s",
zName);
return SQLITE_ERROR;
}

}
return SQLITE_OK;
}
Expand Down Expand Up @@ -2129,7 +2130,7 @@ static void convertToWithoutRowidTable(Parse *pParse, Table *pTab){
** zName is temporarily modified while this routine is running, but is
** restored to its original value prior to this routine returning.
*/
static int isShadowTableName(sqlite3 *db, char *zName){
int sqlite3ShadowTableName(sqlite3 *db, const char *zName){
char *zTail; /* Pointer to the last "_" in zName */
Table *pTab; /* Table that zName is a shadow of */
Module *pMod; /* Module for the virtual table */
Expand All @@ -2147,8 +2148,6 @@ static int isShadowTableName(sqlite3 *db, char *zName){
if( pMod->pModule->xShadowName==0 ) return 0;
return pMod->pModule->xShadowName(zTail+1);
}
#else
# define isShadowTableName(x,y) 0
#endif /* ifndef SQLITE_OMIT_VIRTUALTABLE */

/*
Expand Down Expand Up @@ -2190,7 +2189,7 @@ void sqlite3EndTable(
p = pParse->pNewTable;
if( p==0 ) return;

if( pSelect==0 && isShadowTableName(db, p->zName) ){
if( pSelect==0 && sqlite3ShadowTableName(db, p->zName) ){
p->tabFlags |= TF_Shadow;
}

Expand Down
5 changes: 5 additions & 0 deletions src/sqliteInt.h
View file
Expand Up @@ -4548,6 +4548,11 @@ void sqlite3AutoLoadExtensions(sqlite3*);
# define sqlite3VtabInSync(db) ((db)->nVTrans>0 && (db)->aVTrans==0)
#endif
int sqlite3ReadOnlyShadowTables(sqlite3 *db);
#ifndef SQLITE_OMIT_VIRTUALTABLE
int sqlite3ShadowTableName(sqlite3 *db, const char *zName);
#else
# define sqlite3ShadowTableName(A,B) 0
#endif
int sqlite3VtabEponymousTableInit(Parse*,Module*);
void sqlite3VtabEponymousTableClear(sqlite3*,Module*);
void sqlite3VtabMakeWritable(Parse*,Table*);
Expand Down
24 changes: 20 additions & 4 deletions test/altertab.test
View file
Expand Up @@ -547,13 +547,29 @@ ifcapable fts3 {
} {1 {table y1_segments may not be modified}}

do_catchsql_test 16.20 {
ALTER TABLE y1_segments RENAME TO abc;
} {1 {table y1_segments may not be altered}}

do_catchsql_test 16.21 {
DROP TABLE y1_segments;
} {1 {table y1_segments may not be dropped}}

do_catchsql_test 16.20 {
ALTER TABLE y1_segments RENAME TO abc;
} {1 {table y1_segments may not be altered}}
sqlite3_db_config db DEFENSIVE 0
do_catchsql_test 16.22 {
ALTER TABLE y1_segments RENAME TO abc;
} {0 {}}
sqlite3_db_config db DEFENSIVE 1
do_catchsql_test 16.23 {
CREATE TABLE y1_segments AS SELECT * FROM abc;
} {1 {object name reserved for internal use: y1_segments}}
do_catchsql_test 16.24 {
CREATE VIEW y1_segments AS SELECT * FROM abc;
} {1 {object name reserved for internal use: y1_segments}}
sqlite3_db_config db DEFENSIVE 0
do_catchsql_test 16.25 {
ALTER TABLE abc RENAME TO y1_segments;
} {0 {}}
sqlite3_db_config db DEFENSIVE 1

do_execsql_test 16.30 {
ALTER TABLE y1 RENAME TO z1;
}
Expand Down

0 comments on commit 527cbd4

Please sign in to comment.