/ Check-in [961e2f08c3]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:The sqlite3_set_authorizer() interface should only expire prepared statements when it is setting a new authorizer, not when clearing the authorizer. And statements that are running when sqlite3_set_authorizer() is invoked should be allowed to continue running to completion.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 961e2f08c35238bcb1d32430d16451a96807b2c4bbb194ee621128dd09cd3981
User & Date: drh 2019-08-01 22:48:45
Context
2019-08-02
19:40
If a query like "SELECT min(a), b FROM t1" visits no rows where "a" is not null, extract a value for "b" from one of the rows where "a" is null. Fix for ticket [41866dc37]. check-in: faaaae4940 user: dan tags: trunk
18:43
If a query like "SELECT min(a), b FROM t1" visits no rows where "a" is not null, extract a value for "b" from one of the rows where "a" is null. Possible fix for ticket [41866dc37]. Closed-Leaf check-in: a7277ed062 user: dan tags: tkt-41866dc37
2019-08-01
22:48
The sqlite3_set_authorizer() interface should only expire prepared statements when it is setting a new authorizer, not when clearing the authorizer. And statements that are running when sqlite3_set_authorizer() is invoked should be allowed to continue running to completion. check-in: 961e2f08c3 user: drh tags: trunk
15:18
Add new release tests for windows to releasetest_data.tcl. check-in: 1b330ec24c user: dan tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/auth.c.

74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
){
#ifdef SQLITE_ENABLE_API_ARMOR
  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
#endif
  sqlite3_mutex_enter(db->mutex);
  db->xAuth = (sqlite3_xauth)xAuth;
  db->pAuthArg = pArg;
  sqlite3ExpirePreparedStatements(db, 0);
  sqlite3_mutex_leave(db->mutex);
  return SQLITE_OK;
}

/*
** Write an error message into pParse->zErrMsg that explains that the
** user-supplied authorization function returned an illegal value.







|







74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
){
#ifdef SQLITE_ENABLE_API_ARMOR
  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
#endif
  sqlite3_mutex_enter(db->mutex);
  db->xAuth = (sqlite3_xauth)xAuth;
  db->pAuthArg = pArg;
  if( db->xAuth ) sqlite3ExpirePreparedStatements(db, 1);
  sqlite3_mutex_leave(db->mutex);
  return SQLITE_OK;
}

/*
** Write an error message into pParse->zErrMsg that explains that the
** user-supplied authorization function returned an illegal value.

Changes to test/schema.test.

205
206
207
208
209
210
211
212


213
214

215
216
217
218
219
220
221
222









223
224
225
226
227
228
229
  do_test schema-7.4 {
    sqlite3_finalize $::STMT
  } {SQLITE_SCHEMA}
}

#---------------------------------------------------------------------
# Tests 8.1 and 8.2 check that prepared statements are invalidated when
# the authorization function is set.


#
ifcapable auth {

  do_test schema-8.1 {
    set ::STMT [sqlite3_prepare $::DB {SELECT * FROM sqlite_master} -1 TAIL]
    db auth {}
    sqlite3_step $::STMT
  } {SQLITE_ERROR}
  do_test schema-8.3 {
    sqlite3_finalize $::STMT
  } {SQLITE_SCHEMA}









}

#---------------------------------------------------------------------
# schema-9.1: Test that if a table is dropped by one database connection, 
#             other database connections are aware of the schema change.
# schema-9.2: Test that if a view is dropped by one database connection,
#             other database connections are aware of the schema change.







|
>
>


>


|


|


>
>
>
>
>
>
>
>
>







205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
  do_test schema-7.4 {
    sqlite3_finalize $::STMT
  } {SQLITE_SCHEMA}
}

#---------------------------------------------------------------------
# Tests 8.1 and 8.2 check that prepared statements are invalidated when
# the authorization function is set to a non-null function.  Tests 8.11
# and 8.12 verify that no invalidations occur when the authorizer is
# cleared.
#
ifcapable auth {
  proc noop_auth {args} {return SQLITE_OK}
  do_test schema-8.1 {
    set ::STMT [sqlite3_prepare $::DB {SELECT * FROM sqlite_master} -1 TAIL]
    db auth noop_auth
    sqlite3_step $::STMT
  } {SQLITE_ERROR}
  do_test schema-8.2 {
    sqlite3_finalize $::STMT
  } {SQLITE_SCHEMA}
  do_test schema-8.11 {
    set ::STMT [sqlite3_prepare $::DB {SELECT * FROM sqlite_master} -1 TAIL]
    db auth {}
    sqlite3_step $::STMT
  } {SQLITE_ROW}
  do_test schema-8.12 {
    sqlite3_finalize $::STMT
  } {SQLITE_OK}

}

#---------------------------------------------------------------------
# schema-9.1: Test that if a table is dropped by one database connection, 
#             other database connections are aware of the schema change.
# schema-9.2: Test that if a view is dropped by one database connection,
#             other database connections are aware of the schema change.