Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Do not make SQLITE_READ authorizer calls for tables without names, as all such tables will be internal-use-only tables for subqueries and whatnot. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
193c87fc96f964984a144c1a4506ef9d |
| User & Date: | drh 2019-08-07 13:25:21 |
Context
|
2019-08-07
| ||
| 17:45 | Eliminate some more cases of redundant sorting in window-function queries. (check-in: 8158d2aca6 user: dan tags: trunk) | |
| 13:25 | Do not make SQLITE_READ authorizer calls for tables without names, as all such tables will be internal-use-only tables for subqueries and whatnot. (check-in: 193c87fc96 user: drh tags: trunk) | |
|
2019-08-06
| ||
| 21:16 | Ensure that when the col in an operator like "val IN(col)" is a column of a view, its affinity is not used to coerce val. Fix for [0a5e2c1d]. (check-in: 17b3d2218c user: dan tags: trunk) | |
Changes
Changes to src/select.c.
5856 5857 5858 5859 5860 5861 5862 5863 5864 5865 5866 5867 5868 5869 5870 |
** have a column named by the empty string, in which case there is no way to
** distinguish between an unreferenced table and an actual reference to the
** "" column. The original design was for the fake column name to be a NULL,
** which would be unambiguous. But legacy authorization callbacks might
** assume the column name is non-NULL and segfault. The use of an empty
** string for the fake column name seems safer.
*/
if( pItem->colUsed==0 ){
sqlite3AuthCheck(pParse, SQLITE_READ, pItem->zName, "", pItem->zDatabase);
}
#if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW)
/* Generate code for all sub-queries in the FROM clause
*/
pSub = pItem->pSelect;
|
| |
5856 5857 5858 5859 5860 5861 5862 5863 5864 5865 5866 5867 5868 5869 5870 |
** have a column named by the empty string, in which case there is no way to
** distinguish between an unreferenced table and an actual reference to the
** "" column. The original design was for the fake column name to be a NULL,
** which would be unambiguous. But legacy authorization callbacks might
** assume the column name is non-NULL and segfault. The use of an empty
** string for the fake column name seems safer.
*/
if( pItem->colUsed==0 && pItem->zName!=0 ){
sqlite3AuthCheck(pParse, SQLITE_READ, pItem->zName, "", pItem->zDatabase);
}
#if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW)
/* Generate code for all sub-queries in the FROM clause
*/
pSub = pItem->pSelect;
|