Fossil

Check-in [2056f624]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Restrict the TH1 "query" command to be read-only and to only be able to see a specific subset of tables in the repository database file.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:2056f624c0f88985929afcc8683f34376b243672
User & Date: drh 2012-12-09 19:22:17
Context
2012-12-10
19:35
A little bit smarter determination of the need for -DBROKEN_MINGW_CMDLINE check-in: 0e5c1280 user: jan.nijtmans tags: trunk
2012-12-09
19:22
Restrict the TH1 "query" command to be read-only and to only be able to see a specific subset of tables in the repository database file. check-in: 2056f624 user: drh tags: trunk
2012-12-08
23:14
Pull from upstream the SQLite version after the collating-sequence refactor. Fossil does not need this - the purpose is for testing the new SQLite in a real-world application. check-in: 8e31adaf user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/report.c.

170
171
172
173
174
175
176

177
178
179
180
181
182
183
    case SQLITE_SELECT:
    case SQLITE_FUNCTION: {
      break;
    }
    case SQLITE_READ: {
      static const char *const azAllowed[] = {
         "ticket",

         "blob",
         "filename",
         "mlink",
         "plink",
         "event",
         "tag",
         "tagxref",







>







170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
    case SQLITE_SELECT:
    case SQLITE_FUNCTION: {
      break;
    }
    case SQLITE_READ: {
      static const char *const azAllowed[] = {
         "ticket",
         "ticketchng",
         "blob",
         "filename",
         "mlink",
         "plink",
         "event",
         "tag",
         "tagxref",

Changes to src/th_main.c.

605
606
607
608
609
610
611

612
613
614
615
616
617
618
619
620
621
622


623

624
625

626
627
628
629
630
631
632
  int rc;
  const char *zSql;
  int nSql;
  const char *zTail;
  int n, i;
  int res = TH_OK;
  int nVar;


  if( argc!=3 ){
    return Th_WrongNumArgs(interp, "query SQL CODE");
  }
  if( g.db==0 ){
    Th_ErrorMessage(interp, "database is not open", 0, 0);
    return TH_ERROR;
  }
  zSql = argv[1];
  nSql = argl[1];
  while( res==TH_OK && nSql>0 ){


    rc = sqlite3_prepare_v2(g.db, argv[1], argl[1], &pStmt, &zTail);

    if( rc!=0 ){
      Th_ErrorMessage(interp, "SQL error: ", sqlite3_errmsg(g.db), -1);

      return TH_ERROR;
    }
    n = (int)(zTail - zSql);
    zSql += n;
    nSql -= n;
    if( pStmt==0 ) continue;
    nVar = sqlite3_bind_parameter_count(pStmt);







>











>
>

>
|
|
>







605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
  int rc;
  const char *zSql;
  int nSql;
  const char *zTail;
  int n, i;
  int res = TH_OK;
  int nVar;
  char *zErr = 0;

  if( argc!=3 ){
    return Th_WrongNumArgs(interp, "query SQL CODE");
  }
  if( g.db==0 ){
    Th_ErrorMessage(interp, "database is not open", 0, 0);
    return TH_ERROR;
  }
  zSql = argv[1];
  nSql = argl[1];
  while( res==TH_OK && nSql>0 ){
    zErr = 0;
    sqlite3_set_authorizer(g.db, report_query_authorizer, (void*)&zErr);
    rc = sqlite3_prepare_v2(g.db, argv[1], argl[1], &pStmt, &zTail);
    sqlite3_set_authorizer(g.db, 0, 0);
    if( rc!=0 || zErr!=0 ){
      Th_ErrorMessage(interp, "SQL error: ",
                      zErr ? zErr : sqlite3_errmsg(g.db), -1);
      return TH_ERROR;
    }
    n = (int)(zTail - zSql);
    zSql += n;
    nSql -= n;
    if( pStmt==0 ) continue;
    nVar = sqlite3_bind_parameter_count(pStmt);