Fossil SCM

Make sure all appropriate SQL function security precautions are in place.

drh 2020-11-29 19:30 trunk
Commit 994a7c72d9412a00a853f476589460697090fb387bffce1a2790492e9ab87fe9
Parent 6ade35427f4651f…
3 files changed +2 -2 +5 -1 +1 -1
~ src/checkout.c ~ src/db.c ~ src/update.c
M src/checkout.c
+2 -2
--- src/checkout.c
+++ src/checkout.c
@@ -49,13 +49,13 @@
4949
 void uncheckout(int vid){
5050
 char *zPwd;
5151
 if( vid<=0 ) return;
5252
 sqlite3_create_function(g.db, "dirname",1,SQLITE_UTF8,0,
5353
 file_dirname_sql_function, 0, 0);
54
- sqlite3_create_function(g.db, "unlink",1,SQLITE_UTF8,0,
54
+ sqlite3_create_function(g.db, "unlink",1,SQLITE_UTF8|SQLITE_DIRECTONLY,0,
5555
 file_delete_sql_function, 0, 0);
56
- sqlite3_create_function(g.db, "rmdir", 1, SQLITE_UTF8, 0,
56
+ sqlite3_create_function(g.db, "rmdir", 1, SQLITE_UTF8|SQLITE_DIRECTONLY, 0,
5757
 file_rmdir_sql_function, 0, 0);
5858
 db_multi_exec(
5959
 "CREATE TEMP TABLE dir_to_delete(name TEXT %s PRIMARY KEY)WITHOUT ROWID",
6060
 filename_collation()
6161
 );
6262
--- src/checkout.c
+++ src/checkout.c
@@ -49,13 +49,13 @@
49 void uncheckout(int vid){
50 char *zPwd;
51 if( vid<=0 ) return;
52 sqlite3_create_function(g.db, "dirname",1,SQLITE_UTF8,0,
53 file_dirname_sql_function, 0, 0);
54 sqlite3_create_function(g.db, "unlink",1,SQLITE_UTF8,0,
55 file_delete_sql_function, 0, 0);
56 sqlite3_create_function(g.db, "rmdir", 1, SQLITE_UTF8, 0,
57 file_rmdir_sql_function, 0, 0);
58 db_multi_exec(
59 "CREATE TEMP TABLE dir_to_delete(name TEXT %s PRIMARY KEY)WITHOUT ROWID",
60 filename_collation()
61 );
62
--- src/checkout.c
+++ src/checkout.c
@@ -49,13 +49,13 @@
49 void uncheckout(int vid){
50 char *zPwd;
51 if( vid<=0 ) return;
52 sqlite3_create_function(g.db, "dirname",1,SQLITE_UTF8,0,
53 file_dirname_sql_function, 0, 0);
54 sqlite3_create_function(g.db, "unlink",1,SQLITE_UTF8|SQLITE_DIRECTONLY,0,
55 file_delete_sql_function, 0, 0);
56 sqlite3_create_function(g.db, "rmdir", 1, SQLITE_UTF8|SQLITE_DIRECTONLY, 0,
57 file_rmdir_sql_function, 0, 0);
58 db_multi_exec(
59 "CREATE TEMP TABLE dir_to_delete(name TEXT %s PRIMARY KEY)WITHOUT ROWID",
60 filename_collation()
61 );
62
M src/db.c
+5 -1
--- src/db.c
+++ src/db.c
@@ -1617,10 +1617,15 @@
16171617
 );
16181618
 if( rc!=SQLITE_OK ){
16191619
 db_err("[%s]: %s", zDbName, sqlite3_errmsg(db));
16201620
 }
16211621
 db_maybe_set_encryption_key(db, zDbName);
1622
+ sqlite3_db_config(db, SQLITE_DBCONFIG_ENABLE_FKEY, 0, &rc);
1623
+ sqlite3_db_config(db, SQLITE_DBCONFIG_TRUSTED_SCHEMA, 0, &rc);
1624
+ sqlite3_db_config(db, SQLITE_DBCONFIG_DQS_DDL, 0, &rc);
1625
+ sqlite3_db_config(db, SQLITE_DBCONFIG_DQS_DML, 0, &rc);
1626
+ sqlite3_db_config(db, SQLITE_DBCONFIG_DEFENSIVE, 1, &rc);
16221627
 sqlite3_busy_timeout(db, 15000);
16231628
 sqlite3_wal_autocheckpoint(db, 1); /* Set to checkpoint frequently */
16241629
 sqlite3_create_function(db, "user", 0, SQLITE_UTF8, 0, db_sql_user, 0, 0);
16251630
 sqlite3_create_function(db, "cgi", 1, SQLITE_UTF8, 0, db_sql_cgi, 0, 0);
16261631
 sqlite3_create_function(db, "cgi", 2, SQLITE_UTF8, 0, db_sql_cgi, 0, 0);
@@ -1633,11 +1638,10 @@
16331638
 );
16341639
 if( g.fSqlTrace ) sqlite3_trace_v2(db, SQLITE_TRACE_PROFILE, db_sql_trace, 0);
16351640
 db_add_aux_functions(db);
16361641
 re_add_sql_func(db); /* The REGEXP operator */
16371642
 foci_register(db); /* The "files_of_checkin" virtual table */
1638
- sqlite3_db_config(db, SQLITE_DBCONFIG_ENABLE_FKEY, 0, &rc);
16391643
 sqlite3_set_authorizer(db, db_top_authorizer, db);
16401644
 return db;
16411645
 }
16421646
16431647
16441648
--- src/db.c
+++ src/db.c
@@ -1617,10 +1617,15 @@
1617 );
1618 if( rc!=SQLITE_OK ){
1619 db_err("[%s]: %s", zDbName, sqlite3_errmsg(db));
1620 }
1621 db_maybe_set_encryption_key(db, zDbName);
 
 
 
 
 
1622 sqlite3_busy_timeout(db, 15000);
1623 sqlite3_wal_autocheckpoint(db, 1); /* Set to checkpoint frequently */
1624 sqlite3_create_function(db, "user", 0, SQLITE_UTF8, 0, db_sql_user, 0, 0);
1625 sqlite3_create_function(db, "cgi", 1, SQLITE_UTF8, 0, db_sql_cgi, 0, 0);
1626 sqlite3_create_function(db, "cgi", 2, SQLITE_UTF8, 0, db_sql_cgi, 0, 0);
@@ -1633,11 +1638,10 @@
1633 );
1634 if( g.fSqlTrace ) sqlite3_trace_v2(db, SQLITE_TRACE_PROFILE, db_sql_trace, 0);
1635 db_add_aux_functions(db);
1636 re_add_sql_func(db); /* The REGEXP operator */
1637 foci_register(db); /* The "files_of_checkin" virtual table */
1638 sqlite3_db_config(db, SQLITE_DBCONFIG_ENABLE_FKEY, 0, &rc);
1639 sqlite3_set_authorizer(db, db_top_authorizer, db);
1640 return db;
1641 }
1642
1643
1644
--- src/db.c
+++ src/db.c
@@ -1617,10 +1617,15 @@
1617 );
1618 if( rc!=SQLITE_OK ){
1619 db_err("[%s]: %s", zDbName, sqlite3_errmsg(db));
1620 }
1621 db_maybe_set_encryption_key(db, zDbName);
1622 sqlite3_db_config(db, SQLITE_DBCONFIG_ENABLE_FKEY, 0, &rc);
1623 sqlite3_db_config(db, SQLITE_DBCONFIG_TRUSTED_SCHEMA, 0, &rc);
1624 sqlite3_db_config(db, SQLITE_DBCONFIG_DQS_DDL, 0, &rc);
1625 sqlite3_db_config(db, SQLITE_DBCONFIG_DQS_DML, 0, &rc);
1626 sqlite3_db_config(db, SQLITE_DBCONFIG_DEFENSIVE, 1, &rc);
1627 sqlite3_busy_timeout(db, 15000);
1628 sqlite3_wal_autocheckpoint(db, 1); /* Set to checkpoint frequently */
1629 sqlite3_create_function(db, "user", 0, SQLITE_UTF8, 0, db_sql_user, 0, 0);
1630 sqlite3_create_function(db, "cgi", 1, SQLITE_UTF8, 0, db_sql_cgi, 0, 0);
1631 sqlite3_create_function(db, "cgi", 2, SQLITE_UTF8, 0, db_sql_cgi, 0, 0);
@@ -1633,11 +1638,10 @@
1638 );
1639 if( g.fSqlTrace ) sqlite3_trace_v2(db, SQLITE_TRACE_PROFILE, db_sql_trace, 0);
1640 db_add_aux_functions(db);
1641 re_add_sql_func(db); /* The REGEXP operator */
1642 foci_register(db); /* The "files_of_checkin" virtual table */
 
1643 sqlite3_set_authorizer(db, db_top_authorizer, db);
1644 return db;
1645 }
1646
1647
1648
M src/update.c
+1 -1
--- src/update.c
+++ src/update.c
@@ -595,11 +595,11 @@
595595
 if( dryRunFlag ){
596596
 db_end_transaction(1); /* With --dry-run, rollback changes */
597597
 }else{
598598
 char *zPwd;
599599
 ensure_empty_dirs_created(1);
600
- sqlite3_create_function(g.db, "rmdir", 1, SQLITE_UTF8, 0,
600
+ sqlite3_create_function(g.db, "rmdir", 1, SQLITE_UTF8|SQLITE_DIRECTONLY, 0,
601601
 file_rmdir_sql_function, 0, 0);
602602
 zPwd = file_getcwd(0,0);
603603
 db_multi_exec(
604604
 "SELECT rmdir(%Q||name) FROM dir_to_delete"
605605
 " WHERE (%Q||name)<>%Q ORDER BY name DESC",
606606
--- src/update.c
+++ src/update.c
@@ -595,11 +595,11 @@
595 if( dryRunFlag ){
596 db_end_transaction(1); /* With --dry-run, rollback changes */
597 }else{
598 char *zPwd;
599 ensure_empty_dirs_created(1);
600 sqlite3_create_function(g.db, "rmdir", 1, SQLITE_UTF8, 0,
601 file_rmdir_sql_function, 0, 0);
602 zPwd = file_getcwd(0,0);
603 db_multi_exec(
604 "SELECT rmdir(%Q||name) FROM dir_to_delete"
605 " WHERE (%Q||name)<>%Q ORDER BY name DESC",
606
--- src/update.c
+++ src/update.c
@@ -595,11 +595,11 @@
595 if( dryRunFlag ){
596 db_end_transaction(1); /* With --dry-run, rollback changes */
597 }else{
598 char *zPwd;
599 ensure_empty_dirs_created(1);
600 sqlite3_create_function(g.db, "rmdir", 1, SQLITE_UTF8|SQLITE_DIRECTONLY, 0,
601 file_rmdir_sql_function, 0, 0);
602 zPwd = file_getcwd(0,0);
603 db_multi_exec(
604 "SELECT rmdir(%Q||name) FROM dir_to_delete"
605 " WHERE (%Q||name)<>%Q ORDER BY name DESC",
606

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button