Fossil SCM
Allow recursive queries in user input.
Commit
beaf897cb1ab47d5b73f91f98ee7eeaf94f62f7e
Parent
ae72a652a7882d8…
1 file changed
+1
-5
+1
-5
| --- src/report.c | ||
| +++ src/report.c | ||
| @@ -171,10 +171,11 @@ | ||
| 171 | 171 | /* We've already seen an error. No need to continue. */ |
| 172 | 172 | return SQLITE_OK; |
| 173 | 173 | } |
| 174 | 174 | switch( code ){ |
| 175 | 175 | case SQLITE_SELECT: |
| 176 | + case SQLITE_RECURSIVE: | |
| 176 | 177 | case SQLITE_FUNCTION: { |
| 177 | 178 | break; |
| 178 | 179 | } |
| 179 | 180 | case SQLITE_READ: { |
| 180 | 181 | static const char *const azAllowed[] = { |
| @@ -201,15 +202,10 @@ | ||
| 201 | 202 | }else if( !g.perm.RdAddr && strncmp(zArg2, "private_", 8)==0 ){ |
| 202 | 203 | rc = SQLITE_IGNORE; |
| 203 | 204 | } |
| 204 | 205 | break; |
| 205 | 206 | } |
| 206 | - case SQLITE_RECURSIVE: { | |
| 207 | - *(char**)pError = mprintf("recursive queries are not allowed"); | |
| 208 | - rc = SQLITE_DENY; | |
| 209 | - break; | |
| 210 | - } | |
| 211 | 207 | default: { |
| 212 | 208 | *(char**)pError = mprintf("only SELECT statements are allowed"); |
| 213 | 209 | rc = SQLITE_DENY; |
| 214 | 210 | break; |
| 215 | 211 | } |
| 216 | 212 |
| --- src/report.c | |
| +++ src/report.c | |
| @@ -171,10 +171,11 @@ | |
| 171 | /* We've already seen an error. No need to continue. */ |
| 172 | return SQLITE_OK; |
| 173 | } |
| 174 | switch( code ){ |
| 175 | case SQLITE_SELECT: |
| 176 | case SQLITE_FUNCTION: { |
| 177 | break; |
| 178 | } |
| 179 | case SQLITE_READ: { |
| 180 | static const char *const azAllowed[] = { |
| @@ -201,15 +202,10 @@ | |
| 201 | }else if( !g.perm.RdAddr && strncmp(zArg2, "private_", 8)==0 ){ |
| 202 | rc = SQLITE_IGNORE; |
| 203 | } |
| 204 | break; |
| 205 | } |
| 206 | case SQLITE_RECURSIVE: { |
| 207 | *(char**)pError = mprintf("recursive queries are not allowed"); |
| 208 | rc = SQLITE_DENY; |
| 209 | break; |
| 210 | } |
| 211 | default: { |
| 212 | *(char**)pError = mprintf("only SELECT statements are allowed"); |
| 213 | rc = SQLITE_DENY; |
| 214 | break; |
| 215 | } |
| 216 |
| --- src/report.c | |
| +++ src/report.c | |
| @@ -171,10 +171,11 @@ | |
| 171 | /* We've already seen an error. No need to continue. */ |
| 172 | return SQLITE_OK; |
| 173 | } |
| 174 | switch( code ){ |
| 175 | case SQLITE_SELECT: |
| 176 | case SQLITE_RECURSIVE: |
| 177 | case SQLITE_FUNCTION: { |
| 178 | break; |
| 179 | } |
| 180 | case SQLITE_READ: { |
| 181 | static const char *const azAllowed[] = { |
| @@ -201,15 +202,10 @@ | |
| 202 | }else if( !g.perm.RdAddr && strncmp(zArg2, "private_", 8)==0 ){ |
| 203 | rc = SQLITE_IGNORE; |
| 204 | } |
| 205 | break; |
| 206 | } |
| 207 | default: { |
| 208 | *(char**)pError = mprintf("only SELECT statements are allowed"); |
| 209 | rc = SQLITE_DENY; |
| 210 | break; |
| 211 | } |
| 212 |