Skip to content

Commit 1eb6339

Browse files
braces and array bound test
1 parent a6206ef commit 1eb6339

2 files changed

Lines changed: 115 additions & 33 deletions

File tree

c_src/sqlite3_nif.c

Lines changed: 66 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -1454,72 +1454,105 @@ action_code_from_atom(ErlNifEnv* env, ERL_NIF_TERM atom)
14541454
return -1;
14551455
}
14561456

1457-
if (strcmp(buf, "create_index") == 0)
1457+
if (strcmp(buf, "create_index") == 0) {
14581458
return SQLITE_CREATE_INDEX;
1459-
if (strcmp(buf, "create_table") == 0)
1459+
}
1460+
if (strcmp(buf, "create_table") == 0) {
14601461
return SQLITE_CREATE_TABLE;
1461-
if (strcmp(buf, "create_temp_index") == 0)
1462+
}
1463+
if (strcmp(buf, "create_temp_index") == 0) {
14621464
return SQLITE_CREATE_TEMP_INDEX;
1463-
if (strcmp(buf, "create_temp_table") == 0)
1465+
}
1466+
if (strcmp(buf, "create_temp_table") == 0) {
14641467
return SQLITE_CREATE_TEMP_TABLE;
1465-
if (strcmp(buf, "create_temp_trigger") == 0)
1468+
}
1469+
if (strcmp(buf, "create_temp_trigger") == 0) {
14661470
return SQLITE_CREATE_TEMP_TRIGGER;
1467-
if (strcmp(buf, "create_temp_view") == 0)
1471+
}
1472+
if (strcmp(buf, "create_temp_view") == 0) {
14681473
return SQLITE_CREATE_TEMP_VIEW;
1469-
if (strcmp(buf, "create_trigger") == 0)
1474+
}
1475+
if (strcmp(buf, "create_trigger") == 0) {
14701476
return SQLITE_CREATE_TRIGGER;
1471-
if (strcmp(buf, "create_view") == 0)
1477+
}
1478+
if (strcmp(buf, "create_view") == 0) {
14721479
return SQLITE_CREATE_VIEW;
1473-
if (strcmp(buf, "delete") == 0)
1480+
}
1481+
if (strcmp(buf, "delete") == 0) {
14741482
return SQLITE_DELETE;
1475-
if (strcmp(buf, "drop_index") == 0)
1483+
}
1484+
if (strcmp(buf, "drop_index") == 0) {
14761485
return SQLITE_DROP_INDEX;
1477-
if (strcmp(buf, "drop_table") == 0)
1486+
}
1487+
if (strcmp(buf, "drop_table") == 0) {
14781488
return SQLITE_DROP_TABLE;
1479-
if (strcmp(buf, "drop_temp_index") == 0)
1489+
}
1490+
if (strcmp(buf, "drop_temp_index") == 0) {
14801491
return SQLITE_DROP_TEMP_INDEX;
1481-
if (strcmp(buf, "drop_temp_table") == 0)
1492+
}
1493+
if (strcmp(buf, "drop_temp_table") == 0) {
14821494
return SQLITE_DROP_TEMP_TABLE;
1483-
if (strcmp(buf, "drop_temp_trigger") == 0)
1495+
}
1496+
if (strcmp(buf, "drop_temp_trigger") == 0) {
14841497
return SQLITE_DROP_TEMP_TRIGGER;
1485-
if (strcmp(buf, "drop_temp_view") == 0)
1498+
}
1499+
if (strcmp(buf, "drop_temp_view") == 0) {
14861500
return SQLITE_DROP_TEMP_VIEW;
1487-
if (strcmp(buf, "drop_trigger") == 0)
1501+
}
1502+
if (strcmp(buf, "drop_trigger") == 0) {
14881503
return SQLITE_DROP_TRIGGER;
1489-
if (strcmp(buf, "drop_view") == 0)
1504+
}
1505+
if (strcmp(buf, "drop_view") == 0) {
14901506
return SQLITE_DROP_VIEW;
1491-
if (strcmp(buf, "insert") == 0)
1507+
}
1508+
if (strcmp(buf, "insert") == 0) {
14921509
return SQLITE_INSERT;
1493-
if (strcmp(buf, "pragma") == 0)
1510+
}
1511+
if (strcmp(buf, "pragma") == 0) {
14941512
return SQLITE_PRAGMA;
1495-
if (strcmp(buf, "read") == 0)
1513+
}
1514+
if (strcmp(buf, "read") == 0) {
14961515
return SQLITE_READ;
1497-
if (strcmp(buf, "select") == 0)
1516+
}
1517+
if (strcmp(buf, "select") == 0) {
14981518
return SQLITE_SELECT;
1499-
if (strcmp(buf, "transaction") == 0)
1519+
}
1520+
if (strcmp(buf, "transaction") == 0) {
15001521
return SQLITE_TRANSACTION;
1501-
if (strcmp(buf, "update") == 0)
1522+
}
1523+
if (strcmp(buf, "update") == 0) {
15021524
return SQLITE_UPDATE;
1503-
if (strcmp(buf, "attach") == 0)
1525+
}
1526+
if (strcmp(buf, "attach") == 0) {
15041527
return SQLITE_ATTACH;
1505-
if (strcmp(buf, "detach") == 0)
1528+
}
1529+
if (strcmp(buf, "detach") == 0) {
15061530
return SQLITE_DETACH;
1507-
if (strcmp(buf, "alter_table") == 0)
1531+
}
1532+
if (strcmp(buf, "alter_table") == 0) {
15081533
return SQLITE_ALTER_TABLE;
1509-
if (strcmp(buf, "reindex") == 0)
1534+
}
1535+
if (strcmp(buf, "reindex") == 0) {
15101536
return SQLITE_REINDEX;
1511-
if (strcmp(buf, "analyze") == 0)
1537+
}
1538+
if (strcmp(buf, "analyze") == 0) {
15121539
return SQLITE_ANALYZE;
1513-
if (strcmp(buf, "create_vtable") == 0)
1540+
}
1541+
if (strcmp(buf, "create_vtable") == 0) {
15141542
return SQLITE_CREATE_VTABLE;
1515-
if (strcmp(buf, "drop_vtable") == 0)
1543+
}
1544+
if (strcmp(buf, "drop_vtable") == 0) {
15161545
return SQLITE_DROP_VTABLE;
1517-
if (strcmp(buf, "function") == 0)
1546+
}
1547+
if (strcmp(buf, "function") == 0) {
15181548
return SQLITE_FUNCTION;
1519-
if (strcmp(buf, "savepoint") == 0)
1549+
}
1550+
if (strcmp(buf, "savepoint") == 0) {
15201551
return SQLITE_SAVEPOINT;
1521-
if (strcmp(buf, "recursive") == 0)
1552+
}
1553+
if (strcmp(buf, "recursive") == 0) {
15221554
return SQLITE_RECURSIVE;
1555+
}
15231556

15241557
return -1;
15251558
}

test/exqlite/sqlite3_test.exs

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -854,6 +854,55 @@ defmodule Exqlite.Sqlite3Test do
854854
)
855855
end
856856

857+
test "denies all action codes at once without segfault", context do
858+
all_actions = [
859+
:create_index,
860+
:create_table,
861+
:create_temp_index,
862+
:create_temp_table,
863+
:create_temp_trigger,
864+
:create_temp_view,
865+
:create_trigger,
866+
:create_view,
867+
:delete,
868+
:drop_index,
869+
:drop_table,
870+
:drop_temp_index,
871+
:drop_temp_table,
872+
:drop_temp_trigger,
873+
:drop_temp_view,
874+
:drop_trigger,
875+
:drop_view,
876+
:insert,
877+
:pragma,
878+
:read,
879+
:select,
880+
:transaction,
881+
:update,
882+
:attach,
883+
:detach,
884+
:alter_table,
885+
:reindex,
886+
:analyze,
887+
:create_vtable,
888+
:drop_vtable,
889+
:function,
890+
:savepoint,
891+
:recursive
892+
]
893+
894+
:ok = Sqlite3.set_authorizer(context.conn, all_actions)
895+
896+
assert {:error, "not authorized"} =
897+
Sqlite3.execute(context.conn, "ATTACH DATABASE ':memory:' AS x")
898+
899+
assert {:error, "not authorized"} = Sqlite3.execute(context.conn, "SAVEPOINT sp1")
900+
901+
# Clear and verify normal operations work again
902+
:ok = Sqlite3.set_authorizer(context.conn, [])
903+
:ok = Sqlite3.execute(context.conn, "insert into test values (99)")
904+
end
905+
857906
test "raises for invalid action atoms", context do
858907
assert_raise ArgumentError, fn ->
859908
Sqlite3.set_authorizer(context.conn, [:not_a_real_action])

0 commit comments

Comments
 (0)