third_party/sqlite/patches/0007-fts3-Disable-fts3_tokenizer-and-fts4.patch - Issue 2765553002: [sql] Import SQLite 3.17.0.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/sqlite/patches/0007-fts3-Disable-fts3_tokenizer-and-fts4.patch

Issue 2765553002: [sql] Import SQLite 3.17.0. (Closed)

Patch Set: Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/sqlite/patches/0006-fts3-Disable-fts3_tokenizer-and-fts4.patch ('k') | third_party/sqlite/patches/0007-fts3-Interior-node-corruption-detection.patch » ('j') | third_party/sqlite/patches/0010-build-Undefined-symbol-in-intrinsic-on-clang.patch » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
	(Empty)
1 From 9283044fa483fceefcb077d7b682d570e0d099ee Mon Sep 17 00:00:00 2001

2 From: Scott Hess <shess@chromium.org>

3 Date: Tue, 16 Dec 2014 13:02:27 -0800

4 Subject: [PATCH 07/10] [fts3] Disable fts3_tokenizer and fts4.

5

6 fts3_tokenizer allows a SQLite user to specify a pointer to call as a

7 function, which has obvious sercurity implications. Disable fts4 until

8 someone explicitly decides to own support for it. Disable fts3tokenize

9 virtual table until someone explicitly decides to own support for it.

10

11 No original review URL because this was part of the initial Chromium commit.

12 ---

13 third_party/sqlite/src/ext/fts3/fts3.c \| 9 +++++++++

14 1 file changed, 9 insertions(+)

15

16 diff --git a/third_party/sqlite/src/ext/fts3/fts3.c b/third_party/sqlite/src/ext /fts3/fts3.c

17 index 748faef..4f2ebb8 100644

18 --- a/third_party/sqlite/src/ext/fts3/fts3.c

19 +++ b/third_party/sqlite/src/ext/fts3/fts3.c

20 @@ -287,6 +287,7 @@

21 ** query logic likewise merges doclists so that newer data knocks out

22 ** older data.

23 */

24 +#define CHROMIUM_FTS3_CHANGES 1

25

26 #include "fts3Int.h"

27 #if !defined(SQLITE_CORE) \|\| defined(SQLITE_ENABLE_FTS3)

28 @@ -3933,7 +3934,11 @@ int sqlite3Fts3Init(sqlite3 *db){

29 ** module with sqlite.

30 */

31 if( SQLITE_OK==rc

32 +#if CHROMIUM_FTS3_CHANGES && !SQLITE_TEST

33 + /* fts3_tokenizer() disabled for security reasons. */

34 +#else

35 && SQLITE_OK==(rc = sqlite3Fts3InitHashTable(db, pHash, "fts3_tokenizer"))

36 +#endif

37 && SQLITE_OK==(rc = sqlite3_overload_function(db, "snippet", -1))

38 && SQLITE_OK==(rc = sqlite3_overload_function(db, "offsets", 1))

39 && SQLITE_OK==(rc = sqlite3_overload_function(db, "matchinfo", 1))

40 @@ -3943,6 +3948,9 @@ int sqlite3Fts3Init(sqlite3 *db){

41 rc = sqlite3_create_module_v2(

42 db, "fts3", &fts3Module, (void *)pHash, hashDestroy

43 );

44 +#if CHROMIUM_FTS3_CHANGES && !SQLITE_TEST

45 + /* Disable fts4 and tokenizer vtab pending review. */

46 +#else

47 if( rc==SQLITE_OK ){

48 rc = sqlite3_create_module_v2(

49 db, "fts4", &fts3Module, (void *)pHash, 0

50 @@ -3951,6 +3959,7 @@ int sqlite3Fts3Init(sqlite3 *db){

51 if( rc==SQLITE_OK ){

52 rc = sqlite3Fts3InitTok(db, (void *)pHash);

53 }

54 +#endif

55 return rc;

56 }

57

58 --

59 2.7.0

60

OLD	NEW