third_party/sqlite/patches/0017-fts2-Disable-fts2_tokenizer-for-security-reasons.patch - Issue 885473002: [sql] Rewrite sqlite patching "system".

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/sqlite/patches/0017-fts2-Disable-fts2_tokenizer-for-security-reasons.patch

Issue 885473002: [sql] Rewrite sqlite patching "system". (Closed) Base URL: http://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fixed typo in readme. Created 5 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/sqlite/patches/0016-fts2-test-Add-fts2-to-testfixture.patch ('k') | third_party/sqlite/patches/0018-fts2-backport-ICU-tokenizer-iterate-by-UTF16.patch » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 From ffc4e16279571911d59495335652905e06ac2b63 Mon Sep 17 00:00:00 2001

	2 From: Scott Hess <shess@chromium.org>

	3 Date: Mon, 22 Dec 2014 14:06:33 -0800

	4 Subject: [PATCH 17/23] [fts2] Disable fts2_tokenizer for security reasons.

	5

	6 This was a leftover bit from merging the Gears SQLite into Chromium's version.

	7

	8 Original commit URL, which also shifted directory structure:

	9 http://src.chromium.org/viewvc/chrome?revision=7623&view=revision

	10 ---

	11 third_party/sqlite/src/ext/fts2/fts2.c \| 18 ++++++++++++++++++

	12 1 file changed, 18 insertions(+)

	13

	14 diff --git a/third_party/sqlite/src/ext/fts2/fts2.c b/third_party/sqlite/src/ext /fts2/fts2.c

	15 index 3d9728a..4945cd9 100644

	16 --- a/third_party/sqlite/src/ext/fts2/fts2.c

	17 +++ b/third_party/sqlite/src/ext/fts2/fts2.c

	18 @@ -37,6 +37,20 @@

	19 ** This is an SQLite module implementing full-text search.

	20 */

	21

	22 +/* TODO(shess): To make it easier to spot changes without groveling

	23 +** through changelogs, I've defined GEARS_FTS2_CHANGES to call them

	24 +** out, and I will document them here. On imports, these changes

	25 +** should be reviewed to make sure they are still present, or are

	26 +** dropped as appropriate.

	27 +**

	28 +** SQLite core adds the custom function fts2_tokenizer() to be used

	29 +** for defining new tokenizers. The second parameter is a vtable

	30 +** pointer encoded as a blob. Obviously this cannot be exposed to

	31 +** Gears callers for security reasons. It could be suppressed in the

	32 +** authorizer, but for now I have simply commented the definition out.

	33 +*/

	34 +#define GEARS_FTS2_CHANGES 1

	35 +

	36 /*

	37 ** The code in this file is only compiled if:

	38 **

	39 @@ -6822,7 +6836,11 @@ int sqlite3Fts2Init(sqlite3 *db){

	40 ** module with sqlite.

	41 */

	42 if( SQLITE_OK==rc

	43 +#if GEARS_FTS2_CHANGES && !SQLITE_TEST

	44 + /* fts2_tokenizer() disabled for security reasons. */

	45 +#else

	46 && SQLITE_OK==(rc = sqlite3Fts2InitHashTable(db, pHash, "fts2_tokenizer"))

	47 +#endif

	48 && SQLITE_OK==(rc = sqlite3_overload_function(db, "snippet", -1))

	49 && SQLITE_OK==(rc = sqlite3_overload_function(db, "offsets", -1))

	50 && SQLITE_OK==(rc = sqlite3_overload_function(db, "optimize", -1))

	51 --

	52 2.2.1

	53

OLD	NEW