third_party/sqlite/patches/0010-fts3-Disable-fts3_tokenizer-and-fts4.patch - Issue 901033002: Import SQLite 3.8.7.4.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/sqlite/patches/0010-fts3-Disable-fts3_tokenizer-and-fts4.patch

Issue 901033002: Import SQLite 3.8.7.4. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Chromium changes to support SQLite 3.8.7.4. Created 5 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/sqlite/patches/0010-fts2-test-Add-fts2-to-testfixture.patch ('k') | third_party/sqlite/patches/0011-fts2-Disable-fts2_tokenizer-for-security-reasons.patch » ('j') | third_party/sqlite/src/src/os_unix.c » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
	(Empty)
1 From b11ecfada70198bc5b6dc8419d2b7b3c7f6542b8 Mon Sep 17 00:00:00 2001

2 From: Scott Hess <shess@chromium.org>

3 Date: Tue, 16 Dec 2014 13:02:27 -0800

4 Subject: [PATCH 10/23] [fts3] Disable fts3_tokenizer and fts4.

5

6 fts3_tokenizer allows a SQLite user to specify a pointer to call as a

7 function, which has obvious sercurity implications. Disable fts4 until

8 someone explicitly decides to own support for it.

9

10 No original review URL because this was part of the initial Chromium commit.

11 ---

12 third_party/sqlite/src/ext/fts3/fts3.c \| 9 +++++++++

13 1 file changed, 9 insertions(+)

14

15 diff --git a/third_party/sqlite/src/ext/fts3/fts3.c b/third_party/sqlite/src/ext /fts3/fts3.c

16 index 20da051..7accb11 100644

17 --- a/third_party/sqlite/src/ext/fts3/fts3.c

18 +++ b/third_party/sqlite/src/ext/fts3/fts3.c

19 @@ -291,6 +291,7 @@

20 ** deletions and duplications. This would basically be a forced merge

21 ** into a single segment.

22 */

23 +#define CHROMIUM_FTS3_CHANGES 1

24

25 #if !defined(SQLITE_CORE) \|\| defined(SQLITE_ENABLE_FTS3)

26

27 @@ -3646,7 +3647,11 @@ int sqlite3Fts3Init(sqlite3 *db){

28 ** module with sqlite.

29 */

30 if( SQLITE_OK==rc

31 +#if CHROMIUM_FTS3_CHANGES && !SQLITE_TEST

32 + /* fts3_tokenizer() disabled for security reasons. */

33 +#else

34 && SQLITE_OK==(rc = sqlite3Fts3InitHashTable(db, pHash, "fts3_tokenizer"))

35 +#endif

36 && SQLITE_OK==(rc = sqlite3_overload_function(db, "snippet", -1))

37 && SQLITE_OK==(rc = sqlite3_overload_function(db, "offsets", 1))

38 && SQLITE_OK==(rc = sqlite3_overload_function(db, "matchinfo", 1))

39 @@ -3656,11 +3661,15 @@ int sqlite3Fts3Init(sqlite3 *db){

40 rc = sqlite3_create_module_v2(

41 db, "fts3", &fts3Module, (void *)pHash, hashDestroy

42 );

43 +#if CHROMIUM_FTS3_CHANGES && !SQLITE_TEST

44 + /* Disable fts4 pending review. */

45 +#else

46 if( rc==SQLITE_OK ){

47 rc = sqlite3_create_module_v2(

48 db, "fts4", &fts3Module, (void *)pHash, 0

49 );

50 }

51 +#endif

52 return rc;

53 }

54

55 --

56 2.2.1

57

OLD	NEW