Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(10)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/sqlite/patches/0008-fts3-Disable-fts3_tokenizer-and-fts4.patch

Issue 949043002: Add //third_party/sqlite to dirs_to_snapshot, remove net_sql.patch (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/sqlite/patches/0007-Custom-shell.c-helpers-to-load-Chromium-s-ICU-data.patch ('k') | third_party/sqlite/patches/0009-fts3-Interior-node-corruption-detection.patch » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/sqlite/patches/0008-fts3-Disable-fts3_tokenizer-and-fts4.patch
diff --git a/third_party/sqlite/patches/0008-fts3-Disable-fts3_tokenizer-and-fts4.patch b/third_party/sqlite/patches/0008-fts3-Disable-fts3_tokenizer-and-fts4.patch
new file mode 100644
index 0000000000000000000000000000000000000000..9e49a9ba60034df94759737a3ffb86879eef34e1
--- /dev/null
+++ b/third_party/sqlite/patches/0008-fts3-Disable-fts3_tokenizer-and-fts4.patch
@@ -0,0 +1,60 @@
+From c18bc2961fbb401a1941e736d81bd048c3b82e88 Mon Sep 17 00:00:00 2001
+From: Scott Hess <shess@chromium.org>
+Date: Tue, 16 Dec 2014 13:02:27 -0800
+Subject: [PATCH 08/16] [fts3] Disable fts3_tokenizer and fts4.
+
+fts3_tokenizer allows a SQLite user to specify a pointer to call as a
+function, which has obvious sercurity implications. Disable fts4 until
+someone explicitly decides to own support for it. Disable fts3tokenize
+virtual table until someone explicitly decides to own support for it.
+
+No original review URL because this was part of the initial Chromium commit.
+---
+ third_party/sqlite/src/ext/fts3/fts3.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/third_party/sqlite/src/ext/fts3/fts3.c b/third_party/sqlite/src/ext/fts3/fts3.c
+index 2b93c62..dbd2835 100644
+--- a/third_party/sqlite/src/ext/fts3/fts3.c
++++ b/third_party/sqlite/src/ext/fts3/fts3.c
+@@ -287,6 +287,7 @@
+ ** query logic likewise merges doclists so that newer data knocks out
+ ** older data.
+ */
++#define CHROMIUM_FTS3_CHANGES 1
+
+ #include "fts3Int.h"
+ #if !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_FTS3)
+@@ -3828,7 +3829,11 @@ int sqlite3Fts3Init(sqlite3 *db){
+ ** module with sqlite.
+ */
+ if( SQLITE_OK==rc
++#if CHROMIUM_FTS3_CHANGES && !SQLITE_TEST
++ /* fts3_tokenizer() disabled for security reasons. */
++#else
+ && SQLITE_OK==(rc = sqlite3Fts3InitHashTable(db, pHash, "fts3_tokenizer"))
++#endif
+ && SQLITE_OK==(rc = sqlite3_overload_function(db, "snippet", -1))
+ && SQLITE_OK==(rc = sqlite3_overload_function(db, "offsets", 1))
+ && SQLITE_OK==(rc = sqlite3_overload_function(db, "matchinfo", 1))
+@@ -3838,6 +3843,9 @@ int sqlite3Fts3Init(sqlite3 *db){
+ rc = sqlite3_create_module_v2(
+ db, "fts3", &fts3Module, (void *)pHash, hashDestroy
+ );
++#if CHROMIUM_FTS3_CHANGES && !SQLITE_TEST
++ /* Disable fts4 and tokenizer vtab pending review. */
++#else
+ if( rc==SQLITE_OK ){
+ rc = sqlite3_create_module_v2(
+ db, "fts4", &fts3Module, (void *)pHash, 0
+@@ -3846,6 +3854,7 @@ int sqlite3Fts3Init(sqlite3 *db){
+ if( rc==SQLITE_OK ){
+ rc = sqlite3Fts3InitTok(db, (void *)pHash);
+ }
++#endif
+ return rc;
+ }
+
+--
+2.2.1
+
« no previous file with comments | « third_party/sqlite/patches/0007-Custom-shell.c-helpers-to-load-Chromium-s-ICU-data.patch ('k') | third_party/sqlite/patches/0009-fts3-Interior-node-corruption-detection.patch » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698