From 6a4559c58004d090391a308f587970ea1103ba25 Mon Sep 17 00:00:00 2001
From: Cory McWilliams <cory@unprompted.com>
Date: Fri, 21 Oct 2022 23:30:22 +0000
Subject: [PATCH] Trying to understand / work around sql logic errors.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4015 ed5197a5-7fde-0310-b194-c3ffbd925b24
---
 Makefile     |  4 ++--
 src/ssb.db.c | 24 +++++++++++++++++++-----
 2 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/Makefile b/Makefile
index 5a164f4c..744b7bc6 100644
--- a/Makefile
+++ b/Makefile
@@ -202,8 +202,8 @@ $(SQLITE_OBJS): CFLAGS += \
 	-DSQLITE_MAX_LENGTH=5242880 \
 	-DSQLITE_MAX_SQL_LENGTH=100000 \
 	-DSQLITE_MAX_COLUMN=100 \
-	-DSQLITE_MAX_EXPR_DEPTH=20 \
-	-DSQLITE_MAX_COMPOUND_SELECT=3 \
+	-DSQLITE_MAX_EXPR_DEPTH=40 \
+	-DSQLITE_MAX_COMPOUND_SELECT=300 \
 	-DSQLITE_MAX_VDBE_OP=25000 \
 	-DSQLITE_MAX_FUNCTION_ARG=8 \
 	-DSQLITE_MAX_ATTACHED=0 \
diff --git a/src/ssb.db.c b/src/ssb.db.c
index e2864ada..670d7824 100644
--- a/src/ssb.db.c
+++ b/src/ssb.db.c
@@ -163,6 +163,9 @@ void tf_ssb_db_init(tf_ssb_t* ssb)
 	_tf_ssb_db_exec(db, "DROP TRIGGER IF EXISTS messages_ad_refs");
 	_tf_ssb_db_exec(db, "CREATE TRIGGER IF NOT EXISTS messages_ad_refs AFTER DELETE ON messages BEGIN DELETE FROM messages_refs WHERE messages_refs.message = old.id; END");
 
+	_tf_ssb_db_exec(db, "CREATE INDEX IF NOT EXISTS messages_refs_message_idx ON messages_refs (message)");
+	_tf_ssb_db_exec(db, "CREATE INDEX IF NOT EXISTS messages_refs_ref_idx ON messages_refs (ref)");
+
 	bool need_add_sequence_before_author = true;
 	bool need_convert_timestamp_to_real = false;
 
@@ -612,29 +615,40 @@ static JSValue _tf_ssb_sqlite_row_to_json(JSContext* context, sqlite3_stmt* row)
 
 static int _tf_ssb_sqlite_authorizer(void* user_data, int action_code, const char* arg0, const char* arg1, const char* arg2, const char* arg3)
 {
+	int result = SQLITE_DENY;
 	switch (action_code)
 	{
 	case SQLITE_SELECT:
 	case SQLITE_FUNCTION:
-		return SQLITE_OK;
+		result = SQLITE_OK;
+		break;
 	case SQLITE_READ:
-		return (
+		result = (
 			strcmp(arg0, "blob_wants") == 0 ||
 			strcmp(arg0, "json_each") == 0 ||
 			strcmp(arg0, "messages") == 0 ||
 			strcmp(arg0, "messages_fts") == 0 ||
 			strcmp(arg0, "messages_fts_idx") == 0 ||
 			strcmp(arg0, "messages_refs") == 0 ||
+			strcmp(arg0, "messages_refs_message_idx") == 0 ||
+			strcmp(arg0, "messages_refs_ref_idx") == 0 ||
 			strcmp(arg0, "sqlite_master") == 0 ||
 			false)
 			? SQLITE_OK : SQLITE_DENY;
 		break;
 	case SQLITE_PRAGMA:
-		return strcmp(arg0, "data_version") == 0 ? SQLITE_OK : SQLITE_DENY;
+		result = strcmp(arg0, "data_version") == 0 ? SQLITE_OK : SQLITE_DENY;
+		break;
 	case SQLITE_UPDATE:
-		return strcmp(arg0, "sqlite_master") == 0 ? SQLITE_OK : SQLITE_DENY;
+		result = strcmp(arg0, "sqlite_master") == 0 ? SQLITE_OK : SQLITE_DENY;
+		break;
 	}
-	return SQLITE_DENY;
+	if (result != SQLITE_OK)
+	{
+		printf("Denying sqlite access to %d %s %s %s %s\n", action_code, arg0, arg1, arg2, arg3);
+		fflush(stdout);
+	}
+	return result;
 }
 
 JSValue tf_ssb_db_visit_query(tf_ssb_t* ssb, const char* query, const JSValue binds, void (*callback)(JSValue row, void* user_data), void* user_data)