Call out restricted DB access when we acquire the reader.
git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4429 ed5197a5-7fde-0310-b194-c3ffbd925b24
This commit is contained in:
parent
172826bf13
commit
b252b921f8
@ -2178,6 +2178,14 @@ sqlite3* tf_ssb_acquire_db_reader(tf_ssb_t* ssb)
|
|||||||
}
|
}
|
||||||
tf_trace_sqlite(ssb->trace, db);
|
tf_trace_sqlite(ssb->trace, db);
|
||||||
uv_mutex_unlock(&ssb->db_readers_lock);
|
uv_mutex_unlock(&ssb->db_readers_lock);
|
||||||
|
sqlite3_set_authorizer(db, NULL, NULL);
|
||||||
|
return db;
|
||||||
|
}
|
||||||
|
|
||||||
|
sqlite3* tf_ssb_acquire_db_reader_restricted(tf_ssb_t* ssb)
|
||||||
|
{
|
||||||
|
sqlite3* db = tf_ssb_acquire_db_reader(ssb);
|
||||||
|
sqlite3_set_authorizer(db, tf_ssb_sqlite_authorizer, ssb);
|
||||||
return db;
|
return db;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -960,10 +960,9 @@ int tf_ssb_sqlite_authorizer(void* user_data, int action_code, const char* arg0,
|
|||||||
JSValue tf_ssb_db_visit_query(tf_ssb_t* ssb, const char* query, const JSValue binds, void (*callback)(JSValue row, void* user_data), void* user_data)
|
JSValue tf_ssb_db_visit_query(tf_ssb_t* ssb, const char* query, const JSValue binds, void (*callback)(JSValue row, void* user_data), void* user_data)
|
||||||
{
|
{
|
||||||
JSValue result = JS_UNDEFINED;
|
JSValue result = JS_UNDEFINED;
|
||||||
sqlite3* db = tf_ssb_acquire_db_reader(ssb);
|
sqlite3* db = tf_ssb_acquire_db_reader_restricted(ssb);
|
||||||
JSContext* context = tf_ssb_get_context(ssb);
|
JSContext* context = tf_ssb_get_context(ssb);
|
||||||
sqlite3_stmt* statement;
|
sqlite3_stmt* statement;
|
||||||
sqlite3_set_authorizer(db, tf_ssb_sqlite_authorizer, ssb);
|
|
||||||
if (sqlite3_prepare(db, query, -1, &statement, NULL) == SQLITE_OK)
|
if (sqlite3_prepare(db, query, -1, &statement, NULL) == SQLITE_OK)
|
||||||
{
|
{
|
||||||
JSValue bind_result = _tf_ssb_sqlite_bind_json(context, db, statement, binds);
|
JSValue bind_result = _tf_ssb_sqlite_bind_json(context, db, statement, binds);
|
||||||
@ -994,7 +993,6 @@ JSValue tf_ssb_db_visit_query(tf_ssb_t* ssb, const char* query, const JSValue bi
|
|||||||
{
|
{
|
||||||
result = JS_ThrowInternalError(context, "SQL Error %s: preparing \"%s\".", sqlite3_errmsg(db), query);
|
result = JS_ThrowInternalError(context, "SQL Error %s: preparing \"%s\".", sqlite3_errmsg(db), query);
|
||||||
}
|
}
|
||||||
sqlite3_set_authorizer(db, NULL, NULL);
|
|
||||||
tf_ssb_release_db_reader(ssb, db);
|
tf_ssb_release_db_reader(ssb, db);
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
@ -82,6 +82,7 @@ tf_ssb_t* tf_ssb_create(uv_loop_t* loop, JSContext* context, const char* db_path
|
|||||||
void tf_ssb_destroy(tf_ssb_t* ssb);
|
void tf_ssb_destroy(tf_ssb_t* ssb);
|
||||||
|
|
||||||
sqlite3* tf_ssb_acquire_db_reader(tf_ssb_t* ssb);
|
sqlite3* tf_ssb_acquire_db_reader(tf_ssb_t* ssb);
|
||||||
|
sqlite3* tf_ssb_acquire_db_reader_restricted(tf_ssb_t* ssb);
|
||||||
void tf_ssb_release_db_reader(tf_ssb_t* ssb, sqlite3* db);
|
void tf_ssb_release_db_reader(tf_ssb_t* ssb, sqlite3* db);
|
||||||
sqlite3* tf_ssb_acquire_db_writer(tf_ssb_t* ssb);
|
sqlite3* tf_ssb_acquire_db_writer(tf_ssb_t* ssb);
|
||||||
void tf_ssb_release_db_writer(tf_ssb_t* ssb, sqlite3* db);
|
void tf_ssb_release_db_writer(tf_ssb_t* ssb, sqlite3* db);
|
||||||
|
@ -428,8 +428,7 @@ static void _tf_ssb_sqlAsync_work(uv_work_t* work)
|
|||||||
tf_ssb_record_thread_busy(sql_work->ssb, true);
|
tf_ssb_record_thread_busy(sql_work->ssb, true);
|
||||||
tf_trace_t* trace = tf_ssb_get_trace(sql_work->ssb);
|
tf_trace_t* trace = tf_ssb_get_trace(sql_work->ssb);
|
||||||
tf_trace_begin(trace, "sql_async_work");
|
tf_trace_begin(trace, "sql_async_work");
|
||||||
sqlite3* db = tf_ssb_acquire_db_reader(sql_work->ssb);
|
sqlite3* db = tf_ssb_acquire_db_reader_restricted(sql_work->ssb);
|
||||||
sqlite3_set_authorizer(db, tf_ssb_sqlite_authorizer, sql_work->ssb);
|
|
||||||
sqlite3_stmt* statement = NULL;
|
sqlite3_stmt* statement = NULL;
|
||||||
sql_work->result = sqlite3_prepare(db, sql_work->query, -1, &statement, NULL);
|
sql_work->result = sqlite3_prepare(db, sql_work->query, -1, &statement, NULL);
|
||||||
if (sql_work->result == SQLITE_OK)
|
if (sql_work->result == SQLITE_OK)
|
||||||
@ -523,7 +522,6 @@ static void _tf_ssb_sqlAsync_work(uv_work_t* work)
|
|||||||
{
|
{
|
||||||
sql_work->error = tf_strdup(sqlite3_errmsg(db));
|
sql_work->error = tf_strdup(sqlite3_errmsg(db));
|
||||||
}
|
}
|
||||||
sqlite3_set_authorizer(db, NULL, NULL);
|
|
||||||
tf_ssb_release_db_reader(sql_work->ssb, db);
|
tf_ssb_release_db_reader(sql_work->ssb, db);
|
||||||
tf_ssb_record_thread_busy(sql_work->ssb, false);
|
tf_ssb_record_thread_busy(sql_work->ssb, false);
|
||||||
tf_trace_end(trace);
|
tf_trace_end(trace);
|
||||||
|
Loading…
Reference in New Issue
Block a user