From a13047a9ed2b64eefeaa964b926126d5488fcbbe Mon Sep 17 00:00:00 2001 From: Suresh Sundriyal Date: Mon, 2 May 2016 23:28:28 -0700 Subject: [PATCH] [secure-mode] Check to see if URIs are enabled. Check to see if URIs are enabled or not before continuing on with the file uri checks. --- m4/lnav_with_sqlite3.m4 | 6 ++++++ src/sql_util.cc | 13 +++++++++---- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/m4/lnav_with_sqlite3.m4 b/m4/lnav_with_sqlite3.m4 index d79d0364..253e88e7 100644 --- a/m4/lnav_with_sqlite3.m4 +++ b/m4/lnav_with_sqlite3.m4 @@ -95,6 +95,12 @@ AC_DEFUN([LNAV_WITH_SQLITE3], ) ) + AC_CHECK_FUNC(sqlite3_compileoption_used, + AC_DEFINE([HAVE_SQLITE3_COMPILEOPTION_USED], [], + [Have sqlite3_compileoption_used function] + ) + ) + AC_SUBST(HAVE_SQLITE3_VALUE_SUBTYPE) AS_VAR_SET(CFLAGS, $saved_CFLAGS) diff --git a/src/sql_util.cc b/src/sql_util.cc index 65610808..602129f7 100644 --- a/src/sql_util.cc +++ b/src/sql_util.cc @@ -728,13 +728,18 @@ int sqlite_authorizer(void *pUserData, int action_code, const char *detail1, if (!fileName.empty()) { /* In-memory databases are fine. */ - if (fileName.compare(":memory:") == 0 || ( - sqlite3_libversion_number() >= 3008000 && - (fileName.find("file::memory:") == 0 || + if (fileName.compare(":memory:") == 0) { + return SQLITE_OK; + } +#ifdef HAVE_SQLITE3_COMPILEOPTION_USED + if (sqlite3_compileoption_used("SQLITE_USE_URI") && ( + fileName.find("file::memory:") == 0 || ( + (sqlite3_libversion_number() >= 3008000) && ( fileName.find("?mode=memory") != string::npos || - fileName.find("&mode=memory") != string::npos))) { + fileName.find("&mode=memory") != string::npos)))) { return SQLITE_OK; } +#endif return SQLITE_DENY; } }