mirror/sqlitebrowser
1
0
Fork 0
mirror of https://github.com/sqlitebrowser/sqlitebrowser.git synced 2026-01-20 11:00:44 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix execution of problematic SQL scripts leading to empty commands

Browse Source 
This fixes the execution of those SQL scripts that by some way or
another are either containing or leading to empty commands. Most notably
this includes two consecurity semicolons and completely empty scripts.
This commit is contained in:
Martin Kleusberg
2017-02-01 18:36:11 +01:00
parent c68303478a
commit 934dd396f4
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/sqlitedb.cpp
View File

@@ -699,10 +699,10 @@ bool DBBrowserDB::executeMultiSQL(const QString& statement, bool dirty, bool log
sqlite3_stmt* vm;
QByteArray utf8Query = query.toUtf8();
const char *tail = utf8Query.data();
int res = 0;
int res = SQLITE_OK;
unsigned int line = 0;
bool structure_updated = false;
do
while(tail && *tail != 0 && (res == SQLITE_OK || res == SQLITE_DONE))
{
line++;
size_t tail_length = strlen(tail);
@@ -733,6 +733,8 @@ bool DBBrowserDB::executeMultiSQL(const QString& statement, bool dirty, bool log
case SQLITE_OK:
case SQLITE_ROW:
case SQLITE_DONE:
case SQLITE_MISUSE: // This is a workaround around problematic user scripts. If they lead to empty commands,
// SQLite will return a misuse error which we hereby ignore.
sqlite3_finalize(vm);
break;
default:
@@ -757,7 +759,7 @@ bool DBBrowserDB::executeMultiSQL(const QString& statement, bool dirty, bool log
qWarning() << lastErrorMessage;
return false;
}
} while(tail && *tail != 0 && (res == SQLITE_OK || res == SQLITE_DONE));
}
// If the DB structure was changed by some command in this SQL script, update our schema representations
if(structure_updated)