diff options
author | Victor Stinner <victor.stinner@gmail.com> | 2013-07-21 11:05:38 (GMT) |
---|---|---|
committer | Victor Stinner <victor.stinner@gmail.com> | 2013-07-21 11:05:38 (GMT) |
commit | 41801f581202ab8fab149465d10568003c9a8aad (patch) | |
tree | a282752e8b378bec69a45ab608c6f427369ebb2c /Modules | |
parent | b97cc49c3a4870713f1872de87543651dc940e96 (diff) | |
download | cpython-41801f581202ab8fab149465d10568003c9a8aad.zip cpython-41801f581202ab8fab149465d10568003c9a8aad.tar.gz cpython-41801f581202ab8fab149465d10568003c9a8aad.tar.bz2 |
Issue #18519, #18408: Fix sqlite authorizer callback
If a previous call to the authorizer callback failed and raised an exception,
don't call the Python authorizer callback, but just return SQLITE_DENY.
Diffstat (limited to 'Modules')
-rw-r--r-- | Modules/_sqlite/connection.c | 38 |
1 files changed, 23 insertions, 15 deletions
diff --git a/Modules/_sqlite/connection.c b/Modules/_sqlite/connection.c index 6a58431..ed4ae1c 100644 --- a/Modules/_sqlite/connection.c +++ b/Modules/_sqlite/connection.c @@ -883,25 +883,33 @@ static int _authorizer_callback(void* user_arg, int action, const char* arg1, co gilstate = PyGILState_Ensure(); #endif - ret = PyObject_CallFunction((PyObject*)user_arg, "issss", action, arg1, arg2, dbname, access_attempt_source); - if (!ret) { - if (_enable_callback_tracebacks) { - PyErr_Print(); - } else { - PyErr_Clear(); - } + if (!PyErr_Occurred()) { + ret = PyObject_CallFunction((PyObject*)user_arg, "issss", action, arg1, arg2, dbname, access_attempt_source); + + if (!ret) { + if (_enable_callback_tracebacks) { + PyErr_Print(); + } else { + PyErr_Clear(); + } - rc = SQLITE_DENY; - } else { - if (PyLong_Check(ret)) { - rc = _PyLong_AsInt(ret); - if (rc == -1 && PyErr_Occurred()) - rc = SQLITE_DENY; - } else { rc = SQLITE_DENY; + } else { + if (PyLong_Check(ret)) { + rc = _PyLong_AsInt(ret); + if (rc == -1 && PyErr_Occurred()) + rc = SQLITE_DENY; + } else { + rc = SQLITE_DENY; + } + Py_DECREF(ret); } - Py_DECREF(ret); + } + else { + /* A previous call to the authorizer callback failed and raised an + exception: don't call the Python authorizer callback */ + rc = SQLITE_DENY; } #ifdef WITH_THREAD |