Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 41801f5

Browse files
committed
Issue #18519, #18408: Fix sqlite authorizer callback
If a previous call to the authorizer callback failed and raised an exception, don't call the Python authorizer callback, but just return SQLITE_DENY.
1 parent b97cc49 commit 41801f5

1 file changed

Lines changed: 23 additions & 15 deletions

File tree

Modules/_sqlite/connection.c

Lines changed: 23 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -883,25 +883,33 @@ static int _authorizer_callback(void* user_arg, int action, const char* arg1, co
883883

884884
gilstate = PyGILState_Ensure();
885885
#endif
886-
ret = PyObject_CallFunction((PyObject*)user_arg, "issss", action, arg1, arg2, dbname, access_attempt_source);
887886

888-
if (!ret) {
889-
if (_enable_callback_tracebacks) {
890-
PyErr_Print();
891-
} else {
892-
PyErr_Clear();
893-
}
887+
if (!PyErr_Occurred()) {
888+
ret = PyObject_CallFunction((PyObject*)user_arg, "issss", action, arg1, arg2, dbname, access_attempt_source);
889+
890+
if (!ret) {
891+
if (_enable_callback_tracebacks) {
892+
PyErr_Print();
893+
} else {
894+
PyErr_Clear();
895+
}
894896

895-
rc = SQLITE_DENY;
896-
} else {
897-
if (PyLong_Check(ret)) {
898-
rc = _PyLong_AsInt(ret);
899-
if (rc == -1 && PyErr_Occurred())
900-
rc = SQLITE_DENY;
901-
} else {
902897
rc = SQLITE_DENY;
898+
} else {
899+
if (PyLong_Check(ret)) {
900+
rc = _PyLong_AsInt(ret);
901+
if (rc == -1 && PyErr_Occurred())
902+
rc = SQLITE_DENY;
903+
} else {
904+
rc = SQLITE_DENY;
905+
}
906+
Py_DECREF(ret);
903907
}
904-
Py_DECREF(ret);
908+
}
909+
else {
910+
/* A previous call to the authorizer callback failed and raised an
911+
exception: don't call the Python authorizer callback */
912+
rc = SQLITE_DENY;
905913
}
906914

907915
#ifdef WITH_THREAD

0 commit comments

Comments
 (0)