From: Victor Stinner Date: Sun, 21 Jul 2013 11:05:38 +0000 (+0200) Subject: Issue #18519, #18408: Fix sqlite authorizer callback X-Git-Tag: v3.4.0a1~119 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=41801f581202ab8fab149465d10568003c9a8aad;p=python Issue #18519, #18408: Fix sqlite authorizer callback If a previous call to the authorizer callback failed and raised an exception, don't call the Python authorizer callback, but just return SQLITE_DENY. --- diff --git a/Modules/_sqlite/connection.c b/Modules/_sqlite/connection.c index 6a58431aa6..ed4ae1c197 100644 --- a/Modules/_sqlite/connection.c +++ b/Modules/_sqlite/connection.c @@ -883,25 +883,33 @@ static int _authorizer_callback(void* user_arg, int action, const char* arg1, co gilstate = PyGILState_Ensure(); #endif - ret = PyObject_CallFunction((PyObject*)user_arg, "issss", action, arg1, arg2, dbname, access_attempt_source); - if (!ret) { - if (_enable_callback_tracebacks) { - PyErr_Print(); - } else { - PyErr_Clear(); - } + if (!PyErr_Occurred()) { + ret = PyObject_CallFunction((PyObject*)user_arg, "issss", action, arg1, arg2, dbname, access_attempt_source); + + if (!ret) { + if (_enable_callback_tracebacks) { + PyErr_Print(); + } else { + PyErr_Clear(); + } - rc = SQLITE_DENY; - } else { - if (PyLong_Check(ret)) { - rc = _PyLong_AsInt(ret); - if (rc == -1 && PyErr_Occurred()) - rc = SQLITE_DENY; - } else { rc = SQLITE_DENY; + } else { + if (PyLong_Check(ret)) { + rc = _PyLong_AsInt(ret); + if (rc == -1 && PyErr_Occurred()) + rc = SQLITE_DENY; + } else { + rc = SQLITE_DENY; + } + Py_DECREF(ret); } - Py_DECREF(ret); + } + else { + /* A previous call to the authorizer callback failed and raised an + exception: don't call the Python authorizer callback */ + rc = SQLITE_DENY; } #ifdef WITH_THREAD