Fix 'ALTER RENAME TABLE' compat issue

This CL disables SQLite's new behavior in "ALTER RENAME TABLE" introduced in version 3.25.0 (https://www.sqlite.org/changes.html). In this new behavior, when renaming a table, SQLite would automatically update all the views and triggers referencing to it, which is nice if an app is always using 3.25 or later. However, in practice, almost all android apps have to support older android versions where this behavior is not supported, apps just can't rely on this feature. Other downsides of the new behavior (in the context of android ecosystem) includes: - Because the new behavior would crash an app when a rename would cause a dangling view or trigger *even when the app does have a fix-up step after ALTER RENAME TABLE* in which case it'd just work fine at the end, it is very risky to enable the new behavior on all apps. - This new behavior also means existing upgrade steps (which may have been introduced years ago) could suddenly fail, if the step is executed in R. This means, if an app used an "ALTER TABLE RENAME" in the upgrade step from ver 1 to ver 2 five years ago and never after, and almost all users are already running ver 2 or newer, *if* there's still a user who are on ver 1, upgrading the app to the latest version could suddenly fail on R. Applications wishing to enable the new behavior can enable it at runtime with the following call: SQLiteDatabase db = ....; // open a DB db.execPerConnectionSQL("PRAGMA legacy_alter_table = 0;", null); Test: atest SQLiteSecurityTest Bug: 147928666 Change-Id: I64546deebd3782ed685fcb46498bc487e0f8d5b6
author: Zim <zezeozue@google.com> 2020-05-07 10:16:08 +0100
committer: Zimuzo Ezeozue <zezeozue@google.com> 2020-05-11 09:58:50 +0000
commit: 88147c430cc041a27d07e593ffea12b7aa586f7a (patch)
tree: 62abce96a859169074db03d9699cc10b58ce2720
parent: 0f62c1a0e8b463b5b27035e11478e66d7daec69a (diff)
7 files changed, 27 insertions, 18 deletions
diff --git a/README.version b/README.version
index 113b49a..e8aeabd 100644
--- a/README.version
+++ b/README.version
@@ -1,4 +1,4 @@
 URL: https://www.sqlite.org/src/tarball/b302b260/SQLite-b302b260.tar.gz
-Version: 3.28.0 b302b260
-This patch fixes CVE-2019-13734，CVE-2019-13751，CVE-2019-13752, CVE-2019-13753 in b/147323008 b/147322738, b/147320136 and b/147320314 respectively
+Version: 3.28.0 b2325a6e
+This patch fixes app compatibility bug b/147928666
 BugComponent: 24950
diff --git a/android/Android.bp b/android/Android.bp
index 0cccef1..11b2ce6 100644
--- a/android/Android.bp
+++ b/android/Android.bp
@@ -19,7 +19,10 @@ cc_library_static {
     ],
     target: {
         android: {
-            cflags: ["-DSQLITE_ENABLE_ICU"],
+            cflags: [
+                    "-DSQLITE_ENABLE_ICU",
+                    "-DSQLITE_DEFAULT_LEGACY_ALTER_TABLE",
+            ],
             shared_libs: [
                 "libandroidicu",
             ],
diff --git a/dist/Android.patch b/dist/Android.patch
index ab90c89..cda5b55 100644
--- a/dist/Android.patch
+++ b/dist/Android.patch
@@ -1,5 +1,5 @@
---- orig/shell.c	2020-04-29 18:24:56.239581819 +0100
-+++ shell.c	2020-04-29 18:25:19.531740101 +0100
+--- orig/shell.c	2020-05-07 10:06:07.883965871 +0100
++++ shell.c	2020-05-07 10:08:55.333081159 +0100
 @@ -87,6 +87,12 @@
  #endif
  #include <ctype.h>
@@ -37,8 +37,8 @@
      if( p->openMode==SHELL_OPEN_ZIPFILE ){
        char *zSql = sqlite3_mprintf(
           "CREATE VIRTUAL TABLE zip USING zipfile(%Q);", p->zDbFilename);
---- orig/sqlite3.c	2020-04-29 18:24:56.211581629 +0100
-+++ sqlite3.c	2020-04-29 18:25:19.531740101 +0100
+--- orig/sqlite3.c	2020-05-07 10:06:07.867965765 +0100
++++ sqlite3.c	2020-05-07 10:08:55.333081159 +0100
 @@ -32446,6 +32446,10 @@
  # include <sys/mount.h>
  #endif
@@ -113,7 +113,7 @@
      goto initone_error_out;
    }
  
-@@ -164415,13 +164431,25 @@
+@@ -164418,13 +164434,25 @@
    ** module with sqlite.
    */
    if( SQLITE_OK==rc 
diff --git a/dist/orig/sqlite3.c b/dist/orig/sqlite3.c
index 7c9e386..163bbe9 100644
--- a/dist/orig/sqlite3.c
+++ b/dist/orig/sqlite3.c
@@ -1164,7 +1164,7 @@ extern "C" {
 */
 #define SQLITE_VERSION        "3.28.0"
 #define SQLITE_VERSION_NUMBER 3028000
-#define SQLITE_SOURCE_ID      "2020-01-17 15:33:47 b302b260ca9a4ca3d84771d9157fb1fc0b0e1ba175638f0c006cdf94f92a19c9"
+#define SQLITE_SOURCE_ID      "2020-05-06 18:46:38 b2325a6e1cfa19e9fd533c1f7dacfc8e5aa4f2e111fa066a5c7d3040418fc8ad"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -157797,6 +157797,9 @@ static int openDatabase(
 #if defined(SQLITE_DEFAULT_DEFENSIVE)
                  | SQLITE_Defensive
 #endif
+#if defined(SQLITE_DEFAULT_LEGACY_ALTER_TABLE)
+                 | SQLITE_LegacyAlter
+#endif
       ;
   sqlite3HashInit(&db->aCollSeq);
 #ifndef SQLITE_OMIT_VIRTUALTABLE
@@ -218334,7 +218337,7 @@ static void fts5SourceIdFunc(
 ){
   assert( nArg==0 );
   UNUSED_PARAM2(nArg, apUnused);
-  sqlite3_result_text(pCtx, "fts5: 2020-01-17 15:33:47 b302b260ca9a4ca3d84771d9157fb1fc0b0e1ba175638f0c006cdf94f92a19c9", -1, SQLITE_TRANSIENT);
+  sqlite3_result_text(pCtx, "fts5: 2020-05-06 18:46:38 b2325a6e1cfa19e9fd533c1f7dacfc8e5aa4f2e111fa066a5c7d3040418fc8ad", -1, SQLITE_TRANSIENT);
 }
 
 /*
@@ -223098,9 +223101,9 @@ SQLITE_API int sqlite3_stmt_init(
 #endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_STMTVTAB) */
 
 /************** End of stmt.c ************************************************/
-#if __LINE__!=223101
+#if __LINE__!=223104
 #undef SQLITE_SOURCE_ID
-#define SQLITE_SOURCE_ID      "2020-01-17 15:33:47 b302b260ca9a4ca3d84771d9157fb1fc0b0e1ba175638f0c006cdf94f92aalt2"
+#define SQLITE_SOURCE_ID      "2020-05-06 18:46:38 b2325a6e1cfa19e9fd533c1f7dacfc8e5aa4f2e111fa066a5c7d3040418falt2"
 #endif
 /* Return the source-id for this library */
 SQLITE_API const char *sqlite3_sourceid(void){ return SQLITE_SOURCE_ID; }
diff --git a/dist/orig/sqlite3.h b/dist/orig/sqlite3.h
index 37e56c8..2f9c25a 100644
--- a/dist/orig/sqlite3.h
+++ b/dist/orig/sqlite3.h
@@ -125,7 +125,7 @@ extern "C" {
 */
 #define SQLITE_VERSION        "3.28.0"
 #define SQLITE_VERSION_NUMBER 3028000
-#define SQLITE_SOURCE_ID      "2020-01-17 15:33:47 b302b260ca9a4ca3d84771d9157fb1fc0b0e1ba175638f0c006cdf94f92a19c9"
+#define SQLITE_SOURCE_ID      "2020-05-06 18:46:38 b2325a6e1cfa19e9fd533c1f7dacfc8e5aa4f2e111fa066a5c7d3040418fc8ad"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
diff --git a/dist/sqlite3.c b/dist/sqlite3.c
index d98218e..ede258f 100644
--- a/dist/sqlite3.c
+++ b/dist/sqlite3.c
@@ -1164,7 +1164,7 @@ extern "C" {
 */
 #define SQLITE_VERSION        "3.28.0"
 #define SQLITE_VERSION_NUMBER 3028000
-#define SQLITE_SOURCE_ID      "2020-01-17 15:33:47 b302b260ca9a4ca3d84771d9157fb1fc0b0e1ba175638f0c006cdf94f92a19c9"
+#define SQLITE_SOURCE_ID      "2020-05-06 18:46:38 b2325a6e1cfa19e9fd533c1f7dacfc8e5aa4f2e111fa066a5c7d3040418fc8ad"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -157813,6 +157813,9 @@ static int openDatabase(
 #if defined(SQLITE_DEFAULT_DEFENSIVE)
                  | SQLITE_Defensive
 #endif
+#if defined(SQLITE_DEFAULT_LEGACY_ALTER_TABLE)
+                 | SQLITE_LegacyAlter
+#endif
       ;
   sqlite3HashInit(&db->aCollSeq);
 #ifndef SQLITE_OMIT_VIRTUALTABLE
@@ -218362,7 +218365,7 @@ static void fts5SourceIdFunc(
 ){
   assert( nArg==0 );
   UNUSED_PARAM2(nArg, apUnused);
-  sqlite3_result_text(pCtx, "fts5: 2020-01-17 15:33:47 b302b260ca9a4ca3d84771d9157fb1fc0b0e1ba175638f0c006cdf94f92a19c9", -1, SQLITE_TRANSIENT);
+  sqlite3_result_text(pCtx, "fts5: 2020-05-06 18:46:38 b2325a6e1cfa19e9fd533c1f7dacfc8e5aa4f2e111fa066a5c7d3040418fc8ad", -1, SQLITE_TRANSIENT);
 }
 
 /*
@@ -223126,9 +223129,9 @@ SQLITE_API int sqlite3_stmt_init(
 #endif /* !defined(SQLITE_CORE) || defined(SQLITE_ENABLE_STMTVTAB) */
 
 /************** End of stmt.c ************************************************/
-#if __LINE__!=223101
+#if __LINE__!=223104
 #undef SQLITE_SOURCE_ID
-#define SQLITE_SOURCE_ID      "2020-01-17 15:33:47 b302b260ca9a4ca3d84771d9157fb1fc0b0e1ba175638f0c006cdf94f92aalt2"
+#define SQLITE_SOURCE_ID      "2020-05-06 18:46:38 b2325a6e1cfa19e9fd533c1f7dacfc8e5aa4f2e111fa066a5c7d3040418falt2"
 #endif
 /* Return the source-id for this library */
 SQLITE_API const char *sqlite3_sourceid(void){ return SQLITE_SOURCE_ID; }
diff --git a/dist/sqlite3.h b/dist/sqlite3.h
index 37e56c8..2f9c25a 100644
--- a/dist/sqlite3.h
+++ b/dist/sqlite3.h
@@ -125,7 +125,7 @@ extern "C" {
 */
 #define SQLITE_VERSION        "3.28.0"
 #define SQLITE_VERSION_NUMBER 3028000
-#define SQLITE_SOURCE_ID      "2020-01-17 15:33:47 b302b260ca9a4ca3d84771d9157fb1fc0b0e1ba175638f0c006cdf94f92a19c9"
+#define SQLITE_SOURCE_ID      "2020-05-06 18:46:38 b2325a6e1cfa19e9fd533c1f7dacfc8e5aa4f2e111fa066a5c7d3040418fc8ad"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
author	Zim <zezeozue@google.com>	2020-05-07 10:16:08 +0100
committer	Zimuzo Ezeozue <zezeozue@google.com>	2020-05-11 09:58:50 +0000
commit	88147c430cc041a27d07e593ffea12b7aa586f7a (patch)
tree	62abce96a859169074db03d9699cc10b58ce2720
parent	0f62c1a0e8b463b5b27035e11478e66d7daec69a (diff)