From 5804d7434e4f60e98c94a6862ec4c1d068ec0650 Mon Sep 17 00:00:00 2001 From: Nayeem Rahman Date: Wed, 22 Mar 2023 10:49:29 +0000 Subject: fix(ext/kv): don't request permissions for ":memory:" (#18346) Currently `Deno.openKv(":memory:")` requests read+write permissions for `./:memory:` even though no file is read or written. Also added some guards for special sqlite paths that were unintentionally opted into. --- ext/kv/sqlite.rs | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'ext/kv/sqlite.rs') diff --git a/ext/kv/sqlite.rs b/ext/kv/sqlite.rs index 82ff8f8e2..17634127f 100644 --- a/ext/kv/sqlite.rs +++ b/ext/kv/sqlite.rs @@ -12,6 +12,7 @@ use deno_core::error::type_error; use deno_core::error::AnyError; use deno_core::OpState; use rusqlite::params; +use rusqlite::OpenFlags; use rusqlite::OptionalExtension; use rusqlite::Transaction; @@ -111,10 +112,18 @@ impl DatabaseHandler for SqliteDbHandler

{ path: Option, ) -> Result { let conn = match (path.as_deref(), &self.default_storage_dir) { - (Some(":memory:") | None, None) => { + (Some(":memory:"), _) | (None, None) => { rusqlite::Connection::open_in_memory()? } (Some(path), _) => { + if path.is_empty() { + return Err(type_error("Filename cannot be empty")); + } + if path.starts_with(':') { + return Err(type_error( + "Filename cannot start with ':' unless prefixed with './'", + )); + } let path = Path::new(path); { let mut state = state.borrow_mut(); @@ -122,7 +131,8 @@ impl DatabaseHandler for SqliteDbHandler

{ permissions.check_read(path, "Deno.openKv")?; permissions.check_write(path, "Deno.openKv")?; } - rusqlite::Connection::open(path)? + let flags = OpenFlags::default().difference(OpenFlags::SQLITE_OPEN_URI); + rusqlite::Connection::open_with_flags(path, flags)? } (None, Some(path)) => { std::fs::create_dir_all(path)?; -- cgit v1.2.3