On Thu, Dec 03, 2009 at 11:16:43PM +0100, Jean-Christophe Deschamps scratched
on the wall:
>
>> > Does Adobe actually filter out statements similar to:
>> >
>> > select sqlite3_load_extension('mylibrary', 'entrypoint');
>>
>>
>> It is much more likely they simply do not call the C function
>> sqlite3_enable_load_extension( ) either on purpose, or just as an
>> oversight.
>
> I don't know this product but those are two distinct things in my view.
They are distinct, but _loadable_ extensions are off by default.
All types of loadable extensions must be explicitly enabled via that
API call for security reasons. The sqlite3 shell does this.
If extensions are not explicitly enabled, neither the C API call
sqlite3_load_extension(), nor the SQL call load_extension() will work.
> Another possibility is that they have included only part of SQLite in
> their compiled product
Or, simply forgotten to enable selected function. Maybe on accident,
maybe on purpose. If they're intercepting and canceling PRAGMA
commands, they likely did it on purpose.
Regardless, it is an application issue, not an SQLite one.
-j
--
Jay A. Kreibich < J A Y @ K R E I B I.C H >
"Our opponent is an alien starship packed with atomic bombs. We have
a protractor." "I'll go home and see if I can scrounge up a ruler
and a piece of string." --from Anathem by Neal Stephenson
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
