Harden sqlite_schema predicates for quoted identifiers#5682
Merged
PThorpe92 merged 6 commits intotursodatabase:mainfrom Mar 12, 2026
Merged
Harden sqlite_schema predicates for quoted identifiers#5682PThorpe92 merged 6 commits intotursodatabase:mainfrom
PThorpe92 merged 6 commits intotursodatabase:mainfrom
Conversation
kumarUjjawal
requested review from
jussisaurio,
penberg and
pereman2
as code owners
![turso-bot[bot]](https://avatars.githubusercontent.com/in/2434523?s=60&v=4){kind=small}
sivukhin
requested changes
Mar 2, 2026
Collaborator
sivukhin
left a comment
sivukhin
left a comment
There was a problem hiding this comment.
@kumarUjjawal , thanks for the contribution.
I left one minor comment about one more extra test we can add for the bug you fixed
| /// `CREATE TABLE t (x)`, whereas sqlite stores it with the original extra whitespace. | ||
| pub fn to_sql(&self) -> String { | ||
| let mut sql = format!("CREATE TABLE {} (", self.name); | ||
| let mut sql = format!("CREATE TABLE {} (", quote_ident(&self.name)); |
Collaborator
There was a problem hiding this comment.
This is a fix for one more bug I think:
$> tursodb bug.db turso> CREATE TABLE "t t"("a a" TEXT, "b b" TEXT);
turso> ALTER TABLE "t t" ADD COLUMN "c c" TEXT;
$> tursodb bug.db
Error: unexpected token 't' at offset 15Note, that reproducer requires restart of the DB.
Let's add test for this bug too
Merging this PR will not alter performance
Comparing 
Footnotes
|
sivukhin
approved these changes
Mar 4, 2026
penberg
pushed a commit
that referenced
this pull request
Mar 13, 2026
…umar Ujjawal
There was a schema corruption/injection paths caused by quoted
identifiers containing `'` in internal schema maintenance SQL.
Changes included:
- Added a shared SQL string-literal escape helper and used it for
internal `sqlite_schema` predicates in:
- `ParseSchema` filters for create table/index/view/trigger paths
- `ALTER TABLE` schema row update predicates (`WHERE name = ...`)
- CDC version table lookups using table-name literals
- Fixed `ADD COLUMN` runtime schema update to use normalized table-
name lookup.
Issue #5632 showed that crafted quoted table names could break internal
schema predicate matching and cause incorrect schema reparsing/rewrites,
leading to malformed/corrupt database state.
Closes #5632
Reviewed-by: Nikita Sivukhin (@sivukhin)
Closes #5682
(cherry picked from commit a128d7f)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
There was a schema corruption/injection paths caused by quoted identifiers containing
'in internal schema maintenance SQL.Changes included:
sqlite_schemapredicates in:ParseSchemafilters for create table/index/view/trigger pathsALTER TABLEschema row update predicates (WHERE name = ...)ADD COLUMNruntime schema update to use normalized table-name lookup.Motivation and context
Issue #5632 showed that crafted quoted table names could break internal schema predicate matching and cause incorrect schema reparsing/rewrites, leading to malformed/corrupt database state.
Closes #5632
Description of AI Usage