[Python-checkins] bpo-43434: Move sqlite3.connect audit events to sqlite3.Connection.__init__ (GH-25818)
zooba
webhook-mailer at python.org
Sun May 2 18:55:37 EDT 2021
https://github.com/python/cpython/commit/10665ac37313560fe87460cf4a5c26677049bf62
commit: 10665ac37313560fe87460cf4a5c26677049bf62
branch: 3.8
author: Erlend Egeberg Aasland <erlend.aasland at innova.no>
committer: zooba <steve.dower at microsoft.com>
date: 2021-05-02T23:55:33+01:00
summary:
bpo-43434: Move sqlite3.connect audit events to sqlite3.Connection.__init__ (GH-25818)
(cherry picked from commit c96cc089f60d2bf7e003c27413c3239ee9de2990)
Co-authored-by: Erlend Egeberg Aasland <erlend.aasland at innova.no>
files:
A Misc/NEWS.d/next/Security/2021-05-02-17-50-23.bpo-43434.cy7xz6.rst
M Modules/_sqlite/connection.c
M Modules/_sqlite/module.c
diff --git a/Misc/NEWS.d/next/Security/2021-05-02-17-50-23.bpo-43434.cy7xz6.rst b/Misc/NEWS.d/next/Security/2021-05-02-17-50-23.bpo-43434.cy7xz6.rst
new file mode 100644
index 00000000000000..28b7fc53853405
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2021-05-02-17-50-23.bpo-43434.cy7xz6.rst
@@ -0,0 +1,4 @@
+Creating a :class:`sqlite3.Connection` object now also produces
+a ``sqlite3.connect`` :ref:`auditing event <auditing>`.
+Previously this event was only produced by :func:`sqlite3.connect`
+calls. Patch by Erlend E. Aasland.
diff --git a/Modules/_sqlite/connection.c b/Modules/_sqlite/connection.c
index b6188a36733ef3..d1d5f9fd07cd7e 100644
--- a/Modules/_sqlite/connection.c
+++ b/Modules/_sqlite/connection.c
@@ -98,6 +98,10 @@ int pysqlite_connection_init(pysqlite_Connection* self, PyObject* args, PyObject
return -1;
}
+ if (PySys_Audit("sqlite3.connect", "O", database_obj) < 0) {
+ return -1;
+ }
+
database = PyBytes_AsString(database_obj);
self->initialized = 1;
diff --git a/Modules/_sqlite/module.c b/Modules/_sqlite/module.c
index 9fe0dc952f0b82..d3ce2839eecc3c 100644
--- a/Modules/_sqlite/module.c
+++ b/Modules/_sqlite/module.c
@@ -71,8 +71,6 @@ static PyObject* module_connect(PyObject* self, PyObject* args, PyObject*
int uri = 0;
double timeout = 5.0;
- PyObject* result;
-
if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O|diOiOip", kwlist,
&database, &timeout, &detect_types,
&isolation_level, &check_same_thread,
@@ -85,13 +83,7 @@ static PyObject* module_connect(PyObject* self, PyObject* args, PyObject*
factory = (PyObject*)&pysqlite_ConnectionType;
}
- if (PySys_Audit("sqlite3.connect", "O", database) < 0) {
- return NULL;
- }
-
- result = PyObject_Call(factory, args, kwargs);
-
- return result;
+ return PyObject_Call(factory, args, kwargs);
}
PyDoc_STRVAR(module_connect_doc,
More information about the Python-checkins
mailing list