From a7e5d7d92d2a47e0fe16e13ac3654e73677f8ba3 Mon Sep 17 00:00:00 2001
From: fedir <f.kovalyoff@tutanota.de>
Date: Tue, 20 May 2025 10:50:58 +0200
Subject: [PATCH] Fixed undefined order of permissions

---
 src/perm_permissions_table.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/perm_permissions_table.c b/src/perm_permissions_table.c
index dc088ff..a2a45d7 100644
--- a/src/perm_permissions_table.c
+++ b/src/perm_permissions_table.c
@@ -212,14 +212,20 @@ access_t check_perm_access_noparent(const char *filename,
 
   access_t ret = NDEF;
   sqlite3_stmt *stmt = NULL;
-  const char *sql = "SELECT mode FROM permissions WHERE executable = ?1 "
-                    "AND (( ?2 LIKE CONCAT(filename, \'%\') AND filename "
-                    "GLOB \'*/\') OR filename = ?2 );";
+  const char *sql =
+      "SELECT mode FROM permissions WHERE executable = ?1 "
+      "AND (( ?2 LIKE CONCAT(filename, \'%\') AND filename "
+      "GLOB \'*/\') OR filename = ?2 ) ORDER BY LENGTH( filename ) DESC;";
   sqlite3_prepare_v2(perm_database, sql, -1, &stmt, NULL);
   sqlite3_bind_text(stmt, 1, pi.name, -1, SQLITE_STATIC);
   sqlite3_bind_text(stmt, 2, filename, -1, SQLITE_STATIC);
 
   int step_ret = sqlite3_step(stmt);
+  if (step_ret != SQLITE_ROW && step_ret != SQLITE_DONE) {
+    fprintf(stderr, "SQLite error: %s\n", sqlite3_errstr(step_ret));
+    sqlite3_finalize(stmt);
+    return ret;
+  }
   if (step_ret == SQLITE_ROW) {
     int mode_col = sqlite3_column_int(stmt, 0);
     if (mode_col) {
@@ -227,8 +233,6 @@ access_t check_perm_access_noparent(const char *filename,
     } else {
       ret = DENY;
     }
-  } else {
-    fprintf(stderr, "SQLite error: %s\n", sqlite3_errstr(step_ret));
   }
   sqlite3_finalize(stmt);