[tracker/wip/carlosg/photos-fixes: 4/6] libtracker-data: Do not leak variables when using ValuesClause in select

[Carlos Garnacho <carlosg src gnome org>]

commit 1206972d17cf87e6143c926cd2ea8a57ac9a8257
Author: Carlos Garnacho <carlosg gnome org>
Date:   Fri Aug 21 15:09:54 2020 +0200

    libtracker-data: Do not leak variables when using ValuesClause in select
    
    If ValuesClause is used in the topmost select, we surround the generated
    query with a "SELECT * FROM (...) NATURAL INNER JOIN $values_subselect",
    this makes the "SELECT *" the topmost query, and leaks variables from the
    right hand side that are not meant to be in the resultset.
    
    Avoid doing this as a nested subselect if ValuesClause were in the topmost
    select, so that we return the expected avariables.

 src/libtracker-data/tracker-sparql.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)
---
diff --git a/src/libtracker-data/tracker-sparql.c b/src/libtracker-data/tracker-sparql.c
index 1b369247c..a0cff5047 100644
--- a/src/libtracker-data/tracker-sparql.c
+++ b/src/libtracker-data/tracker-sparql.c
@@ -3708,8 +3708,19 @@ translate_ValuesClause (TrackerSparql  *sparql,
        /* ValuesClause ::= ( 'VALUES' DataBlock )?
         */
        if (_accept (sparql, RULE_TYPE_LITERAL, LITERAL_VALUES)) {
-               _prepend_string (sparql, "SELECT * FROM (");
-               _append_string (sparql, ") NATURAL INNER JOIN (");
+               if (sparql->current_state.context == sparql->context) {
+                       /* ValuesClause happens at the end of a select, if
+                        * this is the topmost one, we won't have further
+                        * SELECT clauses above us to clamp the result set,
+                        * and we don't want the right hand side variables
+                        * to leak into it.
+                        */
+                       _append_string (sparql, "NATURAL INNER JOIN (");
+               } else {
+                       _prepend_string (sparql, "SELECT * FROM (");
+                       _append_string (sparql, ") NATURAL INNER JOIN (");
+               }
+
                _call_rule (sparql, NAMED_RULE_DataBlock, error);
                _append_string (sparql, ") ");
        }