Skip to content

Commit

Permalink
Fix issue utelle#165
Browse files Browse the repository at this point in the history
For some configurations the rekey function did not enforce the page size and the number of reserved bytes of the database after finishing the rekeying operation. This could lead to corrupted databases.
  • Loading branch information
utelle committed Jun 6, 2024
1 parent 56ac1e2 commit efdb694
Show file tree
Hide file tree
Showing 5 changed files with 34 additions and 1 deletion.
16 changes: 16 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# This is the EditorConfig (http://editorconfig.org/) coding style file for
# SQLite3 Multiple Ciphers.

root = true

[*]
charset = utf-8
end_of_line = lf
insert_final_newline = true
indent_style = space
indent_size = 2
trim_trailing_whitespace = true

[makefile.*]
indent_style = tab
indent_size = 8
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Fixed issue [#158](../../issues/158)) - add check to verify compatibility of source and target database in backup operation
- Fixed issue [#160](../../issues/160)) - fix accessing memory out of array bounds
- Fixed issue [#162](../../issues/162)) - fix loading/storing misaligned data
- Fixed issue [#165](../../issues/165)) - fix rekey function by enforcing page size and number of reserved bytes per page
- Fixed issue [#166](../../issues/166)) - missing attribute SQLITE_PRIVATE for several internal functions

## [1.8.5] - 2024-05-24
Expand Down
2 changes: 1 addition & 1 deletion configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ dnl Copyright (C) 2019-2024 Ulrich Telle <ulrich@telle-online.de>
dnl
dnl This file is covered by the same licence as the entire SQLite3 Multiple Ciphers package.

AC_INIT([sqlite3mc], [1.8.5], [ulrich@telle-online.de])
AC_INIT([sqlite3mc], [1.8.6], [ulrich@telle-online.de])

dnl This is the version tested with, might work with earlier ones.
AC_PREREQ([2.69])
Expand Down
1 change: 1 addition & 0 deletions readme.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ The code was mainly developed under Windows, but was tested under Linux as well.

* 1.8.5 - *May 2024*
- Based on SQLite version 3.46.0
- Disable user authentication extension by default

For further version information please consult the [CHANGELOG](CHANGELOG.md).

Expand Down
15 changes: 15 additions & 0 deletions src/codecext.c
Original file line number Diff line number Diff line change
Expand Up @@ -378,6 +378,7 @@ sqlite3_rekey_v2(sqlite3* db, const char* zDbName, const void* zKey, int nKey)
int nReserved;
Pager* pPager;
Codec* codec;
int codecAllocated = 0;
int rc = SQLITE_ERROR;
if (zKey != NULL && nKey < 0)
{
Expand Down Expand Up @@ -425,6 +426,7 @@ sqlite3_rekey_v2(sqlite3* db, const char* zDbName, const void* zKey, int nKey)
/* Database not encrypted, but key specified, therefore encrypt database */
if (codec == NULL)
{
codecAllocated = 1;
codec = (Codec*) sqlite3_malloc(sizeof(Codec));
rc = (codec != NULL) ? sqlite3mcCodecInit(codec) : SQLITE_NOMEM;
}
Expand Down Expand Up @@ -469,6 +471,11 @@ sqlite3_rekey_v2(sqlite3* db, const char* zDbName, const void* zKey, int nKey)
}
else
{
sqlite3_mutex_leave(db->mutex);
if (codecAllocated)
{
sqlite3mcCodecFree(codec);
}
return rc;
}
}
Expand Down Expand Up @@ -578,13 +585,21 @@ sqlite3_rekey_v2(sqlite3* db, const char* zDbName, const void* zKey, int nKey)
/* Set read key equal to write key if necessary */
if (sqlite3mcHasWriteCipher(codec))
{
/* Set Read cipher equal to Write cipher */
sqlite3mcCopyCipher(codec, 0);
sqlite3mcSetHasReadCipher(codec, 1);

/* Enforce page size and number of reserved bytes per page */
int pageSize = sqlite3mcGetPageSizeWriteCipher(codec);
int reserved = sqlite3mcGetReservedWriteCipher(codec);
mcAdjustBtree(pBt, pageSize, reserved, sqlite3mcGetLegacyWriteCipher(codec));
sqlite3mcCodecSizeChange(codec, pageSize, reserved);
}
else
{
sqlite3mcSetIsEncrypted(codec, 0);
}
mcReportCodecError(sqlite3mcGetBtShared(codec), rc);
}
else
{
Expand Down

0 comments on commit efdb694

Please sign in to comment.