SQLite Forum

Timeline
Login

5 forum posts by user sentinel101

2020-07-08
19:16 Reply: SQLITE_HAS_CODE is gone? (artifact: ee33a693c8 user: sentinel101)

I was also very surprised to see that API was removed without any notice. It is a significant change that would, in my eyes, require some information in the release notes.

I know that there is the SEE extension but my company was very eager back then to use our own internal encryption library (which wraps a different OS project) and it worked flawless over the years.

So no updates in the foreseeable future ...

2020-04-20
08:36 Reply: Crash in sqlite3_open_v2 with SQLITE_HAS_CODEC (artifact: ee1c56cfbc user: sentinel101)

Yes, I saw that there were additional commits in this area after 3.31.1 but not release yet. So for now I switched back to 3.31.0.

2020-04-16
18:06 Edit: Crash in sqlite3_open_v2 with SQLITE_HAS_CODEC (artifact: 8d5eab48bc user: sentinel101)

In our application we define SQLITE_HAS_CODEC and use an own codec for encryption. After updating to 3.31.1 we have encountered crashes in the openDatabase function which is called by sqlite3_open_v2.

Crash happens here in openDatabase:

#if defined(SQLITE_HAS_CODEC)
  if( rc==SQLITE_OK ) sqlite3CodecQueryParameters(db, 0, zOpen);
#endif

At the crash site I see this code:

...
** This only works if the filename passed in was obtained from the Pager.
...
static const char *databaseName(const char *zName){
  while( zName[-1]!=0 || zName[-2]!=0 || zName[-3]!=0 || zName[-4]!=0 ){
    zName--;
  }
  return zName;
}

which walks into uninitialized memory and then crashes.

As zName is supposedly not coming from the Pager but through the direct usage of sqlite3_open_v2 this seems to be a bug.

The callstack of the crash is:

> FooBar.exe!databaseName(const char * zName) Line 163312 C
FooBar.exe!sqlite3_uri_parameter(const char * zFilename, const char * zParam) Line 163331 C
FooBar.exe!sqlite3CodecQueryParameters(sqlite3 * db, const char * zDb, const char * zUri) Line 162061 C
FooBar.exe!openDatabase(const char * zFilename, sqlite3 * * ppDb, unsigned int flags, const char * zVfs) Line 162467 C
[Inline Frame] FooBar.exe!sqlite3_open_v2(const char *) Line 162490 C++

17:28 Edit: Crash in sqlite3_open_v2 with SQLITE_HAS_CODEC (artifact: e1221e61d3 user: sentinel101)

In our application we define SQLITE_HAS_CODEC and use an own codec for encryption. After updating to 3.31.1 we have encountered crashes in the openDatabase function which is called by sqlite3_open_v2.

Crash happens here in openDatabase:

#if defined(SQLITE_HAS_CODEC)
  if( rc==SQLITE_OK ) sqlite3CodecQueryParameters(db, 0, zOpen);
#endif

At the crash site I see this code:

...
** This only works if the filename passed in was obtained from the Pager.
...
static const char *databaseName(const char *zName){
  while( zName[-1]!=0 || zName[-2]!=0 || zName[-3]!=0 || zName[-4]!=0 ){
    zName--;
  }
  return zName;
}

which walks into uninitialized memory and then crashes.

As zName is supposedly not coming from the Pager but through the direct usage of sqlite3_open_v2 this seems to be a bug.

16:17 Post: Crash in sqlite3_open_v2 with SQLITE_HAS_CODEC (artifact: cecab46cfc user: sentinel101)

In our application we define SQLITE_HAS_CODEC and use an own codec for encryption. After updating to 3.31.1 we have encountered crashes in the openDatabase function which is called by sqlite3_open_v2.

Crash happens here:

#if defined(SQLITE_HAS_CODEC)
  if( rc==SQLITE_OK ) sqlite3CodecQueryParameters(db, 0, zOpen);
#endif

It seems that the code here expects that a URI name was passed to sqlite3_open_v2. In our case we just use normal filenames ("C:\Users\Admin\Appdata....").

At the crash site I see this code:

static const char *databaseName(const char *zName){
  while( zName[-1]!=0 || zName[-2]!=0 || zName[-3]!=0 || zName[-4]!=0 ){
    zName--;
  }
  return zName;
}

which walks into uninitialized memory and then crashes.

Can someone confirm that you MUST use URI names when SQLITE_HAS_CODEC is on?