/ Check-in [5af61402]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Enhanced temp-file security under unix. There are no known attacks against prior versions - this check-in is just an added precaution. (CVS 3687)
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 5af61402f65bddc4040a20470f267c9404cba631
User & Date: drh 2007-03-15 01:16:48
Context
2007-03-15
12:05
Catch an IO error code that was being ignored in OP_RowData. (CVS 3688) check-in: 760ebf80 user: danielk1977 tags: trunk
01:16
Enhanced temp-file security under unix. There are no known attacks against prior versions - this check-in is just an added precaution. (CVS 3687) check-in: 5af61402 user: drh tags: trunk
2007-03-14
15:37
Modify the behaviour of writable_schema to ignore schema parsing errors. (CVS 3686) check-in: a8d6d935 user: danielk1977 tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/os_unix.c.

   860    860   int sqlite3UnixOpenExclusive(const char *zFilename, OsFile **pId, int delFlag){
   861    861     int h;
   862    862   
   863    863     CRASH_TEST_OVERRIDE(sqlite3CrashOpenExclusive, zFilename, pId, delFlag);
   864    864     assert( 0==*pId );
   865    865     h = open(zFilename,
   866    866                   O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW|O_LARGEFILE|O_BINARY,
   867         -                SQLITE_DEFAULT_FILE_PERMISSIONS);
          867  +                delFlag ? 0600 : SQLITE_DEFAULT_FILE_PERMISSIONS);
   868    868     if( h<0 ){
   869    869       return SQLITE_CANTOPEN;
   870    870     }
   871    871     return allocateUnixFile(h, pId, zFilename, delFlag);
   872    872   }
   873    873   
   874    874   /*

Changes to src/pager.c.

    14     14   ** The pager is used to access a database disk file.  It implements
    15     15   ** atomic commit and rollback through the use of a journal file that
    16     16   ** is separate from the database file.  The pager also implements file
    17     17   ** locking to prevent two processes from writing the same database
    18     18   ** file simultaneously, or one process from reading the database while
    19     19   ** another is writing.
    20     20   **
    21         -** @(#) $Id: pager.c,v 1.286 2007/03/06 13:46:00 danielk1977 Exp $
           21  +** @(#) $Id: pager.c,v 1.287 2007/03/15 01:16:48 drh Exp $
    22     22   */
    23     23   #ifndef SQLITE_OMIT_DISKIO
    24     24   #include "sqliteInt.h"
    25     25   #include "os.h"
    26     26   #include "pager.h"
    27     27   #include <assert.h>
    28     28   #include <string.h>
................................................................................
  1565   1565   ** testing and analysis only.  
  1566   1566   */
  1567   1567   #ifdef SQLITE_TEST
  1568   1568   int sqlite3_opentemp_count = 0;
  1569   1569   #endif
  1570   1570   
  1571   1571   /*
  1572         -** Open a temporary file.  Write the name of the file into zFile
  1573         -** (zFile must be at least SQLITE_TEMPNAME_SIZE bytes long.)  Write
  1574         -** the file descriptor into *fd.  Return SQLITE_OK on success or some
         1572  +** Open a temporary file. 
         1573  +**
         1574  +** Write the file descriptor into *fd.  Return SQLITE_OK on success or some
  1575   1575   ** other error code if we fail.
  1576   1576   **
  1577   1577   ** The OS will automatically delete the temporary file when it is
  1578   1578   ** closed.
  1579   1579   */
  1580         -static int sqlite3pager_opentemp(char *zFile, OsFile **pFd){
         1580  +static int sqlite3pager_opentemp(OsFile **pFd){
  1581   1581     int cnt = 8;
  1582   1582     int rc;
         1583  +  char zFile[SQLITE_TEMPNAME_SIZE];
         1584  +
  1583   1585   #ifdef SQLITE_TEST
  1584   1586     sqlite3_opentemp_count++;  /* Used for testing and analysis only */
  1585   1587   #endif
  1586   1588     do{
  1587   1589       cnt--;
  1588   1590       sqlite3OsTempFileName(zFile);
  1589   1591       rc = sqlite3OsOpenExclusive(zFile, pFd, 1);
................................................................................
  1658   1660       {
  1659   1661         zFullPathname = sqlite3OsFullPathname(zFilename);
  1660   1662         if( zFullPathname ){
  1661   1663           rc = sqlite3OsOpenReadWrite(zFullPathname, &fd, &readOnly);
  1662   1664         }
  1663   1665       }
  1664   1666     }else{
  1665         -    rc = sqlite3pager_opentemp(zTemp, &fd);
         1667  +    rc = sqlite3pager_opentemp(&fd);
         1668  +    sqlite3OsTempFileName(zTemp);
  1666   1669       zFilename = zTemp;
  1667   1670       zFullPathname = sqlite3OsFullPathname(zFilename);
  1668   1671       if( rc==SQLITE_OK ){
  1669   1672         tempFile = 1;
  1670   1673       }
  1671   1674     }
  1672   1675   
................................................................................
  3555   3558   **
  3556   3559   ** This routine should be called with the transaction journal already
  3557   3560   ** open.  A new statement journal is created that can be used to rollback
  3558   3561   ** changes of a single SQL command within a larger transaction.
  3559   3562   */
  3560   3563   int sqlite3pager_stmt_begin(Pager *pPager){
  3561   3564     int rc;
  3562         -  char zTemp[SQLITE_TEMPNAME_SIZE];
  3563   3565     assert( !pPager->stmtInUse );
  3564   3566     assert( pPager->state>=PAGER_SHARED );
  3565   3567     assert( pPager->dbSize>=0 );
  3566   3568     TRACE2("STMT-BEGIN %d\n", PAGERID(pPager));
  3567   3569     if( MEMDB ){
  3568   3570       pPager->stmtInUse = 1;
  3569   3571       pPager->stmtSize = pPager->dbSize;
................................................................................
  3585   3587     assert( pPager->stmtJSize == pPager->journalOff );
  3586   3588   #endif
  3587   3589     pPager->stmtJSize = pPager->journalOff;
  3588   3590     pPager->stmtSize = pPager->dbSize;
  3589   3591     pPager->stmtHdrOff = 0;
  3590   3592     pPager->stmtCksum = pPager->cksumInit;
  3591   3593     if( !pPager->stmtOpen ){
  3592         -    rc = sqlite3pager_opentemp(zTemp, &pPager->stfd);
         3594  +    rc = sqlite3pager_opentemp(&pPager->stfd);
  3593   3595       if( rc ) goto stmt_begin_failed;
  3594   3596       pPager->stmtOpen = 1;
  3595   3597       pPager->stmtNRec = 0;
  3596   3598     }
  3597   3599     pPager->stmtInUse = 1;
  3598   3600     return SQLITE_OK;
  3599   3601