/ Check-in [c297a84b]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Add the SQLITE_ENABLE_API_ARMOR compile-time option. This is a work in progress and is not yet completely functional.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | api-armor
Files: files | file ages | folders
SHA1: c297a84bc678f81ffc0aa9139ab73f0ca87c1971
User & Date: drh 2014-10-24 00:35:58
Context
2014-10-24
12:37
Fix two problems. Tests now passing. Closed-Leaf check-in: 1c220b80 user: drh tags: api-armor
00:35
Add the SQLITE_ENABLE_API_ARMOR compile-time option. This is a work in progress and is not yet completely functional. check-in: c297a84b user: drh tags: api-armor
2014-10-23
01:01
Implement sqlite3_create_collation() by invoking sqlite3_create_collation_v2() with a NULL destructor argument. This saves a little space. check-in: 9762ad06 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/auth.c.

    68     68   ** setting of the auth function is NULL.
    69     69   */
    70     70   int sqlite3_set_authorizer(
    71     71     sqlite3 *db,
    72     72     int (*xAuth)(void*,int,const char*,const char*,const char*,const char*),
    73     73     void *pArg
    74     74   ){
           75  +#ifdef SQLITE_ENABLE_API_ARMOR
           76  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
           77  +#endif
    75     78     sqlite3_mutex_enter(db->mutex);
    76     79     db->xAuth = (sqlite3_xauth)xAuth;
    77     80     db->pAuthArg = pArg;
    78     81     sqlite3ExpirePreparedStatements(db);
    79     82     sqlite3_mutex_leave(db->mutex);
    80     83     return SQLITE_OK;
    81     84   }

Changes to src/backup.c.

   133    133   sqlite3_backup *sqlite3_backup_init(
   134    134     sqlite3* pDestDb,                     /* Database to write to */
   135    135     const char *zDestDb,                  /* Name of database within pDestDb */
   136    136     sqlite3* pSrcDb,                      /* Database connection to read from */
   137    137     const char *zSrcDb                    /* Name of database within pSrcDb */
   138    138   ){
   139    139     sqlite3_backup *p;                    /* Value to return */
          140  +
          141  +#ifdef SQLITE_ENABLE_API_ARMOR
          142  +  if( !sqlite3SafetyCheckOk(pSrcDb)||!sqlite3SafetyCheckOk(pDestDb) ){
          143  +    (void)SQLITE_MISUSE_BKPT;
          144  +    return 0;
          145  +  }
          146  +#endif
   140    147   
   141    148     /* Lock the source database handle. The destination database
   142    149     ** handle is not locked in this routine, but it is locked in
   143    150     ** sqlite3_backup_step(). The user is required to ensure that no
   144    151     ** other thread accesses the destination handle for the duration
   145    152     ** of the backup operation.  Any attempt to use the destination
   146    153     ** database connection while a backup is in progress may cause
................................................................................
   330    337   */
   331    338   int sqlite3_backup_step(sqlite3_backup *p, int nPage){
   332    339     int rc;
   333    340     int destMode;       /* Destination journal mode */
   334    341     int pgszSrc = 0;    /* Source page size */
   335    342     int pgszDest = 0;   /* Destination page size */
   336    343   
          344  +#ifdef SQLITE_ENABLE_API_ARMOR
          345  +  if( p==0 ) return SQLITE_MISUSE_BKPT;
          346  +#endif
   337    347     sqlite3_mutex_enter(p->pSrcDb->mutex);
   338    348     sqlite3BtreeEnter(p->pSrc);
   339    349     if( p->pDestDb ){
   340    350       sqlite3_mutex_enter(p->pDestDb->mutex);
   341    351     }
   342    352   
   343    353     rc = p->rc;
................................................................................
   619    629   }
   620    630   
   621    631   /*
   622    632   ** Return the number of pages still to be backed up as of the most recent
   623    633   ** call to sqlite3_backup_step().
   624    634   */
   625    635   int sqlite3_backup_remaining(sqlite3_backup *p){
          636  +#ifdef SQLITE_ENABLE_API_ARMOR
          637  +  if( p==0 ){
          638  +    (void)SQLITE_MISUSE_BKPT;
          639  +    return 0;
          640  +  }
          641  +#endif
   626    642     return p->nRemaining;
   627    643   }
   628    644   
   629    645   /*
   630    646   ** Return the total number of pages in the source database as of the most 
   631    647   ** recent call to sqlite3_backup_step().
   632    648   */
   633    649   int sqlite3_backup_pagecount(sqlite3_backup *p){
          650  +#ifdef SQLITE_ENABLE_API_ARMOR
          651  +  if( p==0 ){
          652  +    (void)SQLITE_MISUSE_BKPT;
          653  +    return 0;
          654  +  }
          655  +#endif
   634    656     return p->nPagecount;
   635    657   }
   636    658   
   637    659   /*
   638    660   ** This function is called after the contents of page iPage of the
   639    661   ** source database have been modified. If page iPage has already been 
   640    662   ** copied into the destination database, then the data written to the

Changes to src/build.c.

   303    303   ** auxiliary databases added using the ATTACH command.
   304    304   **
   305    305   ** See also sqlite3LocateTable().
   306    306   */
   307    307   Table *sqlite3FindTable(sqlite3 *db, const char *zName, const char *zDatabase){
   308    308     Table *p = 0;
   309    309     int i;
   310         -  assert( zName!=0 );
          310  +
          311  +#ifdef SQLITE_ENABLE_API_ARMOR
          312  +  if( !sqlite3SafetyCheckOk(db) || zName==0 ) return 0;
          313  +#endif
          314  +
   311    315     /* All mutexes are required for schema access.  Make sure we hold them. */
   312    316     assert( zDatabase!=0 || sqlite3BtreeHoldsAllMutexes(db) );
   313    317   #if SQLITE_USER_AUTHENTICATION
   314    318     /* Only the admin user is allowed to know that the sqlite_user table
   315    319     ** exists */
   316    320     if( db->auth.authLevel<UAUTH_Admin && sqlite3UserAuthTable(zName)!=0 ){
   317    321       return 0;

Changes to src/complete.c.

   100    100   ** If we compile with SQLITE_OMIT_TRIGGER, all of the computation needed
   101    101   ** to recognize the end of a trigger can be omitted.  All we have to do
   102    102   ** is look for a semicolon that is not part of an string or comment.
   103    103   */
   104    104   int sqlite3_complete(const char *zSql){
   105    105     u8 state = 0;   /* Current state, using numbers defined in header comment */
   106    106     u8 token;       /* Value of the next token */
          107  +
          108  +#ifdef SQLITE_ENABLE_API_ARMOR
          109  +  if( zSql==0 ){
          110  +    (void)SQLITE_MISUSE_BKPT;
          111  +    return 0;
          112  +  }
          113  +#endif
   107    114   
   108    115   #ifndef SQLITE_OMIT_TRIGGER
   109    116     /* A complex statement machine used to detect the end of a CREATE TRIGGER
   110    117     ** statement.  This is the normal case.
   111    118     */
   112    119     static const u8 trans[8][8] = {
   113    120                        /* Token:                                                */

Changes to src/ctime.c.

    58     58     "DEFAULT_MMAP_SIZE=" CTIMEOPT_VAL(SQLITE_DEFAULT_MMAP_SIZE),
    59     59   #endif
    60     60   #ifdef SQLITE_DISABLE_DIRSYNC
    61     61     "DISABLE_DIRSYNC",
    62     62   #endif
    63     63   #ifdef SQLITE_DISABLE_LFS
    64     64     "DISABLE_LFS",
           65  +#endif
           66  +#ifdef SQLITE_ENABLE_API_ARMOR
           67  +  "ENABLE_API_ARMOR",
    65     68   #endif
    66     69   #ifdef SQLITE_ENABLE_ATOMIC_WRITE
    67     70     "ENABLE_ATOMIC_WRITE",
    68     71   #endif
    69     72   #ifdef SQLITE_ENABLE_CEROD
    70     73     "ENABLE_CEROD",
    71     74   #endif
................................................................................
   384    387   ** was used and false if not.
   385    388   **
   386    389   ** The name can optionally begin with "SQLITE_" but the "SQLITE_" prefix
   387    390   ** is not required for a match.
   388    391   */
   389    392   int sqlite3_compileoption_used(const char *zOptName){
   390    393     int i, n;
          394  +
          395  +#ifdef SQLITE_ENABLE_API_ARMORE
          396  +  if( zOptName==0 ){
          397  +    (void)SQLITE_MISUSE_BKPT;
          398  +    return 0;
          399  +  }
          400  +#endif
   391    401     if( sqlite3StrNICmp(zOptName, "SQLITE_", 7)==0 ) zOptName += 7;
   392    402     n = sqlite3Strlen30(zOptName);
   393    403   
   394    404     /* Since ArraySize(azCompileOpt) is normally in single digits, a
   395    405     ** linear search is adequate.  No need for a binary search. */
   396    406     for(i=0; i<ArraySize(azCompileOpt); i++){
   397    407       if( sqlite3StrNICmp(zOptName, azCompileOpt[i], n)==0

Changes to src/main.c.

   594    594     return SQLITE_OK;
   595    595   }
   596    596   
   597    597   /*
   598    598   ** Return the mutex associated with a database connection.
   599    599   */
   600    600   sqlite3_mutex *sqlite3_db_mutex(sqlite3 *db){
          601  +#ifdef SQLITE_ENABLE_API_ARMOR
          602  +  if( !sqlite3SafetyCheckOk(db) ){
          603  +    (void)SQLITE_MISUSE_BKPT;
          604  +    return 0;
          605  +  }
          606  +#endif
   601    607     return db->mutex;
   602    608   }
   603    609   
   604    610   /*
   605    611   ** Free up as much memory as we can from the given database
   606    612   ** connection.
   607    613   */
   608    614   int sqlite3_db_release_memory(sqlite3 *db){
   609    615     int i;
          616  +
          617  +#ifdef SQLITE_ENABLE_API_ARMOR
          618  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
          619  +#endif
   610    620     sqlite3_mutex_enter(db->mutex);
   611    621     sqlite3BtreeEnterAll(db);
   612    622     for(i=0; i<db->nDb; i++){
   613    623       Btree *pBt = db->aDb[i].pBt;
   614    624       if( pBt ){
   615    625         Pager *pPager = sqlite3BtreePager(pBt);
   616    626         sqlite3PagerShrink(pPager);
................................................................................
   733    743     return r;
   734    744   }
   735    745   
   736    746   /*
   737    747   ** Return the ROWID of the most recent insert
   738    748   */
   739    749   sqlite_int64 sqlite3_last_insert_rowid(sqlite3 *db){
          750  +#ifdef SQLITE_ENABLE_API_ARMOR
          751  +  if( !sqlite3SafetyCheckOk(db) ){
          752  +    (void)SQLITE_MISUSE_BKPT;
          753  +    return 0;
          754  +  }
          755  +#endif
   740    756     return db->lastRowid;
   741    757   }
   742    758   
   743    759   /*
   744    760   ** Return the number of changes in the most recent call to sqlite3_exec().
   745    761   */
   746    762   int sqlite3_changes(sqlite3 *db){
          763  +#ifdef SQLITE_ENABLE_API_ARMOR
          764  +  if( !sqlite3SafetyCheckOk(db) ){
          765  +    (void)SQLITE_MISUSE_BKPT;
          766  +    return 0;
          767  +  }
          768  +#endif
   747    769     return db->nChange;
   748    770   }
   749    771   
   750    772   /*
   751    773   ** Return the number of changes since the database handle was opened.
   752    774   */
   753    775   int sqlite3_total_changes(sqlite3 *db){
          776  +#ifdef SQLITE_ENABLE_API_ARMOR
          777  +  if( !sqlite3SafetyCheckOk(db) ){
          778  +    (void)SQLITE_MISUSE_BKPT;
          779  +    return 0;
          780  +  }
          781  +#endif
   754    782     return db->nTotalChange;
   755    783   }
   756    784   
   757    785   /*
   758    786   ** Close all open savepoints. This function only manipulates fields of the
   759    787   ** database handle object, it does not close any savepoints that may be open
   760    788   ** at the b-tree/pager level.
................................................................................
  1292   1320   ** given callback function with the given argument.
  1293   1321   */
  1294   1322   int sqlite3_busy_handler(
  1295   1323     sqlite3 *db,
  1296   1324     int (*xBusy)(void*,int),
  1297   1325     void *pArg
  1298   1326   ){
         1327  +#ifdef SQLITE_ENABLE_API_ARMOR
         1328  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE;
         1329  +#endif
  1299   1330     sqlite3_mutex_enter(db->mutex);
  1300   1331     db->busyHandler.xFunc = xBusy;
  1301   1332     db->busyHandler.pArg = pArg;
  1302   1333     db->busyHandler.nBusy = 0;
  1303   1334     db->busyTimeout = 0;
  1304   1335     sqlite3_mutex_leave(db->mutex);
  1305   1336     return SQLITE_OK;
................................................................................
  1313   1344   */
  1314   1345   void sqlite3_progress_handler(
  1315   1346     sqlite3 *db, 
  1316   1347     int nOps,
  1317   1348     int (*xProgress)(void*), 
  1318   1349     void *pArg
  1319   1350   ){
         1351  +#ifdef SQLITE_ENABLE_API_ARMOR
         1352  +  if( !sqlite3SafetyCheckOk(db) ){
         1353  +    (void)SQLITE_MISUSE_BKPT;
         1354  +    return;
         1355  +  }
         1356  +#endif
  1320   1357     sqlite3_mutex_enter(db->mutex);
  1321   1358     if( nOps>0 ){
  1322   1359       db->xProgress = xProgress;
  1323   1360       db->nProgressOps = (unsigned)nOps;
  1324   1361       db->pProgressArg = pArg;
  1325   1362     }else{
  1326   1363       db->xProgress = 0;
................................................................................
  1333   1370   
  1334   1371   
  1335   1372   /*
  1336   1373   ** This routine installs a default busy handler that waits for the
  1337   1374   ** specified number of milliseconds before returning 0.
  1338   1375   */
  1339   1376   int sqlite3_busy_timeout(sqlite3 *db, int ms){
         1377  +#ifdef SQLITE_ENABLE_API_ARMOR
         1378  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
         1379  +#endif
  1340   1380     if( ms>0 ){
  1341   1381       sqlite3_busy_handler(db, sqliteDefaultBusyCallback, (void*)db);
  1342   1382       db->busyTimeout = ms;
  1343   1383     }else{
  1344   1384       sqlite3_busy_handler(db, 0, 0);
  1345   1385     }
  1346   1386     return SQLITE_OK;
  1347   1387   }
  1348   1388   
  1349   1389   /*
  1350   1390   ** Cause any pending operation to stop at its earliest opportunity.
  1351   1391   */
  1352   1392   void sqlite3_interrupt(sqlite3 *db){
         1393  +#ifdef SQLITE_ENABLE_API_ARMOR
         1394  +  if( !sqlite3SafetyCheckOk(db) ){
         1395  +    (void)SQLITE_MISUSE_BKPT;
         1396  +    return;
         1397  +  }
         1398  +#endif
  1353   1399     db->u1.isInterrupted = 1;
  1354   1400   }
  1355   1401   
  1356   1402   
  1357   1403   /*
  1358   1404   ** This function is exactly the same as sqlite3_create_function(), except
  1359   1405   ** that it is designed to be called by internal code. The difference is
................................................................................
  1483   1529     void (*xFunc)(sqlite3_context*,int,sqlite3_value **),
  1484   1530     void (*xStep)(sqlite3_context*,int,sqlite3_value **),
  1485   1531     void (*xFinal)(sqlite3_context*),
  1486   1532     void (*xDestroy)(void *)
  1487   1533   ){
  1488   1534     int rc = SQLITE_ERROR;
  1489   1535     FuncDestructor *pArg = 0;
         1536  +
         1537  +#ifdef SQLITE_ENABLE_API_ARMOR
         1538  +  if( !sqlite3SafetyCheckOk(db) ){
         1539  +    return SQLITE_MISUSE_BKPT;
         1540  +  }
         1541  +#endif
  1490   1542     sqlite3_mutex_enter(db->mutex);
  1491   1543     if( xDestroy ){
  1492   1544       pArg = (FuncDestructor *)sqlite3DbMallocZero(db, sizeof(FuncDestructor));
  1493   1545       if( !pArg ){
  1494   1546         xDestroy(p);
  1495   1547         goto out;
  1496   1548       }
................................................................................
  1519   1571     void *p,
  1520   1572     void (*xFunc)(sqlite3_context*,int,sqlite3_value**),
  1521   1573     void (*xStep)(sqlite3_context*,int,sqlite3_value**),
  1522   1574     void (*xFinal)(sqlite3_context*)
  1523   1575   ){
  1524   1576     int rc;
  1525   1577     char *zFunc8;
         1578  +
         1579  +#ifdef SQLITE_ENABLE_API_ARMOR
         1580  +  if( !sqlite3SafetyCheckOk(db) || zFunctionName==0 ) return SQLITE_MISUSE_BKPT;
         1581  +#endif
  1526   1582     sqlite3_mutex_enter(db->mutex);
  1527   1583     assert( !db->mallocFailed );
  1528   1584     zFunc8 = sqlite3Utf16to8(db, zFunctionName, -1, SQLITE_UTF16NATIVE);
  1529   1585     rc = sqlite3CreateFunc(db, zFunc8, nArg, eTextRep, p, xFunc, xStep, xFinal,0);
  1530   1586     sqlite3DbFree(db, zFunc8);
  1531   1587     rc = sqlite3ApiExit(db, rc);
  1532   1588     sqlite3_mutex_leave(db->mutex);
................................................................................
  1550   1606   int sqlite3_overload_function(
  1551   1607     sqlite3 *db,
  1552   1608     const char *zName,
  1553   1609     int nArg
  1554   1610   ){
  1555   1611     int nName = sqlite3Strlen30(zName);
  1556   1612     int rc = SQLITE_OK;
         1613  +
         1614  +#ifdef SQLITE_ENABLE_API_ARMOR
         1615  +  if( !sqlite3SafetyCheckOk(db) || zName==0 || nArg<-2 ){
         1616  +    return SQLITE_MISUSE_BKPT;
         1617  +  }
         1618  +#endif
  1557   1619     sqlite3_mutex_enter(db->mutex);
  1558   1620     if( sqlite3FindFunction(db, zName, nName, nArg, SQLITE_UTF8, 0)==0 ){
  1559   1621       rc = sqlite3CreateFunc(db, zName, nArg, SQLITE_UTF8,
  1560   1622                              0, sqlite3InvalidFunction, 0, 0, 0);
  1561   1623     }
  1562   1624     rc = sqlite3ApiExit(db, rc);
  1563   1625     sqlite3_mutex_leave(db->mutex);
................................................................................
  1571   1633   **
  1572   1634   ** A NULL trace function means that no tracing is executes.  A non-NULL
  1573   1635   ** trace is a pointer to a function that is invoked at the start of each
  1574   1636   ** SQL statement.
  1575   1637   */
  1576   1638   void *sqlite3_trace(sqlite3 *db, void (*xTrace)(void*,const char*), void *pArg){
  1577   1639     void *pOld;
         1640  +
         1641  +#ifdef SQLITE_ENABLE_API_ARMOR
         1642  +  if( !sqlite3SafetyCheckOk(db) ){
         1643  +    (void)SQLITE_MISUSE_BKPT;
         1644  +    return 0;
         1645  +  }
         1646  +#endif
  1578   1647     sqlite3_mutex_enter(db->mutex);
  1579   1648     pOld = db->pTraceArg;
  1580   1649     db->xTrace = xTrace;
  1581   1650     db->pTraceArg = pArg;
  1582   1651     sqlite3_mutex_leave(db->mutex);
  1583   1652     return pOld;
  1584   1653   }
................................................................................
  1592   1661   */
  1593   1662   void *sqlite3_profile(
  1594   1663     sqlite3 *db,
  1595   1664     void (*xProfile)(void*,const char*,sqlite_uint64),
  1596   1665     void *pArg
  1597   1666   ){
  1598   1667     void *pOld;
         1668  +
         1669  +#ifdef SQLITE_ENABLE_API_ARMOR
         1670  +  if( !sqlite3SafetyCheckOk(db) ){
         1671  +    (void)SQLITE_MISUSE_BKPT;
         1672  +    return 0;
         1673  +  }
         1674  +#endif
  1599   1675     sqlite3_mutex_enter(db->mutex);
  1600   1676     pOld = db->pProfileArg;
  1601   1677     db->xProfile = xProfile;
  1602   1678     db->pProfileArg = pArg;
  1603   1679     sqlite3_mutex_leave(db->mutex);
  1604   1680     return pOld;
  1605   1681   }
................................................................................
  1612   1688   */
  1613   1689   void *sqlite3_commit_hook(
  1614   1690     sqlite3 *db,              /* Attach the hook to this database */
  1615   1691     int (*xCallback)(void*),  /* Function to invoke on each commit */
  1616   1692     void *pArg                /* Argument to the function */
  1617   1693   ){
  1618   1694     void *pOld;
         1695  +
         1696  +#ifdef SQLITE_ENABLE_API_ARMOR
         1697  +  if( !sqlite3SafetyCheckOk(db) ){
         1698  +    (void)SQLITE_MISUSE_BKPT;
         1699  +    return 0;
         1700  +  }
         1701  +#endif
  1619   1702     sqlite3_mutex_enter(db->mutex);
  1620   1703     pOld = db->pCommitArg;
  1621   1704     db->xCommitCallback = xCallback;
  1622   1705     db->pCommitArg = pArg;
  1623   1706     sqlite3_mutex_leave(db->mutex);
  1624   1707     return pOld;
  1625   1708   }
................................................................................
  1630   1713   */
  1631   1714   void *sqlite3_update_hook(
  1632   1715     sqlite3 *db,              /* Attach the hook to this database */
  1633   1716     void (*xCallback)(void*,int,char const *,char const *,sqlite_int64),
  1634   1717     void *pArg                /* Argument to the function */
  1635   1718   ){
  1636   1719     void *pRet;
         1720  +
         1721  +#ifdef SQLITE_ENABLE_API_ARMOR
         1722  +  if( !sqlite3SafetyCheckOk(db) ){
         1723  +    (void)SQLITE_MISUSE_BKPT;
         1724  +    return 0;
         1725  +  }
         1726  +#endif
  1637   1727     sqlite3_mutex_enter(db->mutex);
  1638   1728     pRet = db->pUpdateArg;
  1639   1729     db->xUpdateCallback = xCallback;
  1640   1730     db->pUpdateArg = pArg;
  1641   1731     sqlite3_mutex_leave(db->mutex);
  1642   1732     return pRet;
  1643   1733   }
................................................................................
  1648   1738   */
  1649   1739   void *sqlite3_rollback_hook(
  1650   1740     sqlite3 *db,              /* Attach the hook to this database */
  1651   1741     void (*xCallback)(void*), /* Callback function */
  1652   1742     void *pArg                /* Argument to the function */
  1653   1743   ){
  1654   1744     void *pRet;
         1745  +
         1746  +#ifdef SQLITE_ENABLE_API_ARMOR
         1747  +  if( !sqlite3SafetyCheckOk(db) ){
         1748  +    (void)SQLITE_MISUSE_BKPT;
         1749  +    return 0;
         1750  +  }
         1751  +#endif
  1655   1752     sqlite3_mutex_enter(db->mutex);
  1656   1753     pRet = db->pRollbackArg;
  1657   1754     db->xRollbackCallback = xCallback;
  1658   1755     db->pRollbackArg = pArg;
  1659   1756     sqlite3_mutex_leave(db->mutex);
  1660   1757     return pRet;
  1661   1758   }
................................................................................
  1694   1791   ** configured by this function.
  1695   1792   */
  1696   1793   int sqlite3_wal_autocheckpoint(sqlite3 *db, int nFrame){
  1697   1794   #ifdef SQLITE_OMIT_WAL
  1698   1795     UNUSED_PARAMETER(db);
  1699   1796     UNUSED_PARAMETER(nFrame);
  1700   1797   #else
         1798  +#ifdef SQLITE_ENABLE_API_ARMOR
         1799  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
         1800  +#endif
  1701   1801     if( nFrame>0 ){
  1702   1802       sqlite3_wal_hook(db, sqlite3WalDefaultHook, SQLITE_INT_TO_PTR(nFrame));
  1703   1803     }else{
  1704   1804       sqlite3_wal_hook(db, 0, 0);
  1705   1805     }
  1706   1806   #endif
  1707   1807     return SQLITE_OK;
................................................................................
  1714   1814   void *sqlite3_wal_hook(
  1715   1815     sqlite3 *db,                    /* Attach the hook to this db handle */
  1716   1816     int(*xCallback)(void *, sqlite3*, const char*, int),
  1717   1817     void *pArg                      /* First argument passed to xCallback() */
  1718   1818   ){
  1719   1819   #ifndef SQLITE_OMIT_WAL
  1720   1820     void *pRet;
         1821  +#ifdef SQLITE_ENABLE_API_ARMOR
         1822  +  if( !sqlite3SafetyCheckOk(db) ){
         1823  +    (void)SQLITE_MISUSE_BKPT;
         1824  +    return 0;
         1825  +  }
         1826  +#endif
  1721   1827     sqlite3_mutex_enter(db->mutex);
  1722   1828     pRet = db->pWalArg;
  1723   1829     db->xWalCallback = xCallback;
  1724   1830     db->pWalArg = pArg;
  1725   1831     sqlite3_mutex_leave(db->mutex);
  1726   1832     return pRet;
  1727   1833   #else
................................................................................
  1740   1846     int *pnCkpt                     /* OUT: Total number of frames checkpointed */
  1741   1847   ){
  1742   1848   #ifdef SQLITE_OMIT_WAL
  1743   1849     return SQLITE_OK;
  1744   1850   #else
  1745   1851     int rc;                         /* Return code */
  1746   1852     int iDb = SQLITE_MAX_ATTACHED;  /* sqlite3.aDb[] index of db to checkpoint */
         1853  +
         1854  +#ifdef SQLITE_ENABLE_API_ARMOR
         1855  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
         1856  +#endif
  1747   1857   
  1748   1858     /* Initialize the output variables to -1 in case an error occurs. */
  1749   1859     if( pnLog ) *pnLog = -1;
  1750   1860     if( pnCkpt ) *pnCkpt = -1;
  1751   1861   
  1752   1862     assert( SQLITE_CHECKPOINT_FULL>SQLITE_CHECKPOINT_PASSIVE );
  1753   1863     assert( SQLITE_CHECKPOINT_FULL<SQLITE_CHECKPOINT_RESTART );
................................................................................
  2137   2247   ** A new lower limit does not shrink existing constructs.
  2138   2248   ** It merely prevents new constructs that exceed the limit
  2139   2249   ** from forming.
  2140   2250   */
  2141   2251   int sqlite3_limit(sqlite3 *db, int limitId, int newLimit){
  2142   2252     int oldLimit;
  2143   2253   
         2254  +#ifdef SQLITE_ENABLE_API_ARMOR
         2255  +  if( !sqlite3SafetyCheckOk(db) ){
         2256  +    (void)SQLITE_MISUSE_BKPT;
         2257  +    return -1;
         2258  +  }
         2259  +#endif
  2144   2260   
  2145   2261     /* EVIDENCE-OF: R-30189-54097 For each limit category SQLITE_LIMIT_NAME
  2146   2262     ** there is a hard upper bound set at compile-time by a C preprocessor
  2147   2263     ** macro called SQLITE_MAX_NAME. (The "_LIMIT_" in the name is changed to
  2148   2264     ** "_MAX_".)
  2149   2265     */
  2150   2266     assert( aHardLimit[SQLITE_LIMIT_LENGTH]==SQLITE_MAX_LENGTH );
................................................................................
  2422   2538   ){
  2423   2539     sqlite3 *db;                    /* Store allocated handle here */
  2424   2540     int rc;                         /* Return code */
  2425   2541     int isThreadsafe;               /* True for threadsafe connections */
  2426   2542     char *zOpen = 0;                /* Filename argument to pass to BtreeOpen() */
  2427   2543     char *zErrMsg = 0;              /* Error message from sqlite3ParseUri() */
  2428   2544   
         2545  +#ifdef SQLITE_ENABLE_API_ARMOR
         2546  +  if( ppDb==0 ) return SQLITE_MISUSE_BKPT;
         2547  +#endif
  2429   2548     *ppDb = 0;
  2430   2549   #ifndef SQLITE_OMIT_AUTOINIT
  2431   2550     rc = sqlite3_initialize();
  2432   2551     if( rc ) return rc;
  2433   2552   #endif
  2434   2553   
  2435   2554     /* Only allow sensible combinations of bits in the flags argument.  
................................................................................
  2711   2830     const void *zFilename, 
  2712   2831     sqlite3 **ppDb
  2713   2832   ){
  2714   2833     char const *zFilename8;   /* zFilename encoded in UTF-8 instead of UTF-16 */
  2715   2834     sqlite3_value *pVal;
  2716   2835     int rc;
  2717   2836   
  2718         -  assert( zFilename );
  2719         -  assert( ppDb );
         2837  +#ifdef SQLITE_ENABLE_API_ARMOR
         2838  +  if( ppDb==0 ) return SQLITE_MISUSE_BKPT;
         2839  +#endif
  2720   2840     *ppDb = 0;
  2721   2841   #ifndef SQLITE_OMIT_AUTOINIT
  2722   2842     rc = sqlite3_initialize();
  2723   2843     if( rc ) return rc;
  2724   2844   #endif
         2845  +  if( zFilename==0 ) zFilename = "\000\000";
  2725   2846     pVal = sqlite3ValueNew(0);
  2726   2847     sqlite3ValueSetStr(pVal, -1, zFilename, SQLITE_UTF16NATIVE, SQLITE_STATIC);
  2727   2848     zFilename8 = sqlite3ValueText(pVal, SQLITE_UTF8);
  2728   2849     if( zFilename8 ){
  2729   2850       rc = openDatabase(zFilename8, ppDb,
  2730   2851                         SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE, 0);
  2731   2852       assert( *ppDb || rc==SQLITE_NOMEM );
................................................................................
  2762   2883     const char *zName, 
  2763   2884     int enc, 
  2764   2885     void* pCtx,
  2765   2886     int(*xCompare)(void*,int,const void*,int,const void*),
  2766   2887     void(*xDel)(void*)
  2767   2888   ){
  2768   2889     int rc;
         2890  +
         2891  +#ifdef SQLITE_ENABLE_API_ARMOR
         2892  +  if( !sqlite3SafetyCheckOk(db) || zName==0 ) return SQLITE_MISUSE_BKPT;
         2893  +#endif
  2769   2894     sqlite3_mutex_enter(db->mutex);
  2770   2895     assert( !db->mallocFailed );
  2771   2896     rc = createCollation(db, zName, (u8)enc, pCtx, xCompare, xDel);
  2772   2897     rc = sqlite3ApiExit(db, rc);
  2773   2898     sqlite3_mutex_leave(db->mutex);
  2774   2899     return rc;
  2775   2900   }
................................................................................
  2783   2908     const void *zName,
  2784   2909     int enc, 
  2785   2910     void* pCtx,
  2786   2911     int(*xCompare)(void*,int,const void*,int,const void*)
  2787   2912   ){
  2788   2913     int rc = SQLITE_OK;
  2789   2914     char *zName8;
         2915  +
         2916  +#ifdef SQLITE_ENABLE_API_ARMOR
         2917  +  if( !sqlite3SafetyCheckOk(db) || zName==0 ) return SQLITE_MISUSE_BKPT;
         2918  +#endif
  2790   2919     sqlite3_mutex_enter(db->mutex);
  2791   2920     assert( !db->mallocFailed );
  2792   2921     zName8 = sqlite3Utf16to8(db, zName, -1, SQLITE_UTF16NATIVE);
  2793   2922     if( zName8 ){
  2794   2923       rc = createCollation(db, zName8, (u8)enc, pCtx, xCompare, 0);
  2795   2924       sqlite3DbFree(db, zName8);
  2796   2925     }
................................................................................
  2805   2934   ** db. Replace any previously installed collation sequence factory.
  2806   2935   */
  2807   2936   int sqlite3_collation_needed(
  2808   2937     sqlite3 *db, 
  2809   2938     void *pCollNeededArg, 
  2810   2939     void(*xCollNeeded)(void*,sqlite3*,int eTextRep,const char*)
  2811   2940   ){
         2941  +#ifdef SQLITE_ENABLE_API_ARMOR
         2942  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
         2943  +#endif
  2812   2944     sqlite3_mutex_enter(db->mutex);
  2813   2945     db->xCollNeeded = xCollNeeded;
  2814   2946     db->xCollNeeded16 = 0;
  2815   2947     db->pCollNeededArg = pCollNeededArg;
  2816   2948     sqlite3_mutex_leave(db->mutex);
  2817   2949     return SQLITE_OK;
  2818   2950   }
................................................................................
  2823   2955   ** db. Replace any previously installed collation sequence factory.
  2824   2956   */
  2825   2957   int sqlite3_collation_needed16(
  2826   2958     sqlite3 *db, 
  2827   2959     void *pCollNeededArg, 
  2828   2960     void(*xCollNeeded16)(void*,sqlite3*,int eTextRep,const void*)
  2829   2961   ){
         2962  +#ifdef SQLITE_ENABLE_API_ARMOR
         2963  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
         2964  +#endif
  2830   2965     sqlite3_mutex_enter(db->mutex);
  2831   2966     db->xCollNeeded = 0;
  2832   2967     db->xCollNeeded16 = xCollNeeded16;
  2833   2968     db->pCollNeededArg = pCollNeededArg;
  2834   2969     sqlite3_mutex_leave(db->mutex);
  2835   2970     return SQLITE_OK;
  2836   2971   }
................................................................................
  2849   2984   /*
  2850   2985   ** Test to see whether or not the database connection is in autocommit
  2851   2986   ** mode.  Return TRUE if it is and FALSE if not.  Autocommit mode is on
  2852   2987   ** by default.  Autocommit is disabled by a BEGIN statement and reenabled
  2853   2988   ** by the next COMMIT or ROLLBACK.
  2854   2989   */
  2855   2990   int sqlite3_get_autocommit(sqlite3 *db){
         2991  +#ifdef SQLITE_ENABLE_API_ARMOR
         2992  +  if( !sqlite3SafetyCheckOk(db) ){
         2993  +    (void)SQLITE_MISUSE_BKPT;
         2994  +    return 0;
         2995  +  }
         2996  +#endif
  2856   2997     return db->autoCommit;
  2857   2998   }
  2858   2999   
  2859   3000   /*
  2860   3001   ** The following routines are substitutes for constants SQLITE_CORRUPT,
  2861   3002   ** SQLITE_MISUSE, SQLITE_CANTOPEN, SQLITE_IOERR and possibly other error
  2862   3003   ** constants.  They serve two purposes:
................................................................................
  3031   3172     return rc;
  3032   3173   }
  3033   3174   
  3034   3175   /*
  3035   3176   ** Enable or disable the extended result codes.
  3036   3177   */
  3037   3178   int sqlite3_extended_result_codes(sqlite3 *db, int onoff){
         3179  +#ifdef SQLITE_ENABLE_API_ARMOR
         3180  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
         3181  +#endif
  3038   3182     sqlite3_mutex_enter(db->mutex);
  3039   3183     db->errMask = onoff ? 0xffffffff : 0xff;
  3040   3184     sqlite3_mutex_leave(db->mutex);
  3041   3185     return SQLITE_OK;
  3042   3186   }
  3043   3187   
  3044   3188   /*
  3045   3189   ** Invoke the xFileControl method on a particular database.
  3046   3190   */
  3047   3191   int sqlite3_file_control(sqlite3 *db, const char *zDbName, int op, void *pArg){
  3048   3192     int rc = SQLITE_ERROR;
  3049   3193     Btree *pBtree;
  3050   3194   
         3195  +#ifdef SQLITE_ENABLE_API_ARMOR
         3196  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
         3197  +#endif
  3051   3198     sqlite3_mutex_enter(db->mutex);
  3052   3199     pBtree = sqlite3DbNameToBtree(db, zDbName);
  3053   3200     if( pBtree ){
  3054   3201       Pager *pPager;
  3055   3202       sqlite3_file *fd;
  3056   3203       sqlite3BtreeEnter(pBtree);
  3057   3204       pPager = sqlite3BtreePager(pBtree);
................................................................................
  3386   3533   ** The zFilename argument is the filename pointer passed into the xOpen()
  3387   3534   ** method of a VFS implementation.  The zParam argument is the name of the
  3388   3535   ** query parameter we seek.  This routine returns the value of the zParam
  3389   3536   ** parameter if it exists.  If the parameter does not exist, this routine
  3390   3537   ** returns a NULL pointer.
  3391   3538   */
  3392   3539   const char *sqlite3_uri_parameter(const char *zFilename, const char *zParam){
  3393         -  if( zFilename==0 ) return 0;
         3540  +  if( zFilename==0 || zParam==0 ) return 0;
  3394   3541     zFilename += sqlite3Strlen30(zFilename) + 1;
  3395   3542     while( zFilename[0] ){
  3396   3543       int x = strcmp(zFilename, zParam);
  3397   3544       zFilename += sqlite3Strlen30(zFilename) + 1;
  3398   3545       if( x==0 ) return zFilename;
  3399   3546       zFilename += sqlite3Strlen30(zFilename) + 1;
  3400   3547     }
................................................................................
  3442   3589   }
  3443   3590   
  3444   3591   /*
  3445   3592   ** Return the filename of the database associated with a database
  3446   3593   ** connection.
  3447   3594   */
  3448   3595   const char *sqlite3_db_filename(sqlite3 *db, const char *zDbName){
         3596  +#ifdef SQLITE_ENABLE_API_ARMOR
         3597  +  if( !sqlite3SafetyCheckOk(db) ){
         3598  +    (void)SQLITE_MISUSE_BKPT;
         3599  +    return 0;
         3600  +  }
         3601  +#endif
  3449   3602     Btree *pBt = sqlite3DbNameToBtree(db, zDbName);
  3450   3603     return pBt ? sqlite3BtreeGetFilename(pBt) : 0;
  3451   3604   }
  3452   3605   
  3453   3606   /*
  3454   3607   ** Return 1 if database is read-only or 0 if read/write.  Return -1 if
  3455   3608   ** no such database exists.
  3456   3609   */
  3457   3610   int sqlite3_db_readonly(sqlite3 *db, const char *zDbName){
         3611  +#ifdef SQLITE_ENABLE_API_ARMOR
         3612  +  if( !sqlite3SafetyCheckOk(db) ){
         3613  +    (void)SQLITE_MISUSE_BKPT;
         3614  +    return -1;
         3615  +  }
         3616  +#endif
  3458   3617     Btree *pBt = sqlite3DbNameToBtree(db, zDbName);
  3459   3618     return pBt ? sqlite3BtreeIsReadonly(pBt) : -1;
  3460   3619   }

Changes to src/malloc.c.

   471    471     return (sqlite3_uint64)sqlite3GlobalConfig.m.xSize(p);
   472    472   }
   473    473   
   474    474   /*
   475    475   ** Free memory previously obtained from sqlite3Malloc().
   476    476   */
   477    477   void sqlite3_free(void *p){
          478  +#if defined(SQLITE_ENABLE_API_ARMOR) && !defined(SQLITE_OMIT_AUTOINIT)
          479  +  if( sqlite3_initialize() ) return;
          480  +#endif
   478    481     if( p==0 ) return;  /* IMP: R-49053-54554 */
   479    482     assert( sqlite3MemdebugHasType(p, MEMTYPE_HEAP) );
   480    483     assert( sqlite3MemdebugNoType(p, ~MEMTYPE_HEAP) );
   481    484     if( sqlite3GlobalConfig.bMemstat ){
   482    485       sqlite3_mutex_enter(mem0.mutex);
   483    486       sqlite3StatusAdd(SQLITE_STATUS_MEMORY_USED, -sqlite3MallocSize(p));
   484    487       sqlite3StatusAdd(SQLITE_STATUS_MALLOC_COUNT, -1);

Changes to src/mutex_unix.c.

   171    171           p->id = iType;
   172    172   #endif
   173    173           pthread_mutex_init(&p->mutex, 0);
   174    174         }
   175    175         break;
   176    176       }
   177    177       default: {
   178         -      assert( iType-2 >= 0 );
   179         -      assert( iType-2 < ArraySize(staticMutexes) );
          178  +#ifdef SQLITE_ENABLE_API_ARMOR
          179  +      if( iType-2<0 || iType-2>=ArraySize(staticMutexes) ){
          180  +        (void)SQLITE_MISUSE_BKPT;
          181  +        return 0;
          182  +      }
          183  +#endif
   180    184         p = &staticMutexes[iType-2];
   181    185   #if SQLITE_MUTEX_NREF
   182    186         p->id = iType;
   183    187   #endif
   184    188         break;
   185    189       }
   186    190     }

Changes to src/os.c.

   357    357   */
   358    358   int sqlite3_vfs_register(sqlite3_vfs *pVfs, int makeDflt){
   359    359     MUTEX_LOGIC(sqlite3_mutex *mutex;)
   360    360   #ifndef SQLITE_OMIT_AUTOINIT
   361    361     int rc = sqlite3_initialize();
   362    362     if( rc ) return rc;
   363    363   #endif
          364  +#ifdef SQLITE_ENABLE_API_ARMOR
          365  +  if( pVfs==0 ) return SQLITE_MISUSE_BKPT;
          366  +#endif
          367  +
   364    368     MUTEX_LOGIC( mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER); )
   365    369     sqlite3_mutex_enter(mutex);
   366    370     vfsUnlink(pVfs);
   367    371     if( makeDflt || vfsList==0 ){
   368    372       pVfs->pNext = vfsList;
   369    373       vfsList = pVfs;
   370    374     }else{

Changes to src/prepare.c.

   705    705     int nBytes,               /* Length of zSql in bytes. */
   706    706     int saveSqlFlag,          /* True to copy SQL text into the sqlite3_stmt */
   707    707     Vdbe *pOld,               /* VM being reprepared */
   708    708     sqlite3_stmt **ppStmt,    /* OUT: A pointer to the prepared statement */
   709    709     const char **pzTail       /* OUT: End of parsed string */
   710    710   ){
   711    711     int rc;
   712         -  assert( ppStmt!=0 );
          712  +
          713  +#ifdef SQLITE_ENABLE_API_ARMOR
          714  +  if( ppStmt==0 ) return SQLITE_MISUSE_BKPT;
          715  +#endif
   713    716     *ppStmt = 0;
   714         -  if( !sqlite3SafetyCheckOk(db) ){
          717  +  if( !sqlite3SafetyCheckOk(db)||zSql==0 ){
   715    718       return SQLITE_MISUSE_BKPT;
   716    719     }
   717    720     sqlite3_mutex_enter(db->mutex);
   718    721     sqlite3BtreeEnterAll(db);
   719    722     rc = sqlite3Prepare(db, zSql, nBytes, saveSqlFlag, pOld, ppStmt, pzTail);
   720    723     if( rc==SQLITE_SCHEMA ){
   721    724       sqlite3_finalize(*ppStmt);
................................................................................
   814    817     ** encoded string to UTF-8, then invoking sqlite3_prepare(). The
   815    818     ** tricky bit is figuring out the pointer to return in *pzTail.
   816    819     */
   817    820     char *zSql8;
   818    821     const char *zTail8 = 0;
   819    822     int rc = SQLITE_OK;
   820    823   
   821         -  assert( ppStmt );
          824  +#ifdef SQLITE_ENABLE_API_ARMOR
          825  +  if( ppStmt==0 ) return SQLITE_MISUSE_BKPT;
          826  +#endif
   822    827     *ppStmt = 0;
   823         -  if( !sqlite3SafetyCheckOk(db) ){
          828  +  if( !sqlite3SafetyCheckOk(db)||zSql==0 ){
   824    829       return SQLITE_MISUSE_BKPT;
   825    830     }
   826    831     if( nBytes>=0 ){
   827    832       int sz;
   828    833       const char *z = (const char*)zSql;
   829    834       for(sz=0; sz<nBytes && (z[sz]!=0 || z[sz+1]!=0); sz += 2){}
   830    835       nBytes = sz;

Changes to src/printf.c.

   219    219     double rounder;            /* Used for rounding floating point values */
   220    220     etByte flag_dp;            /* True if decimal point should be shown */
   221    221     etByte flag_rtz;           /* True if trailing zeros should be removed */
   222    222   #endif
   223    223     PrintfArguments *pArgList = 0; /* Arguments for SQLITE_PRINTF_SQLFUNC */
   224    224     char buf[etBUFSIZE];       /* Conversion buffer */
   225    225   
          226  +#ifdef SQLITE_ENABLE_API_ARMOR
          227  +  if( ap==0 ){
          228  +    (void)SQLITE_MISUSE_BKPT;
          229  +    sqlite3StrAccumReset(pAccum);
          230  +    return;
          231  +  }
          232  +#endif
   226    233     bufpt = 0;
   227    234     if( bFlags ){
   228    235       if( (bArgList = (bFlags & SQLITE_PRINTF_SQLFUNC))!=0 ){
   229    236         pArgList = va_arg(ap, PrintfArguments*);
   230    237       }
   231    238       useIntern = bFlags & SQLITE_PRINTF_INTERNAL;
   232    239     }else{
................................................................................
   939    946   ** Print into memory obtained from sqlite3_malloc().  Omit the internal
   940    947   ** %-conversion extensions.
   941    948   */
   942    949   char *sqlite3_vmprintf(const char *zFormat, va_list ap){
   943    950     char *z;
   944    951     char zBase[SQLITE_PRINT_BUF_SIZE];
   945    952     StrAccum acc;
          953  +
          954  +#ifdef SQLITE_ENABLE_API_ARMOR  
          955  +  if( zFormat==0 ){
          956  +    (void)SQLITE_MISUSE_BKPT;
          957  +    return 0;
          958  +  }
          959  +#endif
   946    960   #ifndef SQLITE_OMIT_AUTOINIT
   947    961     if( sqlite3_initialize() ) return 0;
   948    962   #endif
   949    963     sqlite3StrAccumInit(&acc, zBase, sizeof(zBase), SQLITE_MAX_LENGTH);
   950    964     acc.useMalloc = 2;
   951    965     sqlite3VXPrintf(&acc, 0, zFormat, ap);
   952    966     z = sqlite3StrAccumFinish(&acc);
................................................................................
   981    995   ** mistake.
   982    996   **
   983    997   ** sqlite3_vsnprintf() is the varargs version.
   984    998   */
   985    999   char *sqlite3_vsnprintf(int n, char *zBuf, const char *zFormat, va_list ap){
   986   1000     StrAccum acc;
   987   1001     if( n<=0 ) return zBuf;
         1002  +#ifdef SQLITE_ENABLE_API_ARMOR
         1003  +  if( zBuf==0 || zFormat==0 ) {
         1004  +    (void)SQLITE_MISUSE_BKPT;
         1005  +    if( zBuf && n>0 ) zBuf[0] = 0;
         1006  +    return zBuf;
         1007  +  }
         1008  +#endif
   988   1009     sqlite3StrAccumInit(&acc, zBuf, n, 0);
   989   1010     acc.useMalloc = 0;
   990   1011     sqlite3VXPrintf(&acc, 0, zFormat, ap);
   991   1012     return sqlite3StrAccumFinish(&acc);
   992   1013   }
   993   1014   char *sqlite3_snprintf(int n, char *zBuf, const char *zFormat, ...){
   994   1015     char *z;

Changes to src/random.c.

    30     30   /*
    31     31   ** Return N random bytes.
    32     32   */
    33     33   void sqlite3_randomness(int N, void *pBuf){
    34     34     unsigned char t;
    35     35     unsigned char *zBuf = pBuf;
    36     36   
           37  +#ifndef SQLITE_OMIT_AUTOINIT
           38  +  if( sqlite3_initialize() ) return;
           39  +#endif
           40  +  if( pBuf==0 || N<=0 ) return;
           41  +
    37     42     /* The "wsdPrng" macro will resolve to the pseudo-random number generator
    38     43     ** state vector.  If writable static data is unsupported on the target,
    39     44     ** we have to locate the state vector at run-time.  In the more common
    40     45     ** case where writable static data is supported, wsdPrng can refer directly
    41     46     ** to the "sqlite3Prng" state vector declared above.
    42     47     */
    43     48   #ifdef SQLITE_OMIT_WSD
................................................................................
    48     53   #endif
    49     54   
    50     55   #if SQLITE_THREADSAFE
    51     56     sqlite3_mutex *mutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_PRNG);
    52     57     sqlite3_mutex_enter(mutex);
    53     58   #endif
    54     59   
    55         -  if( N<=0 ){
    56         -    wsdPrng.isInit = 0;
    57         -    sqlite3_mutex_leave(mutex);
    58         -    return;
    59         -  }
    60         -
    61     60     /* Initialize the state of the random number generator once,
    62     61     ** the first time this routine is called.  The seed value does
    63     62     ** not need to contain a lot of randomness since we are not
    64     63     ** trying to do secure encryption or anything like that...
    65     64     **
    66     65     ** Nothing in this file or anywhere else in SQLite does any kind of
    67     66     ** encryption.  The RC4 algorithm is being used as a PRNG (pseudo-random

Changes to src/status.c.

    82     82   ** then this routine is not threadsafe.
    83     83   */
    84     84   int sqlite3_status(int op, int *pCurrent, int *pHighwater, int resetFlag){
    85     85     wsdStatInit;
    86     86     if( op<0 || op>=ArraySize(wsdStat.nowValue) ){
    87     87       return SQLITE_MISUSE_BKPT;
    88     88     }
           89  +#ifdef SQLITE_ENABLE_API_ARMOR
           90  +  if( pCurrent==0 || pHighwater==0 ) return SQLITE_MISUSE_BKPT;
           91  +#endif
    89     92     *pCurrent = wsdStat.nowValue[op];
    90     93     *pHighwater = wsdStat.mxValue[op];
    91     94     if( resetFlag ){
    92     95       wsdStat.mxValue[op] = wsdStat.nowValue[op];
    93     96     }
    94     97     return SQLITE_OK;
    95     98   }
................................................................................
   101    104     sqlite3 *db,          /* The database connection whose status is desired */
   102    105     int op,               /* Status verb */
   103    106     int *pCurrent,        /* Write current value here */
   104    107     int *pHighwater,      /* Write high-water mark here */
   105    108     int resetFlag         /* Reset high-water mark if true */
   106    109   ){
   107    110     int rc = SQLITE_OK;   /* Return code */
          111  +#ifdef SQLITE_ENABLE_API_ARMOR
          112  +  if( !sqlite3SafetyCheckOk(db) || pCurrent==0|| pHighwater==0 ){
          113  +    return SQLITE_MISUSE_BKPT;
          114  +  }
          115  +#endif
   108    116     sqlite3_mutex_enter(db->mutex);
   109    117     switch( op ){
   110    118       case SQLITE_DBSTATUS_LOOKASIDE_USED: {
   111    119         *pCurrent = db->lookaside.nOut;
   112    120         *pHighwater = db->lookaside.mxOut;
   113    121         if( resetFlag ){
   114    122           db->lookaside.mxOut = db->lookaside.nOut;

Changes to src/table.c.

   122    122     int *pnRow,                 /* Write the number of rows in the result here */
   123    123     int *pnColumn,              /* Write the number of columns of result here */
   124    124     char **pzErrMsg             /* Write error messages here */
   125    125   ){
   126    126     int rc;
   127    127     TabResult res;
   128    128   
          129  +#ifdef SQLITE_ENABLE_API_ARMOR
          130  +  if( pazResult==0 ) return SQLITE_MISUSE_BKPT;
          131  +#endif
   129    132     *pazResult = 0;
   130    133     if( pnColumn ) *pnColumn = 0;
   131    134     if( pnRow ) *pnRow = 0;
   132    135     if( pzErrMsg ) *pzErrMsg = 0;
   133    136     res.zErrMsg = 0;
   134    137     res.nRow = 0;
   135    138     res.nColumn = 0;

Changes to src/util.c.

   247    247   ** sqlite3_strnicmp() APIs allow applications and extensions to compare
   248    248   ** the contents of two buffers containing UTF-8 strings in a
   249    249   ** case-independent fashion, using the same definition of "case
   250    250   ** independence" that SQLite uses internally when comparing identifiers.
   251    251   */
   252    252   int sqlite3_stricmp(const char *zLeft, const char *zRight){
   253    253     register unsigned char *a, *b;
          254  +  if( zLeft==0 ){
          255  +    return zRight ? -1 : 0;
          256  +  }else if( zRight==0 ){
          257  +    return 1;
          258  +  }
   254    259     a = (unsigned char *)zLeft;
   255    260     b = (unsigned char *)zRight;
   256    261     while( *a!=0 && UpperToLower[*a]==UpperToLower[*b]){ a++; b++; }
   257    262     return UpperToLower[*a] - UpperToLower[*b];
   258    263   }
   259    264   int sqlite3_strnicmp(const char *zLeft, const char *zRight, int N){
   260    265     register unsigned char *a, *b;
          266  +  if( zLeft==0 ){
          267  +    return zRight ? -1 : 0;
          268  +  }else if( zRight==0 ){
          269  +    return 1;
          270  +  }
   261    271     a = (unsigned char *)zLeft;
   262    272     b = (unsigned char *)zRight;
   263    273     while( N-- > 0 && *a!=0 && UpperToLower[*a]==UpperToLower[*b]){ a++; b++; }
   264    274     return N<0 ? 0 : UpperToLower[*a] - UpperToLower[*b];
   265    275   }
   266    276   
   267    277   /*

Changes to src/vdbeapi.c.

   962    962   */
   963    963   static const void *columnName(
   964    964     sqlite3_stmt *pStmt,
   965    965     int N,
   966    966     const void *(*xFunc)(Mem*),
   967    967     int useType
   968    968   ){
   969         -  const void *ret = 0;
   970         -  Vdbe *p = (Vdbe *)pStmt;
          969  +  const void *ret;
          970  +  Vdbe *p;
   971    971     int n;
   972         -  sqlite3 *db = p->db;
   973         -  
          972  +  sqlite3 *db;
          973  +#ifdef SQLITE_ENABLE_API_ARMOR
          974  +  if( pStmt==0 ){
          975  +    (void)SQLITE_MISUSE_BKPT;
          976  +    return 0;
          977  +  }
          978  +#endif
          979  +  ret = 0;
          980  +  p = (Vdbe *)pStmt;
          981  +  db = p->db;
   974    982     assert( db!=0 );
   975    983     n = sqlite3_column_count(pStmt);
   976    984     if( N<n && N>=0 ){
   977    985       N += useType*n;
   978    986       sqlite3_mutex_enter(db->mutex);
   979    987       assert( db->mallocFailed==0 );
   980    988       ret = xFunc(&p->aColName[N]);
................................................................................
  1431   1439   ** Return a pointer to the next prepared statement after pStmt associated
  1432   1440   ** with database connection pDb.  If pStmt is NULL, return the first
  1433   1441   ** prepared statement for the database connection.  Return NULL if there
  1434   1442   ** are no more.
  1435   1443   */
  1436   1444   sqlite3_stmt *sqlite3_next_stmt(sqlite3 *pDb, sqlite3_stmt *pStmt){
  1437   1445     sqlite3_stmt *pNext;
         1446  +#ifdef SQLITE_ENABLE_API_ARMOR
         1447  +  if( !sqlite3SafetyCheckOk(pDb) ){
         1448  +    (void)SQLITE_MISUSE_BKPT;
         1449  +    return 0;
         1450  +  }
         1451  +#endif
  1438   1452     sqlite3_mutex_enter(pDb->mutex);
  1439   1453     if( pStmt==0 ){
  1440   1454       pNext = (sqlite3_stmt*)pDb->pVdbe;
  1441   1455     }else{
  1442   1456       pNext = (sqlite3_stmt*)((Vdbe*)pStmt)->pNext;
  1443   1457     }
  1444   1458     sqlite3_mutex_leave(pDb->mutex);
................................................................................
  1446   1460   }
  1447   1461   
  1448   1462   /*
  1449   1463   ** Return the value of a status counter for a prepared statement
  1450   1464   */
  1451   1465   int sqlite3_stmt_status(sqlite3_stmt *pStmt, int op, int resetFlag){
  1452   1466     Vdbe *pVdbe = (Vdbe*)pStmt;
  1453         -  u32 v = pVdbe->aCounter[op];
         1467  +  u32 v;
         1468  +#ifdef SQLITE_ENABLE_API_ARMOR
         1469  +  if( !pStmt ){
         1470  +    (void)SQLITE_MISUSE_BKPT;
         1471  +    return 0;
         1472  +  }
         1473  +#endif
         1474  +  v = pVdbe->aCounter[op];
  1454   1475     if( resetFlag ) pVdbe->aCounter[op] = 0;
  1455   1476     return (int)v;
  1456   1477   }

Changes to src/vdbeblob.c.

   149    149   
   150    150     int rc = SQLITE_OK;
   151    151     char *zErr = 0;
   152    152     Table *pTab;
   153    153     Parse *pParse = 0;
   154    154     Incrblob *pBlob = 0;
   155    155   
          156  +#ifdef SQLITE_ENABLE_API_ARMOR
          157  +  if( !sqlite3SafetyCheckOk(db) || ppBlob==0 || zTable==0 ){
          158  +    return SQLITE_MISUSE_BKPT;
          159  +  }
          160  +#endif
   156    161     flags = !!flags;                /* flags = (flags ? 1 : 0); */
   157    162     *ppBlob = 0;
   158    163   
   159    164     sqlite3_mutex_enter(db->mutex);
   160    165   
   161    166     pBlob = (Incrblob *)sqlite3DbMallocZero(db, sizeof(Incrblob));
   162    167     if( !pBlob ) goto blob_open_out;

Changes to src/vtab.c.

    77     77   */
    78     78   int sqlite3_create_module(
    79     79     sqlite3 *db,                    /* Database in which module is registered */
    80     80     const char *zName,              /* Name assigned to this module */
    81     81     const sqlite3_module *pModule,  /* The definition of the module */
    82     82     void *pAux                      /* Context pointer for xCreate/xConnect */
    83     83   ){
           84  +#ifdef SQLITE_ENABLE_API_ARMOR
           85  +  if( !sqlite3SafetyCheckOk(db) || zName==0 ) return SQLITE_MISUSE_BKPT;
           86  +#endif
    84     87     return createModule(db, zName, pModule, pAux, 0);
    85     88   }
    86     89   
    87     90   /*
    88     91   ** External API function used to create a new virtual-table module.
    89     92   */
    90     93   int sqlite3_create_module_v2(
    91     94     sqlite3 *db,                    /* Database in which module is registered */
    92     95     const char *zName,              /* Name assigned to this module */
    93     96     const sqlite3_module *pModule,  /* The definition of the module */
    94     97     void *pAux,                     /* Context pointer for xCreate/xConnect */
    95     98     void (*xDestroy)(void *)        /* Module destructor function */
    96     99   ){
          100  +#ifdef SQLITE_ENABLE_API_ARMOR
          101  +  if( !sqlite3SafetyCheckOk(db) || zName==0 ) return SQLITE_MISUSE_BKPT;
          102  +#endif
    97    103     return createModule(db, zName, pModule, pAux, xDestroy);
    98    104   }
    99    105   
   100    106   /*
   101    107   ** Lock the virtual table so that it cannot be disconnected.
   102    108   ** Locks nest.  Every lock should have a corresponding unlock.
   103    109   ** If an unlock is omitted, resources leaks will occur.  
................................................................................
   694    700   int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){
   695    701     Parse *pParse;
   696    702   
   697    703     int rc = SQLITE_OK;
   698    704     Table *pTab;
   699    705     char *zErr = 0;
   700    706   
          707  +#ifdef SQLITE_ENABLE_API_ARMOR
          708  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
          709  +#endif
   701    710     sqlite3_mutex_enter(db->mutex);
   702    711     if( !db->pVtabCtx || !(pTab = db->pVtabCtx->pTab) ){
   703    712       sqlite3Error(db, SQLITE_MISUSE);
   704    713       sqlite3_mutex_leave(db->mutex);
   705    714       return SQLITE_MISUSE_BKPT;
   706    715     }
   707    716     assert( (pTab->tabFlags & TF_Virtual)!=0 );
................................................................................
  1050   1059   ** The results of this routine are undefined unless it is called from
  1051   1060   ** within an xUpdate method.
  1052   1061   */
  1053   1062   int sqlite3_vtab_on_conflict(sqlite3 *db){
  1054   1063     static const unsigned char aMap[] = { 
  1055   1064       SQLITE_ROLLBACK, SQLITE_ABORT, SQLITE_FAIL, SQLITE_IGNORE, SQLITE_REPLACE 
  1056   1065     };
         1066  +#ifdef SQLITE_ENABLE_API_ARMOR
         1067  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
         1068  +#endif
  1057   1069     assert( OE_Rollback==1 && OE_Abort==2 && OE_Fail==3 );
  1058   1070     assert( OE_Ignore==4 && OE_Replace==5 );
  1059   1071     assert( db->vtabOnConflict>=1 && db->vtabOnConflict<=5 );
  1060   1072     return (int)aMap[db->vtabOnConflict-1];
  1061   1073   }
  1062   1074   
  1063   1075   /*
................................................................................
  1065   1077   ** the SQLite core with additional information about the behavior
  1066   1078   ** of the virtual table being implemented.
  1067   1079   */
  1068   1080   int sqlite3_vtab_config(sqlite3 *db, int op, ...){
  1069   1081     va_list ap;
  1070   1082     int rc = SQLITE_OK;
  1071   1083   
         1084  +#ifdef SQLITE_ENABLE_API_ARMOR
         1085  +  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
         1086  +#endif
  1072   1087     sqlite3_mutex_enter(db->mutex);
  1073         -
  1074   1088     va_start(ap, op);
  1075   1089     switch( op ){
  1076   1090       case SQLITE_VTAB_CONSTRAINT_SUPPORT: {
  1077   1091         VtabCtx *p = db->pVtabCtx;
  1078   1092         if( !p ){
  1079   1093           rc = SQLITE_MISUSE_BKPT;
  1080   1094         }else{