Index: ext/zonefile/zonefile.c ================================================================== --- ext/zonefile/zonefile.c +++ ext/zonefile/zonefile.c @@ -103,11 +103,12 @@ ** application may append a more functional implementation of the following ** type and functions to this file before compiling it with ** SQLITE_HAVE_ZONEFILE_CODEC defined. */ typedef struct ZonefileCodec ZonefileCodec; -static int zonefileCodecCreate(int,unsigned char*,int,ZonefileCodec**,char**); +static int zonefileCodecCreate( + int,int,unsigned char*,int,ZonefileCodec**,char**); static int zonefileCodecNonceSize(ZonefileCodec*); static void zonefileCodecEncode(ZonefileCodec*, unsigned char*, int); static void zonefileCodecDecode(ZonefileCodec*, unsigned char*, int); static void zonefileCodecDestroy(ZonefileCodec*); @@ -114,10 +115,11 @@ #ifndef SQLITE_HAVE_ZONEFILE_CODEC typedef struct ZonefileCodec ZonefileCodec; struct ZonefileCodec { u8 aKey[16]; + int bEncrypt; /* Second parameter passed to Create() */ }; /* Create a new encryption module instance using algorithm iAlg. ** ** iAlg==1 AES128 CTR @@ -131,10 +133,11 @@ ** ** Use zonefileCodecDestroy() to reclaim memory. */ static int zonefileCodecCreate( int iAlg, + int bEncrypt, /* True for encryption, zero for decryption */ unsigned char *pKey, int nKey, ZonefileCodec **pp, char **pzErr ){ ZonefileCodec *pRet; @@ -150,10 +153,11 @@ }else{ int i; for(i=0; iaKey); i++){ pRet->aKey[i] = pKey[i % nKey]; } + pRet->bEncrypt = bEncrypt; } } return rc; } @@ -174,10 +178,11 @@ ZonefileCodec *pCodec, unsigned char *pIn, int nIn ){ int i; u8 *aNonce = &pIn[nIn]; + assert( pCodec->bEncrypt ); sqlite3_randomness(16, aNonce); for(i=0; iaKey[i%16]; } } @@ -191,10 +196,11 @@ ZonefileCodec *pCodec, unsigned char *pIn, int nIn ){ int i; u8 *aNonce = &pIn[nIn-16]; + assert( pCodec->bEncrypt==0 ); for(i=0; iaKey[i%16]; } } @@ -1122,11 +1128,11 @@ if( zonefileGetParams(pCtx, zJson, &sParam) ) return; if( sParam.encryptionType!=0 ){ int n = strlen(sParam.encryptionKey); rc = zonefileCodecCreate( - sParam.encryptionType, (u8*)sParam.encryptionKey, n, &pCodec, &zErr + sParam.encryptionType, 1, (u8*)sParam.encryptionKey, n, &pCodec, &zErr ); if( rc!=SQLITE_OK ){ if( zErr ){ sqlite3_result_error(pCtx, zErr, -1); }else{ @@ -2583,11 +2589,11 @@ int n = zonefileKeyFind(pTab->pGlobal, pTab->zDb, pTab->zName, iFile, &z); if( n==0 ){ zErr = sqlite3_mprintf("missing encryption key for file \"%s\"", zFile); rc = SQLITE_ERROR; }else{ - rc = zonefileCodecCreate(hdr.encryptionType, (u8*)z, n, &pCodec, &zErr); + rc = zonefileCodecCreate(hdr.encryptionType, 0, (u8*)z,n,&pCodec,&zErr); } } /* Read some data into memory. */ if( rc==SQLITE_OK ){ Index: ext/zonefile/zonefile1.test ================================================================== --- ext/zonefile/zonefile1.test +++ ext/zonefile/zonefile1.test @@ -624,8 +624,14 @@ do_execsql_test 11.1.$i { SELECT data.v=nm.v FROM data,nm WHERE data.k=$id AND nm.k=$id } 1 incr i } + +if {[file exists /dev/null]} { + do_catchsql_test 11.2 { + INSERT INTO nm_files(filename) VALUES('/dev/null'); + } {1 {failed to read zonefile header from file "/dev/null"}} +} finish_test