Skip to content

Commit b7c53c8

Browse files
committed
Support pragma_migrate with keys containing non-terminating zero bytes
1 parent 4f5a821 commit b7c53c8

2 files changed

Lines changed: 38 additions & 15 deletions

File tree

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ All notable changes to this project will be documented in this file.
44
## [4.2.0] - (May 2019 - [4.2.0 changes])
55
- Adds PRAGMA cipher_integrity_check to perform independent verification of page HMACs
66
- Updates baseline to upstream SQLite 3.28.0
7+
- Improves PRAGMA cipher_migrate to handle keys containing non-terminating zero bytes
78

89
## [4.1.0] - (March 2019 - [4.1.0 changes])
910
- Defer reading salt from header until key derivation is triggered

src/crypto_impl.c

Lines changed: 37 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1334,7 +1334,6 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
13341334
const char *db_filename = sqlite3_db_filename(db, "main");
13351335
char *set_user_version = NULL, *pass = NULL, *attach_command = NULL, *migrated_db_filename = NULL, *keyspec = NULL, *temp = NULL, *journal_mode = NULL, *set_journal_mode = NULL, *pragma_compat = NULL;
13361336
Btree *pDest = NULL, *pSrc = NULL;
1337-
const char* commands[5];
13381337
sqlite3_file *srcfile, *destfile;
13391338
#if defined(_WIN32) || defined(SQLITE_OS_WINRT)
13401339
LPWSTR w_db_filename = NULL, w_migrated_db_filename = NULL;
@@ -1381,23 +1380,46 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
13811380
memcpy(migrated_db_filename, temp, sqlite3Strlen30(temp));
13821381
sqlcipher_free(temp, sqlite3Strlen30(temp));
13831382

1384-
attach_command = sqlite3_mprintf("ATTACH DATABASE '%s' as migrate KEY '%q';", migrated_db_filename, pass);
1383+
attach_command = sqlite3_mprintf("ATTACH DATABASE '%s' as migrate;", migrated_db_filename, pass);
13851384
set_user_version = sqlite3_mprintf("PRAGMA migrate.user_version = %d;", user_version);
13861385

1387-
commands[0] = pragma_compat;
1388-
commands[1] = "PRAGMA journal_mode = delete;"; /* force journal mode to DELETE, we will set it back later if different */
1389-
commands[2] = attach_command;
1390-
commands[3] = "SELECT sqlcipher_export('migrate');";
1391-
commands[4] = set_user_version;
1392-
1393-
for(i = 0; i < ArraySize(commands); i++){
1394-
rc = sqlite3_exec(db, commands[i], NULL, NULL, NULL);
1395-
if(rc != SQLITE_OK){
1396-
CODEC_TRACE("migration step %d failed error code %d\n", i, rc);
1397-
goto handle_error;
1398-
}
1386+
rc = sqlite3_exec(db, pragma_compat, NULL, NULL, NULL);
1387+
if(rc != SQLITE_OK){
1388+
CODEC_TRACE("set compatibility mode failed, error code %d\n", rc);
1389+
goto handle_error;
13991390
}
1400-
1391+
1392+
/* force journal mode to DELETE, we will set it back later if different */
1393+
rc = sqlite3_exec(db, "PRAGMA journal_mode = delete;", NULL, NULL, NULL);
1394+
if(rc != SQLITE_OK){
1395+
CODEC_TRACE("force journal mode DELETE failed, error code %d\n", rc);
1396+
goto handle_error;
1397+
}
1398+
1399+
rc = sqlite3_exec(db, attach_command, NULL, NULL, NULL);
1400+
if(rc != SQLITE_OK){
1401+
CODEC_TRACE("attach failed, error code %d\n", rc);
1402+
goto handle_error;
1403+
}
1404+
1405+
rc = sqlite3_key_v2(db, "migrate", pass, pass_sz);
1406+
if(rc != SQLITE_OK){
1407+
CODEC_TRACE("keying attached database failed, error code %d\n", rc);
1408+
goto handle_error;
1409+
}
1410+
1411+
rc = sqlite3_exec(db, "SELECT sqlcipher_export('migrate');", NULL, NULL, NULL);
1412+
if(rc != SQLITE_OK){
1413+
CODEC_TRACE("sqlcipher_export failed, error code %d\n", rc);
1414+
goto handle_error;
1415+
}
1416+
1417+
rc = sqlite3_exec(db, set_user_version, NULL, NULL, NULL);
1418+
if(rc != SQLITE_OK){
1419+
CODEC_TRACE("set user version failed, error code %d\n", rc);
1420+
goto handle_error;
1421+
}
1422+
14011423
if( !db->autoCommit ){
14021424
CODEC_TRACE("cannot migrate from within a transaction");
14031425
goto handle_error;

0 commit comments

Comments
 (0)