Skip to content

Commit c3f6cf1

Browse files
sjlombardosjlombardo
committed
null termination of key value
1 parent dce806a commit c3f6cf1

File tree

1 file changed

+16
-7
lines changed

1 file changed

+16
-7
lines changed

src/crypto_impl.c

Lines changed: 16 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -883,7 +883,8 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
883883
char *query_sqlite_master = "SELECT count(*) from sqlite_master;";
884884
char *pragma_hmac_off = "PRAGMA cipher_use_hmac = OFF;";
885885
char *pragma_4k_kdf_iter = "PRAGMA kdf_iter = 4000;";
886-
char *key = ctx->read_ctx->pass;
886+
char *key;
887+
int key_sz;
887888
int upgrade_1x_format = 0;
888889
int upgrade_4k_format = 0;
889890
sqlite3 *test;
@@ -896,6 +897,11 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
896897
BTREE_APPLICATION_ID, 0, /* Preserve the application id */
897898
};
898899

900+
key_sz = ctx->read_ctx->pass_sz + 1;
901+
key = sqlcipher_malloc(key_sz);
902+
memset(key, 0, key_sz);
903+
memcpy(key, ctx->read_ctx->pass, ctx->read_ctx->pass_sz);
904+
899905
if(db_filename){
900906

901907
char *attach_command = sqlite3_mprintf("ATTACH DATABASE '%s-migrated' as migrate KEY '%s';",
@@ -908,18 +914,18 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
908914
}
909915

910916
// check for 1x format
911-
rc = sqlcipher_check_connection(db_filename, key, pragma_hmac_off);
912-
if(rc == SQLITE_OK) {
913-
upgrade_1x_format = 1;
914-
}
917+
//rc = sqlcipher_check_connection(db_filename, key, pragma_hmac_off);
918+
//if(rc == SQLITE_OK) {
919+
// upgrade_1x_format = 1;
920+
//}
915921

916-
// check for 4k format
922+
// Version 2 - check for 4k with hmac format
917923
rc = sqlcipher_check_connection(db_filename, key, pragma_4k_kdf_iter);
918924
if(rc == SQLITE_OK) {
919925
upgrade_4k_format = 1;
920926
}
921927

922-
// check both 1x and 4k together
928+
// Version 1 - check both no hmac and 4k together
923929
char *pragma_1x_and_4k = sqlite3_mprintf("%s%s", pragma_hmac_off,
924930
pragma_4k_kdf_iter);
925931
rc = sqlcipher_check_connection(db_filename, key, pragma_1x_and_4k);
@@ -929,6 +935,8 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
929935
upgrade_4k_format = 1;
930936
}
931937

938+
if(upgrade_1x_format == 0 || upgrade_4k_format == 0) goto handle_error;
939+
932940
const char *commands[] = {
933941
upgrade_4k_format == 1 ? pragma_4k_kdf_iter : "",
934942
upgrade_1x_format == 1 ? pragma_hmac_off : "",
@@ -946,6 +954,7 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
946954
}
947955
}
948956
sqlite3_free(attach_command);
957+
sqlcipher_free(key, key_sz);
949958

950959
if(rc == SQLITE_OK){
951960
if( !db->autoCommit ){

0 commit comments

Comments
 (0)