mirror of
https://github.com/sqlite/sqlite.git
synced 2025-08-07 02:42:48 +03:00
Ensure that super-journal and other journal filenames passed by SQLite to an sqlite3_vfs.xOpen() implementation may be safely passed to sqlite3_uri_parameter() and similar functions.
FossilOrigin-Name: 6a28713d59cde0882c3508160347c2ea18c7c4e9bfd1b053103af2d5e12a144c
This commit is contained in:
dan
14
manifest
14
manifest
@@ -1,5 +1,5 @@
|
|||||||
C Remove\sthe\sVERSION_NUMBER\smacro\sfrom\sconfigure.ac\sas\sit\shas\sbeen\sunused\nsince\s2009\scheck-in\s[7f4810747b086498].\s\sSee\salso\n[forum:/forumpost/bb2c634fcd|forum\spost\sbb2c634fcd].
|
C Ensure\sthat\ssuper-journal\sand\sother\sjournal\sfilenames\spassed\sby\sSQLite\sto\san\ssqlite3_vfs.xOpen()\simplementation\smay\sbe\ssafely\spassed\sto\ssqlite3_uri_parameter()\sand\ssimilar\sfunctions.
|
||||||
D 2020-11-24T13:14:15.912
|
D 2020-11-24T16:44:09.691
|
||||||
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
|
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
|
||||||
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
|
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
|
||||||
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
|
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
|
||||||
@@ -526,7 +526,7 @@ F src/os_setup.h 0dbaea40a7d36bf311613d31342e0b99e2536586
|
|||||||
F src/os_unix.c adbbcea4c63d3b400d405f60a5da4c01433753ec4a12e2dc695beb2bbd671fe9
|
F src/os_unix.c adbbcea4c63d3b400d405f60a5da4c01433753ec4a12e2dc695beb2bbd671fe9
|
||||||
F src/os_win.c 77d39873836f1831a9b0b91894fec45ab0e9ca8e067dc8c549e1d1eca1566fe9
|
F src/os_win.c 77d39873836f1831a9b0b91894fec45ab0e9ca8e067dc8c549e1d1eca1566fe9
|
||||||
F src/os_win.h 7b073010f1451abe501be30d12f6bc599824944a
|
F src/os_win.h 7b073010f1451abe501be30d12f6bc599824944a
|
||||||
F src/pager.c 3700a1c55427a3d4168ad1f1b8a8b0cb9ace1d107e4506e30a8f1e66d8a1195e
|
F src/pager.c abad00616c86498159e817f44eb8d459d81ce9f2c3c9e38adfd7d354aa521df7
|
||||||
F src/pager.h 4bf9b3213a4b2bebbced5eaa8b219cf25d4a82f385d093cd64b7e93e5285f66f
|
F src/pager.h 4bf9b3213a4b2bebbced5eaa8b219cf25d4a82f385d093cd64b7e93e5285f66f
|
||||||
F src/parse.y 9ce4dfb772608ed5bd3c32f33e943e021e3b06cfd2c01932d4280888fdd2ebed
|
F src/parse.y 9ce4dfb772608ed5bd3c32f33e943e021e3b06cfd2c01932d4280888fdd2ebed
|
||||||
F src/pcache.c 385ff064bca69789d199a98e2169445dc16e4291fa807babd61d4890c3b34177
|
F src/pcache.c 385ff064bca69789d199a98e2169445dc16e4291fa807babd61d4890c3b34177
|
||||||
@@ -1886,7 +1886,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
|
|||||||
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
|
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
|
||||||
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
|
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
|
||||||
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
|
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
|
||||||
P 4f1573b146193e5d552981a9d1d11e50da4da4a843f790e4af1cf0cc19a0b020
|
P 5466dd55d4aa15fd96f00b6e205dfb868879357a476df7ffd29b97bb570629a5
|
||||||
R ee9c2fcf93cfb72a42ce6077b49b4f8c
|
R 32be1cbc6f93fed343ef5cfb6f785cd6
|
||||||
U drh
|
U dan
|
||||||
Z f6a9d9cdd431b472fbbcfa7c1c30b581
|
Z edd6dd37f1d36c213572a037d65e2e50
|
||||||
|
|||||||
@@ -1 +1 @@
|
|||||||
5466dd55d4aa15fd96f00b6e205dfb868879357a476df7ffd29b97bb570629a5
|
6a28713d59cde0882c3508160347c2ea18c7c4e9bfd1b053103af2d5e12a144c
|
||||||
15
src/pager.c
15
src/pager.c
@@ -2486,6 +2486,7 @@ static int pager_delsuper(Pager *pPager, const char *zSuper){
|
|||||||
i64 nSuperJournal; /* Size of super-journal file */
|
i64 nSuperJournal; /* Size of super-journal file */
|
||||||
char *zJournal; /* Pointer to one journal within MJ file */
|
char *zJournal; /* Pointer to one journal within MJ file */
|
||||||
char *zSuperPtr; /* Space to hold super-journal filename */
|
char *zSuperPtr; /* Space to hold super-journal filename */
|
||||||
|
char *zFree = 0; /* Free this buffer */
|
||||||
int nSuperPtr; /* Amount of space allocated to zSuperPtr[] */
|
int nSuperPtr; /* Amount of space allocated to zSuperPtr[] */
|
||||||
|
|
||||||
/* Allocate space for both the pJournal and pSuper file descriptors.
|
/* Allocate space for both the pJournal and pSuper file descriptors.
|
||||||
@@ -2510,7 +2511,9 @@ static int pager_delsuper(Pager *pPager, const char *zSuper){
|
|||||||
rc = sqlite3OsFileSize(pSuper, &nSuperJournal);
|
rc = sqlite3OsFileSize(pSuper, &nSuperJournal);
|
||||||
if( rc!=SQLITE_OK ) goto delsuper_out;
|
if( rc!=SQLITE_OK ) goto delsuper_out;
|
||||||
nSuperPtr = pVfs->mxPathname+1;
|
nSuperPtr = pVfs->mxPathname+1;
|
||||||
zSuperJournal = sqlite3Malloc(nSuperJournal + nSuperPtr + 2);
|
zFree = sqlite3Malloc(4 + nSuperJournal + nSuperPtr + 2);
|
||||||
|
zFree[0] = zFree[1] = zFree[2] = zFree[3] = 0;
|
||||||
|
zSuperJournal = &zFree[4];
|
||||||
if( !zSuperJournal ){
|
if( !zSuperJournal ){
|
||||||
rc = SQLITE_NOMEM_BKPT;
|
rc = SQLITE_NOMEM_BKPT;
|
||||||
goto delsuper_out;
|
goto delsuper_out;
|
||||||
@@ -2562,7 +2565,7 @@ static int pager_delsuper(Pager *pPager, const char *zSuper){
|
|||||||
rc = sqlite3OsDelete(pVfs, zSuper, 0);
|
rc = sqlite3OsDelete(pVfs, zSuper, 0);
|
||||||
|
|
||||||
delsuper_out:
|
delsuper_out:
|
||||||
sqlite3_free(zSuperJournal);
|
sqlite3_free(zFree);
|
||||||
if( pSuper ){
|
if( pSuper ){
|
||||||
sqlite3OsClose(pSuper);
|
sqlite3OsClose(pSuper);
|
||||||
assert( !isOpen(pJournal) );
|
assert( !isOpen(pJournal) );
|
||||||
@@ -2900,7 +2903,11 @@ end_playback:
|
|||||||
pPager->changeCountDone = pPager->tempFile;
|
pPager->changeCountDone = pPager->tempFile;
|
||||||
|
|
||||||
if( rc==SQLITE_OK ){
|
if( rc==SQLITE_OK ){
|
||||||
zSuper = pPager->pTmpSpace;
|
/* Leave 4 bytes of space before the super-journal filename in memory.
|
||||||
|
** This is because it may end up being passed to sqlite3OsOpen(), in
|
||||||
|
** which case it requires 4 0x00 bytes in memory immediately before
|
||||||
|
** the filename. */
|
||||||
|
zSuper = &pPager->pTmpSpace[4];
|
||||||
rc = readSuperJournal(pPager->jfd, zSuper, pPager->pVfs->mxPathname+1);
|
rc = readSuperJournal(pPager->jfd, zSuper, pPager->pVfs->mxPathname+1);
|
||||||
testcase( rc!=SQLITE_OK );
|
testcase( rc!=SQLITE_OK );
|
||||||
}
|
}
|
||||||
@@ -2917,6 +2924,8 @@ end_playback:
|
|||||||
/* If there was a super-journal and this routine will return success,
|
/* If there was a super-journal and this routine will return success,
|
||||||
** see if it is possible to delete the super-journal.
|
** see if it is possible to delete the super-journal.
|
||||||
*/
|
*/
|
||||||
|
assert( zSuper==&pPager->pTmpSpace[4] );
|
||||||
|
memset(&zSuper[-4], 0, 4);
|
||||||
rc = pager_delsuper(pPager, zSuper);
|
rc = pager_delsuper(pPager, zSuper);
|
||||||
testcase( rc!=SQLITE_OK );
|
testcase( rc!=SQLITE_OK );
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user