kalikaneko
commented
9 years ago interesting, maybe some kind of validation might be in order. do you have a minimal example able to reproduce this?
Open minorsecond opened 9 years ago
kalikaneko
commented
9 years ago interesting, maybe some kind of validation might be in order. do you have a minimal example able to reproduce this?
minorsecond
commented
9 years ago I've got a gist I put up when asking someone else. I can create a DB and post it if necessary. Note that when running with encryption enabled, the code creates a plaintext DB (can hexdump and read columns) with no row entries.
minorsecond
commented
9 years ago Pysqlcipher seems to work when runnitng it without sqlalchemy, so I believe sqlalchemy is doing something with the key that pysqlcipher doesn't like. Do you know of any formatting or type issues that could throw an error?
kalikaneko
commented
9 years ago Hmm it seems that what's producing the segfault is setting the cipher pragma. If you don't set cipher using sqlalchemy it doesn't segfault.
This snippet reproduces the crash:
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from pysqlcipher import dbapi2 as sqlite
conn = sqlite.connect('test.db')
c = conn.cursor()
c.execute("PRAGMA key='test'")
print "Setting cipher pragma"
c.execute("PRAGMA cipher='breakme'")It looks like EVP_CIPHER_key_length () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0 is indeed receiving malformed input. I'd try to recreate the segfault using libsqlcipher and ping upstream sqlcipher devs.
I apologize if this issue is with SQLCipher or Openssl vs. pysqlcipher...
When attempting to query a table, libcrypto.so.1.0.0 segfaults. Stacktace is here. I haven't really been able to find any info as to what's causing this issue but it looks like something malformed may be being passed to EVP_CIPHER_key_length ().