search

utelle / SQLite3MultipleCiphers

SQLite3 encryption extension with support for multiple ciphers
https://utelle.github.io/SQLite3MultipleCiphers/
MIT License
390 stars 73 forks source link

sqlite3_key crashes with a NULL pointer (with #DEFINEs) #90

Closed anperch closed 2 years ago

anperch commented 2 years ago

Hi,

I have used this #define configuration in my applications till now.

HAVE_CIPHER_AES_128_CBC=0 HAVE_CIPHER_AES_256_CBC=0 HAVE_CIPHER_SQLCIPHER=0 HAVE_CIPHER_RC4=0 HAVE_CIPHER_CHACHA20=1 CODEC_TYPE=CODEC_TYPE_CHACHA20

With 1.5.1, sqlite3_key crashes with a NULL pointer (both VS22 and gcc).

Call stack :

.exe!sqlite3mcGetCipherParameter(_CipherParams cipherParams, const char paramName) Line 39 C .exe!AllocateChaCha20Cipher(sqlite3 db) Line 73 C .exe!sqlite3mcCodecSetup(_Codec codec, int cipherType, char userPassword, int passwordLength) Line 251 C .exe!sqlite3mcCodecAttach(sqlite3 db, int nDb, const char zKey, const void nKey, int) Line 280 C .exe!sqlite3_key_v2(sqlite3 db, const char zDbName, const void * zKey, int nKey) Line 359 C

At some point, sqlite3mcGetCipherParams returns a NULL cipherParams pointer that is passed to sqlite3mcGetCipherParameter.

static void AllocateChaCha20Cipher(sqlite3 db) { ChaCha20Cipher chacha20Cipher = (ChaCha20Cipher) sqlite3_malloc(sizeof(ChaCha20Cipher)); if (chacha20Cipher != NULL) { memset(chacha20Cipher, 0, sizeof(ChaCha20Cipher)); chacha20Cipher->m_keyLength = KEYLENGTH_CHACHA20; memset(chacha20Cipher->m_key, 0, KEYLENGTH_CHACHA20); memset(chacha20Cipher->m_salt, 0, SALTLENGTH_CHACHA20); } if (chacha20Cipher != NULL) { CipherParams* cipherParams = sqlite3mcGetCipherParams(db, CODEC_TYPE_CHACHA20); <<<<========= cipherParams is NULL at some point chacha20Cipher->m_legacy = sqlite3mcGetCipherParameter(cipherParams, "legacy"); <<<<========= cipherParams used without a NULL check chacha20Cipher->m_legacyPageSize = sqlite3mcGetCipherParameter(cipherParams, "legacy_page_size"); chacha20Cipher->m_kdfIter = sqlite3mcGetCipherParameter(cipherParams, "kdf_iter"); if (chacha20Cipher->m_legacy != 0) { chacha20Cipher->m_kdfIter = SQLEET_KDF_ITER; } } return chacha20Cipher; }

Can you reproduce ?

utelle commented 2 years ago

Thanks for reporting. I will take a closer look later today. Most likely I forgot to adjust the code for configuration parameter retrieval to the new cipher scheme registration approach.

utelle commented 2 years ago

Commit 1be5782e259b8433f525d219ffca61cdb0a3ff05 should fix the issue.

anperch commented 2 years ago

It seems ok, no more crash. Thanks !