Add documentation to sqlite3_get/set_clientdata() to make it clear that these

are security-sensitive interfaces that should not be exposed to potential
attackers.

FossilOrigin-Name: 2837061d66672a0a73c3fd2ff35ce0e1a66ee6d5365be25d4cc0ccba170c3665

diff --git a/manifest b/manifest
index 9d593d485e015f6618c1b979ee32d23398404ac2..588e3f56153e5d55ac38167f0633487499292ee5 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Optimize\ssqlite3_get/set_clientdata()\sfor\sthe\spresumably\scommon\scase\sof\sa\sstatic\sstring\spointer.
-D 2023-09-02T08:04:56.497
+C Add\sdocumentation\sto\ssqlite3_get/set_clientdata()\sto\smake\sit\sclear\sthat\sthese\nare\ssecurity-sensitive\sinterfaces\sthat\sshould\snot\sbe\sexposed\sto\spotential\nattackers.
+D 2023-09-06T17:07:53.343
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -707,7 +707,7 @@ F src/resolve.c 37953a5f36c60bea413c3c04efcd433b6177009f508ef2ace0494728912fe2e9
 F src/rowset.c 8432130e6c344b3401a8874c3cb49fefe6873fec593294de077afea2dce5ec97
 F src/select.c 5f545a2c8702d4d3430bbb188cfec47d6c122d899061ef00cbe56af14591c574
 F src/shell.c.in 2f9be25294b68b07e7e81f0adcec4475aba6011b64f160e414efe226910c4d7b
-F src/sqlite.h.in 7dbea32976fb18740214edc314253c902e127dac7645a705e566644ed4aa5ef5
+F src/sqlite.h.in 1683783c7639ac73378d1a705be6faf115c374c6c3c102412642d43c9eaed74d
 F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
 F src/sqlite3ext.h 2f30b2671f4c03cd27a43f039e11251391066c97d11385f5f963bb40b03038ac
 F src/sqliteInt.h 985a09af9a8ce7862318ff77550b9b172e684b5a10e55dd96796e08e48f6dbca
@@ -2115,8 +2115,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 443ea20ddb0f3bf5d77ef59cd4678f0e32d7da328002bb44d6fc080a53a37e29
-R 296f08550097c4b7507cdcac1545a235
-U stephan
-Z 18c0164302708bbf7ef418d7eac59c3e
+P 84e38341aeab4fd51690e8536d0101d00e3fb11cc50ebcff05ed219c98328872
+R ba107aa1186f8a45aa47c9a536cfe51b
+U drh
+Z 0b41bcf28b9ce0b44f7baeffddd8bf46
 # Remove this line to create a well-formed Fossil manifest.

diff --git a/manifest.uuid b/manifest.uuid
index 9e693a411aaf9be67022dfa1f84b35b6a1d4ea8d..ce51826a5506dcea67ae100e2a425bcaf368df1b 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-84e38341aeab4fd51690e8536d0101d00e3fb11cc50ebcff05ed219c98328872
\ No newline at end of file
+2837061d66672a0a73c3fd2ff35ce0e1a66ee6d5365be25d4cc0ccba170c3665
\ No newline at end of file

diff --git a/src/sqlite.h.in b/src/sqlite.h.in
index dd1685db89c2ae62ce97098494c0ac9e41e451b4..43f45555e0a6cb599d90a2efded68436ac52cbae 100644 (file)
--- a/src/sqlite.h.in
+++ b/src/sqlite.h.in
@@ -5975,11 +5975,16 @@ void sqlite3_set_auxdata(sqlite3_context*, int N, void*, void (*)(void*));
 ** Applications and wrapper libraries are discouraged from using more than
 ** one client data name each.
 **
-** There is (currently) no way to enumerate the client data pointers
+** There is no way to enumerate the client data pointers
 ** associated with a database connection.  The N parameter can be thought
 ** of as a secret key such that only code that knows the secret key is able
 ** to access the associated data.
 **
+** Security Warning:  These interfaces should not be exposed in scripting
+** languages or in other circumstances where it might be possible for an
+** an attacker to invoke them.  Any agent that can invoke these interfaces
+** can probably also take control of the process.
+** 
 ** Database connection client data is only available for SQLite
 ** version 3.44.0 ([dateof:3.44.0]) and later.
 **