From: dan Date: Wed, 24 Jun 2026 19:28:55 +0000 (+0000) Subject: When rolling back a journal that contains a super-journal pointer, only attempt to... X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=27ab7ff6067bfd805b3da745d94b06a26f4f2d18;p=thirdparty%2Fsqlite.git When rolling back a journal that contains a super-journal pointer, only attempt to unlink the super-journal if (a) the filename looks like one that SQLite might have generated, and (b) the super-journal contains the name of the journal being rolled back. This is to limit the extent to which SQLite can be caused to delete arbitrary files by supplying it with a crafted hot-journal. Report [bugs:/info/2026-06-24T14:18:00Z | 2026-06-24T14:18:00Z]. FossilOrigin-Name: 6d8da8861c8ccbfdbe838587dc2f5ef1817bc0af4a6167940446ee7bdc53955c --- 27ab7ff6067bfd805b3da745d94b06a26f4f2d18 diff --cc manifest index 2da82098b0,c9cc521dcd..c9d10ffa46 --- a/manifest +++ b/manifest @@@ -1,5 -1,5 +1,5 @@@ - C Avoid\strying\sto\sdelete\sa\sdatabase\sfile\swhile\sit\sis\sstill\sopen\sin\sbackup5.test. - D 2026-06-24T14:17:52.488 -C Update\smjournal.test\sso\sthat\sit\sworks\son\swindows. -D 2026-06-24T19:07:30.555 ++C When\srolling\sback\sa\sjournal\sthat\scontains\sa\ssuper-journal\spointer,\sonly\sattempt\sto\sunlink\sthe\ssuper-journal\sif\s(a)\sthe\sfilename\slooks\slike\sone\sthat\sSQLite\smight\shave\sgenerated,\sand\s(b)\sthe\ssuper-journal\scontains\sthe\sname\sof\sthe\sjournal\sbeing\srolled\sback.\sThis\sis\sto\slimit\sthe\sextent\sto\swhich\sSQLite\scan\sbe\scaused\sto\sdelete\sarbitrary\sfiles\sby\ssupplying\sit\swith\sa\scrafted\shot-journal.\sReport\s[bugs:/info/2026-06-24T14:18:00Z\s|\s2026-06-24T14:18:00Z]. ++D 2026-06-24T19:28:55.897 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea @@@ -2208,8 -2208,8 +2208,9 @@@ F tool/warnings-clang.sh bbf6a1e685e534 F tool/warnings.sh a554d13f6e5cf3760f041b87939e3d616ec6961859c3245e8ef701d1eafc2ca2 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f F tool/winmain.c 00c8fb88e365c9017db14c73d3c78af62194d9644feaf60e220ab0f411f3604c - P 5482548b6bca2827246cd2cc928c89a953365da5ebe42d3a2876371ec6880f1b - R b0d4c11e49460a97cc1177e498ab6558 -P c768be03d4885557c9520c37e3cecbf5647d358a87cd34948578a4a0a8a59a5e ++P 395cbed103af08e3a4fafd9a3041205535e019d4aeb58b46c4a7e4f3bca545c9 6007b5c2d3c27a4597631914d4114b626ba647954ecfb381de67d4cf27d31ccd + R b8dfcb508ec4348b454064a355f65e92 ++T +closed 6007b5c2d3c27a4597631914d4114b626ba647954ecfb381de67d4cf27d31ccd U dan - Z d794be864d6f3f101d67593b1a8e2b43 -Z 72ce813b36b10ffea83f4eb33dc152de ++Z 3c15f5ed294490c5b31181679891e2fa # Remove this line to create a well-formed Fossil manifest. diff --cc manifest.uuid index b9c517a371,ba82116ad9..54748296b1 --- a/manifest.uuid +++ b/manifest.uuid @@@ -1,1 -1,1 +1,1 @@@ - 395cbed103af08e3a4fafd9a3041205535e019d4aeb58b46c4a7e4f3bca545c9 -6007b5c2d3c27a4597631914d4114b626ba647954ecfb381de67d4cf27d31ccd ++6d8da8861c8ccbfdbe838587dc2f5ef1817bc0af4a6167940446ee7bdc53955c