From: stephan Date: Sat, 15 Nov 2025 15:30:45 +0000 (+0000) Subject: JNI: when validing the eTextRep argument in sqlite3_create_function(), only validate... X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a1dede1e5822e5e9aab839e867494ad9f3f6bcf9;p=thirdparty%2Fsqlite.git JNI: when validing the eTextRep argument in sqlite3_create_function(), only validate the lower four bits (the high bits are for other flags). Add flags to test functions to ensure this case is triggered. FossilOrigin-Name: aab640be7bc5829fe16d2582b13f942b7debb271c150ca2471561de6b2d70dc7 --- diff --git a/ext/jni/src/c/sqlite3-jni.c b/ext/jni/src/c/sqlite3-jni.c index a522149019..d463f53256 100644 --- a/ext/jni/src/c/sqlite3-jni.c +++ b/ext/jni/src/c/sqlite3-jni.c @@ -3645,7 +3645,7 @@ S3JniApi(sqlite3_create_function() sqlite3_create_function_v2() if( !pDb || !jFuncName ){ return SQLITE_MISUSE; - }else if( !encodingTypeIsValid(eTextRep) ){ + }else if( !encodingTypeIsValid(eTextRep & 0x0f) ){ return s3jni_db_error(env, pDb, SQLITE_FORMAT, "Invalid function encoding option."); } diff --git a/ext/jni/src/org/sqlite/jni/capi/Tester1.java b/ext/jni/src/org/sqlite/jni/capi/Tester1.java index 9d14c954b8..891bdea541 100644 --- a/ext/jni/src/org/sqlite/jni/capi/Tester1.java +++ b/ext/jni/src/org/sqlite/jni/capi/Tester1.java @@ -815,7 +815,9 @@ public class Tester1 implements Runnable { }; // Register and use the function... - int rc = sqlite3_create_function(db, "myfunc", -1, SQLITE_UTF8, func); + int rc = sqlite3_create_function(db, "myfunc", -1, + SQLITE_UTF8 | SQLITE_INNOCUOUS, + func); affirm(0 == rc); affirm(0 == xFuncAccum.value); final sqlite3_stmt stmt = prepare(db, "SELECT myfunc(1,2,3)"); diff --git a/manifest b/manifest index 9713d8a5ad..c3c93ac4de 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Replace\sthe\sJNI\sbinding's\sinternal\suse\sof\ssqlite3ErrorWithMsg()\swith\ssqlite3_set_errmsg()\sand\shave\sit\shandle\sOOM\sin\sa\sway\sconsistent\swith\sthe\srest\sof\sthe\sJNI\sbindings. -D 2025-11-15T15:09:04.569 +C JNI:\swhen\svaliding\sthe\seTextRep\sargument\sin\ssqlite3_create_function(),\sonly\svalidate\sthe\slower\sfour\sbits\s(the\shigh\sbits\sare\sfor\sother\sflags).\sAdd\sflags\sto\stest\sfunctions\sto\sensure\sthis\scase\sis\striggered. +D 2025-11-15T15:30:45.907 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea @@ -290,7 +290,7 @@ F ext/intck/test_intck.c 4f9eaadaedccb9df1d26ba41116a0a8e5b0c5556dc3098c8ff68633 F ext/jni/GNUmakefile 8a94e3a1953b88cf117fb2a5380480feada8b4f5316f02572cab425030a720b4 F ext/jni/README.md 1479c83dbe26125264a060ee6873531795a7082dbc0d43c4067683371331559f F ext/jni/jar-dist.make 030aaa4ae71dd86e4ec5e7c1e6cd86f9dfa47c4592c070d2e35157e42498e1fa -F ext/jni/src/c/sqlite3-jni.c b28ca2a083743dbc0f14dd0b41be30034a0284d66587060dfaf825e9d885a0fd +F ext/jni/src/c/sqlite3-jni.c 7bfdc6bcf8318ec1b2b83f4ec50bb664192e96fe752bfaa410d2c682230c10a9 F ext/jni/src/c/sqlite3-jni.h df43024cced914c49485633d0f90168689e70577b3b17b0ecbdaf16e4a417bff F ext/jni/src/org/sqlite/jni/annotation/Experimental.java 8603498634e41d0f7c70f661f64e05df64376562ea8f126829fd1e0cdd47e82b F ext/jni/src/org/sqlite/jni/annotation/NotNull.java be6cc3e8e114485822331630097cc0f816377e8503af2fc02f9305ff2b353917 @@ -319,7 +319,7 @@ F ext/jni/src/org/sqlite/jni/capi/SQLFunction.java 0d1e9afc9ff8a2adb94a155b72385 F ext/jni/src/org/sqlite/jni/capi/SQLTester.java 3c0babc067d8560627a9ed1b07979f9d4393464e2282c2fca4832052e982c7bc F ext/jni/src/org/sqlite/jni/capi/ScalarFunction.java 93b9700fca4c68075ccab12fe0fbbc76c91cafc9f368e835b9bd7cd7732c8615 F ext/jni/src/org/sqlite/jni/capi/TableColumnMetadata.java 9133bb7685901d2edf07801191284975e33b5583ce09dce1c05202ff91e7bb99 -F ext/jni/src/org/sqlite/jni/capi/Tester1.java 4c3d16fdf6e979f839b2ecdb14d0a0c04bd3d0e41500fc9e8110b588883b140b +F ext/jni/src/org/sqlite/jni/capi/Tester1.java 378d142435d220b20b7ce7343c62a03e853bb8c51e80447ee0f8ac5c37362d9a F ext/jni/src/org/sqlite/jni/capi/TraceV2Callback.java 0a25e117a0daae3394a77f24713e36d7b44c67d6e6d30e9e1d56a63442eef723 F ext/jni/src/org/sqlite/jni/capi/UpdateHookCallback.java c8bdf7848e6599115d601bcc9427ff902cb33129b9be32870ac6808e04b6ae56 F ext/jni/src/org/sqlite/jni/capi/ValueHolder.java 2ce069f3e007fdbbe1f4e507a5a407fc9679da31a0aa40985e6317ed4d5ec7b5 @@ -2166,8 +2166,8 @@ F tool/version-info.c 33d0390ef484b3b1cb685d59362be891ea162123cea181cb8e6d2cf6dd F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7 F tool/warnings.sh d924598cf2f55a4ecbc2aeb055c10bd5f48114793e7ba25f9585435da29e7e98 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f -P acb1525a49463de67716638626406ccde9a282907d0de218ab88bf474ba830ee -R 401c7736be7e7154dc5b54d0e020a24a +P 0899a9eb3af727f310372f3441573ab506ffec31dca4774e850b2b59a4001ee0 +R 601ead01f2a6a28658655ab790f5c9f1 U stephan -Z b31456e0517faa0fcb62a707b78caf87 +Z 23594003e167060d2f5f12fe9a21d14d # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index fb39871ee4..415e5e5fdb 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -0899a9eb3af727f310372f3441573ab506ffec31dca4774e850b2b59a4001ee0 +aab640be7bc5829fe16d2582b13f942b7debb271c150ca2471561de6b2d70dc7