From: stephan <stephan@noemail.net>
Date: Tue, 2 Dec 2025 18:28:22 +0000 (+0000)
Subject: kvvfs: make the filename suffixes -wal and -shm illegal and teach xAccess() to silent... 
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b6306586eccfc75da50b4ca557f141ca435c24fd;p=thirdparty%2Fsqlite.git

kvvfs: make the filename suffixes -wal and -shm illegal and teach xAccess() to silently not fail for illegal names (else it breaks things when a -wal file is checked for).

FossilOrigin-Name: 2ea29c77a85236ca4126c05c7fd1d45a80dfe3f653af9b3ed86d6e62877ec5af
---

diff --git a/ext/wasm/api/sqlite3-vfs-kvvfs.c-pp.js b/ext/wasm/api/sqlite3-vfs-kvvfs.c-pp.js
index c1a0d97e9c..efbdcf5ba2 100644
--- a/ext/wasm/api/sqlite3-vfs-kvvfs.c-pp.js
+++ b/ext/wasm/api/sqlite3-vfs-kvvfs.c-pp.js
@@ -278,13 +278,16 @@ globalThis.sqlite3ApiBootstrap.initializers.push(function(sqlite3){
   const validateStorageName = function(n,mayBeJournal=false){
     if( kvvfsIsPersistentName(n) ) return;
     const len = (new Blob([n])).size/*byte length*/;
-    if( !len ) toss3(capi.SQLITE_RANGE, "Empty name is not permitted.");
+    if( !len ) toss3(capi.SQLITE_MISUSE, "Empty name is not permitted.");
     let maxLen = cache.keySize - 1;
     if( cache.rxJournalSuffix.test(n) ){
       if( !mayBeJournal ){
         toss3(capi.SQLITE_MISUSE,
               "Storage names may not have a '-journal' suffix.");
       }
+    }else if( ['-wal','-shm'].filter(v=>n.endsWith(v)).length ){
+      toss3(capi.SQLITE_MISUSE,
+            "Storage names may not have a -wal or -shm suffix.");
     }else{
       maxLen -= 8 /* so we have space for a matching "-journal" suffix */;
     }
@@ -892,11 +895,18 @@ globalThis.sqlite3ApiBootstrap.initializers.push(function(sqlite3){
                   "store =",s);
           }
           if( !s ){
+            // From the API docs:
             /** The xAccess method returns [SQLITE_OK] on success or some
              ** non-zero error code if there is an I/O error or if the name of
              ** the file given in the second argument is illegal.
              */
-            validateStorageName(jzPath);
+            // However, returning non-0 from here is fatal, so we don't do that.
+            try{validateStorageName(jzPath)}
+            catch(e){
+              //warn("xAccess is ignoring name validation failure:",e);
+              wasm.poke32(pResOut, 0);
+              return 0;
+            }
           }
           if( s ){
             const key = s.keyPrefix+
diff --git a/ext/wasm/tester1.c-pp.js b/ext/wasm/tester1.c-pp.js
index 29cdc70a9f..06cc7da01b 100644
--- a/ext/wasm/tester1.c-pp.js
+++ b/ext/wasm/tester1.c-pp.js
@@ -2976,7 +2976,7 @@ globalThis.sqlite3InitModule = sqlite3InitModule;
         const filename = '.' /* preinstalled instance */;
         const JDb = sqlite3.oo1.JsStorageDb;
         const DB = sqlite3.oo1.DB;
-
+        T.mustThrowMatching(()=>new JDb(""), capi.SQLITE_MISUSE);
         T.mustThrowMatching(()=>{
           new JDb("this\ns an illegal - contains control characters");
           /* We don't have a way to get error strings from xOpen()
@@ -2984,6 +2984,12 @@ globalThis.sqlite3InitModule = sqlite3InitModule;
              db and SQLite is not calling xGetLastError() to fetch
              the error string. */
         }, capi.SQLITE_RANGE);
+        T.mustThrowMatching(()=>{new JDb("foo-journal");},
+                            capi.SQLITE_MISUSE);
+        T.mustThrowMatching(()=>{new JDb("foo-wal");},
+                            capi.SQLITE_MISUSE);
+        T.mustThrowMatching(()=>{new JDb("foo-shm");},
+                            capi.SQLITE_MISUSE);
         T.mustThrowMatching(()=>{
           new JDb("01234567890123456789"+
                   "01234567890123456789"+
@@ -2993,7 +2999,6 @@ globalThis.sqlite3InitModule = sqlite3InitModule;
                   "01234567890123456789"+
                   "0"/*too long*/);
         }, capi.SQLITE_RANGE);
-        T.mustThrowMatching(()=>new JDb(""), capi.SQLITE_RANGE);
         {
           const name = "01234567890123456789012" /* max name length */;
           (new JDb(name)).close();
diff --git a/manifest b/manifest
index 546ba528e7..9b4b6037e8 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Get\skvvfs::xAccess()\sfleshed\sout.
-D 2025-12-02T18:10:53.321
+C kvvfs:\smake\sthe\sfilename\ssuffixes\s-wal\sand\s-shm\sillegal\sand\steach\sxAccess()\sto\ssilently\snot\sfail\sfor\sillegal\snames\s(else\sit\sbreaks\sthings\swhen\sa\s-wal\sfile\sis\schecked\sfor).
+D 2025-12-02T18:28:22.504
 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
@@ -600,7 +600,7 @@ F ext/wasm/api/sqlite3-api-worker1.c-pp.js 1041dd645e8e821c082b628cd8d9acf70c667
 F ext/wasm/api/sqlite3-license-version-header.js 0c807a421f0187e778dc1078f10d2994b915123c1223fe752b60afdcd1263f89
 F ext/wasm/api/sqlite3-opfs-async-proxy.js 9654b565b346dc609b75d15337f20acfa7af7d9d558da1afeb9b6d8eaa404966
 F ext/wasm/api/sqlite3-vfs-helper.c-pp.js 3f828cc66758acb40e9c5b4dcfd87fd478a14c8fb7f0630264e6c7fa0e57515d
-F ext/wasm/api/sqlite3-vfs-kvvfs.c-pp.js 9aa012b9b9953548d2cc541adbb12b8619fae3e3e023626d06c2b93aeaada73c
+F ext/wasm/api/sqlite3-vfs-kvvfs.c-pp.js 8623900131a24c109fe115b3860d0668a05830518b9fb6026e745f281657c027
 F ext/wasm/api/sqlite3-vfs-opfs-sahpool.c-pp.js a2eea6442556867b589e04107796c6e1d04a472219529eeb45b7cd221d7d048b
 F ext/wasm/api/sqlite3-vfs-opfs.c-pp.js 88ce2078267a2d1af57525a32d896295f4a8db7664de0e17e82dc9ff006ed8d3
 F ext/wasm/api/sqlite3-vtab-helper.c-pp.js 366596d8ff73d4cefb938bbe95bc839d503c3fab6c8335ce4bf52f0d8a7dee81
@@ -647,7 +647,7 @@ F ext/wasm/test-opfs-vfs.html 1f2d672f3f3fce810dfd48a8d56914aba22e45c6834e262555
 F ext/wasm/test-opfs-vfs.js 1618670e466f424aa289859fe0ec8ded223e42e9e69b5c851f809baaaca1a00c
 F ext/wasm/tester1-worker.c-pp.html 0e432ec2c0d99cd470484337066e8d27e7aee4641d97115338f7d962bf7b081a
 F ext/wasm/tester1.c-pp.html 52d88fe2c6f21a046030a36410b4839b632f4424028197a45a3d5669ea724ddb
-F ext/wasm/tester1.c-pp.js c1c42f246c063409cbcf533e0fdcbe5e72de66664ea8e110eecce27e7affcb31
+F ext/wasm/tester1.c-pp.js e4714f2e9dfd8b84b75eed22118defa978cb0f2600b99bf0dd730852f4bcb42b
 F ext/wasm/tests/opfs/concurrency/index.html 657578a6e9ce1e9b8be951549ed93a6a471f4520a99e5b545928668f4285fb5e
 F ext/wasm/tests/opfs/concurrency/test.js d08889a5bb6e61937d0b8cbb78c9efbefbf65ad09f510589c779b7cc6a803a88
 F ext/wasm/tests/opfs/concurrency/worker.js 0a8c1a3e6ebb38aabbee24f122693f1fb29d599948915c76906681bb7da1d3d2
@@ -2180,8 +2180,8 @@ F tool/version-info.c 33d0390ef484b3b1cb685d59362be891ea162123cea181cb8e6d2cf6dd
 F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7
 F tool/warnings.sh d924598cf2f55a4ecbc2aeb055c10bd5f48114793e7ba25f9585435da29e7e98
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P 8d683130d2f2aaf6300a8c858802eb671e831ed520621af59c9e830e87a9d753
-R d11120ed294f213ba2dd31d3a01d4d3b
+P d947e9bed5affee3f6e54b0fe3e2b1a0ac3771865b93c06a4087318f26d87f7f
+R abd287f022dceab43bd84712714df539
 U stephan
-Z 6db5eec4505b09e9eded658344d6b133
+Z ac2a1cd4eef2e308aa49bdcc895e5096
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index 63818b0217..00dbca6c54 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-d947e9bed5affee3f6e54b0fe3e2b1a0ac3771865b93c06a4087318f26d87f7f
+2ea29c77a85236ca4126c05c7fd1d45a80dfe3f653af9b3ed86d6e62877ec5af