From: stephan Date: Tue, 20 Jan 2026 10:57:44 +0000 (+0000) Subject: Add an SQLITE_API_ARMOR check to sqlite3_get_clientdata(), per request in [forum... X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d4dc275ebc2941a850d1a3efebe3e706e4f1967f;p=thirdparty%2Fsqlite.git Add an SQLITE_API_ARMOR check to sqlite3_get_clientdata(), per request in [forum:a011a001f4|forum post a011a001f4]. FossilOrigin-Name: 346ad366a8ebed1e7936c59f8a40e9c8e7e31d0153bc4f654a47b2ddc39b18ca --- diff --git a/manifest b/manifest index b510886850..134f28e22e 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Minor\sdoc\supdates\sin\smkwasmbuilds.c. -D 2026-01-19T22:20:12.220 +C Add\san\sSQLITE_API_ARMOR\scheck\sto\ssqlite3_get_clientdata(),\sper\srequest\sin\s[forum:a011a001f4|forum\spost\sa011a001f4]. +D 2026-01-20T10:57:44.925 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea @@ -702,7 +702,7 @@ F src/insert.c dfd311b0ac2d4f6359e62013db67799757f4d2cc56cca5c10f4888acfbbfa3fd F src/json.c 95c20b077a8ec3b471122d312a907b1e5298ae93f924b0a96640022b6420a941 F src/legacy.c d7874bc885906868cd51e6c2156698f2754f02d9eee1bae2d687323c3ca8e5aa F src/loadext.c d6559d2b39c9bde6b104b83adeafbe5db3a514aae4d3d40afc58de522a03043b -F src/main.c 21fb86045bbf6b6329251a0ce6771735b6c71287cc9fcda1f2005d4ac5f25b52 +F src/main.c e95aa130478fc98a49181ddf094baab45f319286411129253618efe0008f0dc4 F src/malloc.c 422f7e0498e1c9ef967f06283b6f2c0b16db6b905d8e06f6dbc8baaa3e4e6c5a F src/mem0.c 6a55ebe57c46ca1a7d98da93aaa07f99f1059645 F src/mem1.c 3bb59158c38e05f6270e761a9f435bf19827a264c13d1631c58b84bdc96d73b2 @@ -2193,8 +2193,8 @@ F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee F tool/warnings.sh d924598cf2f55a4ecbc2aeb055c10bd5f48114793e7ba25f9585435da29e7e98 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f F tool/winmain.c 00c8fb88e365c9017db14c73d3c78af62194d9644feaf60e220ab0f411f3604c -P dfe4b788ca6596ea9f26445c864f56f81c7816798f5fedfc4e89ba1eb097b0aa -R fa51d38900cab116d6f57002d22a4966 +P 81840bd4b2132c1c701bb6fd5a2ac48a4ed33d2b68a3f7a826fa32dc0fc16483 +R 333f8800db383a0d77a15f9b7b37171f U stephan -Z 05cbd873e079ce2b55a58f6226132035 +Z 20800af8d71ad6093a502d20016c44a4 # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index c54a1660c7..de318d0d66 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -81840bd4b2132c1c701bb6fd5a2ac48a4ed33d2b68a3f7a826fa32dc0fc16483 +346ad366a8ebed1e7936c59f8a40e9c8e7e31d0153bc4f654a47b2ddc39b18ca diff --git a/src/main.c b/src/main.c index 8a2b43b2f9..37e6f23744 100644 --- a/src/main.c +++ b/src/main.c @@ -3844,6 +3844,12 @@ int sqlite3_collation_needed16( */ void *sqlite3_get_clientdata(sqlite3 *db, const char *zName){ DbClientData *p; +#ifdef SQLITE_ENABLE_API_ARMOR + if( !zName || !sqlite3SafetyCheckOk(db) ){ + (void)SQLITE_MISUSE_BKPT; + return 0; + } +#endif sqlite3_mutex_enter(db->mutex); for(p=db->pDbData; p; p=p->pNext){ if( strcmp(p->zName, zName)==0 ){