Strength the defense against malicious command-line arguments in the

author drh <>

Tue, 26 May 2026 11:23:00 +0000 (11:23 +0000)

committer drh <>

Tue, 26 May 2026 11:23:00 +0000 (11:23 +0000)
author drh <>
Tue, 26 May 2026 11:23:00 +0000 (11:23 +0000)
committer drh <>
Tue, 26 May 2026 11:23:00 +0000 (11:23 +0000)
diff --git a/manifest b/manifest

index 19530b52c058ee74c9aab9dcd519890270d48277..2ab619a41be04d6c3a254beff0988d18c6219e41 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\sHTML\s"&gt;"\squoting\sin\sQRF.\n[bugs:/forumpost/f72dfbdeff|Bug\sf72dfbdeff].
-D 2026-05-25T23:44:37.126
+C Strength\sthe\sdefense\sagainst\smalicious\scommand-line\sarguments\sin\sthe\nsqlite3_rsync\sutility\sprogram.
+D 2026-05-26T11:23:00.299
  F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
  F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
  F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
@@ -2188,7 +2188,7 @@ F tool/spellsift.tcl 52b4b04dc4333c7ab024f09d9d66ed6b6f7c6eb00b38497a09f338fa55d
  F tool/split-sqlite3c.tcl 4969fd642dad0ea483e4e104163021d92baf98f6a8eac981fe48525f9b873430
  F tool/sqldiff.c de59a4eecbc802db8ad053889c10e6f8b8427b6f349199ee79938c92c20860dd
  F tool/sqlite3_analyzer.c.in 14f02cb5ec3c264cd6107d1f1dad77092b1cf440fc196c30b69ae87b56a1a43b
-F tool/sqlite3_rsync.c f510a8b230e1c5b0f62842acd0e94ff15d2f77a00ae782f7d20f9e39919fa19b
+F tool/sqlite3_rsync.c d9ce999e5b3aa9f36de44b321755622e52258774889bd804ba56f00eca01af50
  F tool/sqltclsh.c.in c103c6fc7d42bce611f9d4596774d60b7ef3d0b291a1f58c9e6184e458b89296
  F tool/sqltclsh.tcl 862f4cf1418df5e1315b5db3b5ebe88969e2a784525af5fbf9596592f14ed848
  F tool/src-verify.c 6c655d9a8d6b30f3648fc78a79bf3838ed68f8543869d380c43ea9f17b3b8501
@@ -2207,8 +2207,8 @@ F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee
  F tool/warnings.sh a554d13f6e5cf3760f041b87939e3d616ec6961859c3245e8ef701d1eafc2ca2
  F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
  F tool/winmain.c 00c8fb88e365c9017db14c73d3c78af62194d9644feaf60e220ab0f411f3604c
-P 80093dc0610438cd506d230eca12e699e05395aecb8048c5bc066379b927e8bb
-R afa00c1310fd880781bba5ab22e1cde4
+P 5cee1097b47d850989ebecdb9d2c814e6968240fe3bacb5598ca85067cb95692
+R d454cf7ff4e323f2d25f713342ab9ef2
  U drh
-Z 1ffe93a6d1bfe8c958c61235aafeedb9
+Z d2b02f7604e1d0360a2fffcea1260c31
  # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid

index 4a91cd61897ccbff24f7c1f6ec4c5982e84713ee..d0eea22fc169db0e13660c94df933fdff6875736 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-5cee1097b47d850989ebecdb9d2c814e6968240fe3bacb5598ca85067cb95692
+c84d596b6da22061627282d444913c88dc2f9bd82e86957183f7e732f2713b33
diff --git a/tool/sqlite3_rsync.c b/tool/sqlite3_rsync.c

index b10224b2f7d21ad51423f32e5c8be9f113588a86..2d92ec431338887162dc69279a71e630b86f78b6 100644 (file)
--- a/tool/sqlite3_rsync.c
+++ b/tool/sqlite3_rsync.c
@@ -2193,7 +2193,7 @@ int main(int argc, char const * const *argv){
        printf("%s\n", sqlite3_str_value(pStr));
        return 0;
      }
-    if( z[i]=='-' ){
+    if( z[0]=='-' ){
        fprintf(stderr,
           "unknown option: \"%s\". Use --help for more detail.\n", z);
        return 1;
@@ -2262,7 +2262,7 @@ int main(int argc, char const * const *argv){
        append_escaped_arg(pStr, zSsh, 1);
        if( iPort>0 ) sqlite3_str_appendf(pStr, " -p %d", iPort);
        sqlite3_str_appendf(pStr, " -e none");
-      append_escaped_arg(pStr, ctx.zOrigin, 0);
+      append_escaped_arg(pStr, ctx.zOrigin, 1);
        if( iRetry ) add_path_argument(pStr);
        append_escaped_arg(pStr, zExe, 1);
        append_escaped_arg(pStr, "--origin", 0);
@@ -2311,7 +2311,7 @@ int main(int argc, char const * const *argv){
        append_escaped_arg(pStr, zSsh, 1);
        if( iPort>0 ) sqlite3_str_appendf(pStr, " -p %d", iPort);
        sqlite3_str_appendf(pStr, " -e none");
-      append_escaped_arg(pStr, ctx.zReplica, 0);
+      append_escaped_arg(pStr, ctx.zReplica, 1);
        if( iRetry==1 ) add_path_argument(pStr);
        append_escaped_arg(pStr, zExe, 1);
        append_escaped_arg(pStr, "--replica", 0);
author	drh <>
	Tue, 26 May 2026 11:23:00 +0000 (11:23 +0000)
committer	drh <>
	Tue, 26 May 2026 11:23:00 +0000 (11:23 +0000)
manifest		patch \| blob \| blame \| history
manifest.uuid		patch \| blob \| blame \| history
tool/sqlite3_rsync.c		patch \| blob \| blame \| history