From 9f21b640674fc29064ed382143f77d48c2add103 Mon Sep 17 00:00:00 2001 From: utelle Date: Wed, 4 Oct 2023 13:14:58 +0200 Subject: [PATCH] Prepare release of wxSQLite3 4.9.6 - Update to SQLite3 Multiple Ciphers 1.7.0 (based on SQLite 3.43.1) --- configure.ac | 2 +- docs/Doxyfile | 2 +- include/wx/wxsqlite3_version.h | 4 +- include/wx/wxsqlite3def.h | 6 + readme.md | 4 +- src/sqlite3mc_amalgamation.c | 336 ++++++++++++++++++++++++++++++++- src/sqlite3mc_amalgamation.h | 6 +- 7 files changed, 344 insertions(+), 16 deletions(-) diff --git a/configure.ac b/configure.ac index 2bcdbc22..3f115b0a 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (C) 2017-2023 Ulrich Telle , Vadim Zeitlin dnl dnl This file is covered by the same licence as the entire wxSQLite3 package. -AC_INIT([wxsqlite3], [4.9.5], [ulrich@telle-online.de]) +AC_INIT([wxsqlite3], [4.9.6], [ulrich@telle-online.de]) dnl This is the version tested with, might work with earlier ones. AC_PREREQ([2.69]) diff --git a/docs/Doxyfile b/docs/Doxyfile index f63e7c9c..bef45619 100644 --- a/docs/Doxyfile +++ b/docs/Doxyfile @@ -48,7 +48,7 @@ PROJECT_NAME = wxSQLite3 # could be handy for archiving the generated documentation or if some version # control system is used. -PROJECT_NUMBER = 4.9.5 +PROJECT_NUMBER = 4.9.6 # Using the PROJECT_BRIEF tag one can provide an optional one line description # for a project that appears at the top of each page and should give viewer a diff --git a/include/wx/wxsqlite3_version.h b/include/wx/wxsqlite3_version.h index fb6fd447..74e8b5bf 100644 --- a/include/wx/wxsqlite3_version.h +++ b/include/wx/wxsqlite3_version.h @@ -14,8 +14,8 @@ #define WXSQLITE3_MAJOR_VERSION 4 #define WXSQLITE3_MINOR_VERSION 9 -#define WXSQLITE3_RELEASE_NUMBER 5 +#define WXSQLITE3_RELEASE_NUMBER 6 #define WXSQLITE3_SUBRELEASE_NUMBER 0 -#define WXSQLITE3_VERSION_STRING "wxSQLite3 4.9.5" +#define WXSQLITE3_VERSION_STRING "wxSQLite3 4.9.6" #endif // WXSQLITE3_VERSION_H_ diff --git a/include/wx/wxsqlite3def.h b/include/wx/wxsqlite3def.h index d5311521..70ca3527 100644 --- a/include/wx/wxsqlite3def.h +++ b/include/wx/wxsqlite3def.h @@ -46,6 +46,12 @@
+
4.9.6 - October 2023
+
+Upgrade to SQLite3 Multiple Ciphers version 1.7.0 (SQLite version 3.43.1)
+ +
+
4.9.5 - September 2023
Upgrade to SQLite3 Multiple Ciphers version 1.6.5 (SQLite version 3.43.1)
diff --git a/readme.md b/readme.md index 2464a766..99e67ec1 100644 --- a/readme.md +++ b/readme.md @@ -48,8 +48,10 @@ Since August 2020 a new implementation of an encryption extension, capable of su ## Version history +* 4.9.6 - *October 2023* + - Upgrade to SQLite3 Multiple Ciphers version 1.7.0 (SQLite version 3.43.1) * 4.9.5 - *September 2023* - - Upgrade to SQLite3 Multiple Ciphers version 1.6.3 (SQLite version 3.43.1) + - Upgrade to SQLite3 Multiple Ciphers version 1.6.5 (SQLite version 3.43.1) * 4.9.4 - *May 2023* - Upgrade to SQLite3 Multiple Ciphers version 1.6.3 (SQLite version 3.42.0) * 4.9.3 - *March 2023* diff --git a/src/sqlite3mc_amalgamation.c b/src/sqlite3mc_amalgamation.c index a9d7c460..c5428790 100644 --- a/src/sqlite3mc_amalgamation.c +++ b/src/sqlite3mc_amalgamation.c @@ -11084,6 +11084,9 @@ SQLITE_PRIVATE int sqlite3mcHandleAttachKey(sqlite3*, const char*, const char*, SQLITE_PRIVATE int sqlite3mcHandleMainKey(sqlite3*, const char*); typedef struct PgHdr PgHdrMC; SQLITE_PRIVATE void* sqlite3mcPagerCodec(PgHdrMC* pPg); +typedef struct Pager PagerMC; +SQLITE_PRIVATE int sqlite3mcPagerHasCodec(PagerMC* pPager); +SQLITE_PRIVATE void sqlite3mcInitMemoryMethods(); /******** Begin file sqlite3rtree.h *********/ /* @@ -29807,6 +29810,12 @@ SQLITE_PRIVATE int sqlite3MallocInit(void){ } rc = sqlite3GlobalConfig.m.xInit(sqlite3GlobalConfig.m.pAppData); if( rc!=SQLITE_OK ) memset(&mem0, 0, sizeof(mem0)); + + /* Initialize wrapper for memory management.*/ + if( rc==SQLITE_OK ) { + sqlite3mcInitMemoryMethods(); + } + return rc; } @@ -57156,6 +57165,7 @@ static const unsigned char aJournalMagic[] = { SQLITE_PRIVATE int sqlite3PagerDirectReadOk(Pager *pPager, Pgno pgno){ if( pPager->fd->pMethods==0 ) return 0; if( sqlite3PCacheIsDirty(pPager->pPCache) ) return 0; + if( sqlite3mcPagerHasCodec(pPager) != 0 ) return 0; #ifndef SQLITE_OMIT_WAL if( pPager->pWal ){ u32 iRead = 0; @@ -57389,7 +57399,7 @@ static void setGetterMethod(Pager *pPager){ if( pPager->errCode ){ pPager->xGet = getPageError; #if SQLITE_MAX_MMAP_SIZE>0 - }else if( USEFETCH(pPager) ){ + }else if( USEFETCH(pPager) && sqlite3mcPagerHasCodec(pPager) == 0 ){ pPager->xGet = getPageMMap; #endif /* SQLITE_MAX_MMAP_SIZE>0 */ }else{ @@ -251128,10 +251138,10 @@ SQLITE_API const char *sqlite3_sourceid(void){ return SQLITE_SOURCE_ID; } #define SQLITE3MC_VERSION_H_ #define SQLITE3MC_VERSION_MAJOR 1 -#define SQLITE3MC_VERSION_MINOR 6 -#define SQLITE3MC_VERSION_RELEASE 5 +#define SQLITE3MC_VERSION_MINOR 7 +#define SQLITE3MC_VERSION_RELEASE 0 #define SQLITE3MC_VERSION_SUBRELEASE 0 -#define SQLITE3MC_VERSION_STRING "SQLite3 Multiple Ciphers 1.6.5" +#define SQLITE3MC_VERSION_STRING "SQLite3 Multiple Ciphers 1.7.0" #endif /* SQLITE3MC_VERSION_H_ */ /*** End of #include "sqlite3mc_version.h" ***/ @@ -264601,6 +264611,31 @@ sqlite3mcVersion(sqlite3_context* context, int argc, sqlite3_value** argv) sqlite3_result_text(context, sqlite3mc_version(), -1, 0); } +#ifndef SQLITE3MC_SECURE_MEMORY +#define SQLITE3MC_SECURE_MEMORY 0 +#endif + +#if SQLITE3MC_SECURE_MEMORY + +#define SECURE_MEMORY_NONE 0 +#define SECURE_MEMORY_FILL 1 +#define SECURE_MEMORY_LOCK 2 + +SQLITE_PRIVATE void sqlite3mcSetMemorySecurity(int value); +SQLITE_PRIVATE int sqlite3mcGetMemorySecurity(); + +#ifndef SQLITE3MC_USE_RANDOM_FILL_MEMORY +#define SQLITE3MC_USE_RANDOM_FILL_MEMORY 0 +#endif + +/* Memory locking is currently not supported */ +#ifdef SQLITE3MC_ENABLE_MEMLOCK +#undef SQLITE3MC_ENABLE_MEMLOCK +#endif +#define SQLITE3MC_ENABLE_MEMLOCK 0 + +#endif + /* ** Crypto algorithms */ @@ -267348,14 +267383,14 @@ static size_t read_urandom(void* buf, size_t n) return 0; } -#if defined(__APPLE__) && defined(__MAC_10_12) && !defined(__IPHONE_OS_VERSION_MIN_REQUIRED) -#include +#if defined(__APPLE__) +#include #endif static size_t entropy(void* buf, size_t n) { -#if defined(__APPLE__) && defined(__MAC_10_12) && __MAC_OS_X_VERSION_MAX_ALLOWED >= __MAC_10_12 - if (getentropy(buf, n) == 0) +#if defined(__APPLE__) + if (SecRandomCopyBytes(kSecRandomDefault, n, (uint8_t*) buf) == 0) return n; #elif defined(__linux__) && defined(SYS_getrandom) if (syscall(SYS_getrandom, buf, n, 0) == n) @@ -274343,6 +274378,54 @@ sqlite3mcFileControlPragma(sqlite3* db, const char* zDbName, int op, void* pArg) ((char**)pArg)[0] = sqlite3_mprintf("Malformed hex string"); } } +#if SQLITE3MC_SECURE_MEMORY + else if (sqlite3StrICmp(pragmaName, "memory_security") == 0) + { + if (pragmaValue) + { + int intValue = -1; + if (0 == sqlite3StrICmp(pragmaValue, "none")) + { + intValue = SECURE_MEMORY_NONE; + } + else if (0 == sqlite3StrICmp(pragmaValue, "fill") ) + { + intValue = SECURE_MEMORY_FILL; + } +#if SQLITE3MC_ENABLE_MEMLOCK + else if (0 == sqlite3StrICmp(pragmaValue, "lock") ) + { + intValue = SECURE_MEMORY_LOCK; + } +#endif + else + { + intValue = sqlite3Atoi(pragmaValue); +#if SQLITE3MC_ENABLE_MEMLOCK + intValue = (intValue >=0 && intValue <= 2) ? intValue : -1; +#else + intValue = (intValue >=0 && intValue <= 1) ? intValue : -1; +#endif + } + if (intValue >= 0) + { + sqlite3mcSetMemorySecurity(intValue); + rc = SQLITE_OK; + ((char**)pArg)[0] = sqlite3_mprintf("%d", intValue); + } + else + { + rc = SQLITE_ERROR; + ((char**) pArg)[0] = sqlite3_mprintf("Secure memory option '%s' invalid.", pragmaValue); + } + } + else + { + rc = SQLITE_OK; + ((char**)pArg)[0] = sqlite3_mprintf("%d", sqlite3mcGetMemorySecurity()); + } + } +#endif /* SQLITE3MC_SECURE_MEMORY */ else { int j; @@ -275418,6 +275501,212 @@ sqlite3_rekey(sqlite3 *db, const void *zKey, int nKey) /*** End of #include "codecext.c" ***/ +/* +** Functions for securing allocated memory +*/ +/* #include "memory_secure.c" */ +/*** Begin of #include "memory_secure.c" ***/ +/* +** Name: mem_secure.c +** Purpose: Memory manager for SQLite3 Multiple Ciphers +** Author: Ulrich Telle +** Created: 2023-09-17 +** Copyright: (c) 2023 Ulrich Telle +** License: MIT +*/ + +#if SQLITE3MC_SECURE_MEMORY + +/* Flag indicating whether securing memory allocations is initialized */ +static volatile int mcSecureMemoryInitialized = 0; +/* Flag indicating whether memory allocations will be secured */ +static volatile int mcSecureMemoryFlag = 0; + +/* Map of default memory allocation methods */ +static volatile sqlite3_mem_methods mcDefaultMemoryMethods; + +#if SQLITE3MC_ENABLE_RANDOM_FILL_MEMORY + +/* +** Fill a buffer with pseudo-random bytes. This is used to preset +** the content of a new memory allocation to unpredictable values and +** to clear the content of a freed allocation to unpredictable values. +*/ +static void mcRandomFill(char* pBuf, int nByte) +{ + unsigned int x, y, r; + x = SQLITE_PTR_TO_INT(pBuf); + y = nByte | 1; + while( nByte >= 4 ) + { + x = (x>>1) ^ (-(int)(x&1) & 0xd0000001); + y = y*1103515245 + 12345; + r = x ^ y; + *(int*)pBuf = r; + pBuf += 4; + nByte -= 4; + } + while( nByte-- > 0 ) + { + x = (x>>1) ^ (-(int)(x&1) & 0xd0000001); + y = y*1103515245 + 12345; + r = x ^ y; + *(pBuf++) = r & 0xff; + } +} + +#endif + +/* +** Return the size of an allocation +*/ +static int mcMemorySize(void* pBuf) +{ + return mcDefaultMemoryMethods.xSize(pBuf); +} + +/* +** Memory allocation function +*/ +static void* mcMemoryAlloc(int nByte) +{ + return mcDefaultMemoryMethods.xMalloc(nByte); +} + +/* +** Free a prior allocation +*/ +static void mcMemoryFree(void* pPrior) +{ + if (mcSecureMemoryFlag) + { +#if SQLITE3MC_USE_RANDOM_FILL_MEMORY + int nSize = mcMemorySize(pPrior); + mcRandomFill((char*) pPrior, nSize) +#else + int nSize = mcMemorySize(pPrior); + memset(pPrior, 0, nSize); +#endif + } + mcDefaultMemoryMethods.xFree(pPrior); +} + +/* +** Resize an allocation +*/ +static void* mcMemoryRealloc(void* pPrior, int nByte) +{ + void* pNew = NULL; + if (mcSecureMemoryFlag) + { + int nPriorSize = mcMemorySize(pPrior); + if (nByte == 0) + { + /* New size = 0, just free prior memory */ + mcMemoryFree(pPrior); + return NULL; + } + else if (!pPrior) + { + /* Prior size = 0, just allocate new memory */ + return mcMemoryAlloc(nByte); + } + else if(nByte <= nPriorSize) + { + /* New size less or equal prior size, do nothing - we do not shrink allocations */ + return pPrior; + } + else + { + /* New size greater than prior size, reallocate memory */ + pNew = mcMemoryAlloc(nByte); + if (pNew) + { + memcpy(pNew, pPrior, nPriorSize); + mcMemoryFree(pPrior); + } + return pNew; + } + } + else + { + return mcDefaultMemoryMethods.xRealloc(pPrior, nByte); + } +} + +/* +** Round up request size to allocation size +*/ +static int mcMemoryRoundup(int nByte) +{ + return mcDefaultMemoryMethods.xRoundup(nByte); +} + +/* +** Initialize the memory allocator +*/ +static int mcMemoryInit(void* pAppData) +{ + return mcDefaultMemoryMethods.xInit(pAppData); +} + +/* +** Deinitialize the memory allocator +*/ +static void mcMemoryShutdown(void* pAppData) +{ + mcDefaultMemoryMethods.xShutdown(pAppData); +} + +static sqlite3_mem_methods mcSecureMemoryMethods = +{ + mcMemoryAlloc, + mcMemoryFree, + mcMemoryRealloc, + mcMemorySize, + mcMemoryRoundup, + mcMemoryInit, + mcMemoryShutdown, + 0 +}; + +SQLITE_PRIVATE void sqlite3mcSetMemorySecurity(int value) +{ + /* memory security can be changed only, if locking is not enabled */ + if (mcSecureMemoryFlag < 2) + { + mcSecureMemoryFlag = (value >= 0 && value <= 2) ? value : 0; + } +} + +SQLITE_PRIVATE int sqlite3mcGetMemorySecurity() +{ + return mcSecureMemoryFlag; +} + +#endif /* SQLITE3MC_SECURE_MEMORY */ + +SQLITE_PRIVATE void sqlite3mcInitMemoryMethods() +{ +#if SQLITE3MC_SECURE_MEMORY + if (!mcSecureMemoryInitialized) + { + if (sqlite3_config(SQLITE_CONFIG_GETMALLOC, &mcDefaultMemoryMethods) != SQLITE_OK || + sqlite3_config(SQLITE_CONFIG_MALLOC, &mcSecureMemoryMethods) != SQLITE_OK) + { + mcSecureMemoryFlag = mcSecureMemoryInitialized = 0; + } + else + { + mcSecureMemoryInitialized = 1; + } + } +#endif /* SQLITE3MC_SECURE_MEMORY */ +} + +/*** End of #include "memory_secure.c" ***/ + + /* ** Extension functions */ @@ -298610,6 +298899,37 @@ sqlite3mcCheckVfs(const char* zVfs) return rc; } +SQLITE_PRIVATE int +sqlite3mcPagerHasCodec(PagerMC* pPager) +{ + int hasCodec = 0; + sqlite3mc_vfs* pVfsMC = NULL; + sqlite3_vfs* pVfs = pPager->pVfs; + + /* Check whether the VFS stack of the pager contains a Multiple Ciphers VFS */ + for (; pVfs; pVfs = pVfs->pNext) + { + if (pVfs && pVfs->xOpen == mcVfsOpen) + { + /* Multiple Ciphers VFS found */ + pVfsMC = (sqlite3mc_vfs*)(pVfs); + break; + } + } + + /* Check whether codec is enabled for associated database file */ + if (pVfsMC) + { + sqlite3mc_file* mcFile = mcFindDbMainFileName(pVfsMC, pPager->zFilename); + if (mcFile) + { + Codec* codec = mcFile->codec; + hasCodec = (codec != 0 && sqlite3mcIsEncrypted(codec)); + } + } + return hasCodec; +} + /* ** SQLite3 Multiple Ciphers external API functions */ diff --git a/src/sqlite3mc_amalgamation.h b/src/sqlite3mc_amalgamation.h index f15b648c..ef65ae56 100644 --- a/src/sqlite3mc_amalgamation.h +++ b/src/sqlite3mc_amalgamation.h @@ -30,10 +30,10 @@ #define SQLITE3MC_VERSION_H_ #define SQLITE3MC_VERSION_MAJOR 1 -#define SQLITE3MC_VERSION_MINOR 6 -#define SQLITE3MC_VERSION_RELEASE 5 +#define SQLITE3MC_VERSION_MINOR 7 +#define SQLITE3MC_VERSION_RELEASE 0 #define SQLITE3MC_VERSION_SUBRELEASE 0 -#define SQLITE3MC_VERSION_STRING "SQLite3 Multiple Ciphers 1.6.5" +#define SQLITE3MC_VERSION_STRING "SQLite3 Multiple Ciphers 1.7.0" #endif /* SQLITE3MC_VERSION_H_ */ /*** End of #include "sqlite3mc_version.h" ***/