From 18f95ebbea977b6be7dd714044205843cbfe3346 Mon Sep 17 00:00:00 2001
From: Nick Parker <nparker@zetetic.net>
Date: Tue, 21 Apr 2015 14:06:30 -0500
Subject: [PATCH] Check for valid context before using cipher_store_pass
 Identified by Nicholas Starke

---
 src/crypto.c     | 12 ++++++++----
 test/crypto.test | 14 +++++++++++++-
 2 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/src/crypto.c b/src/crypto.c
index c79e5c5..79451ae 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -97,12 +97,16 @@ int sqlcipher_codec_pragma(sqlite3* db, int iDb, Parse *pParse, const char *zLef
     }
   } else
   if( sqlite3StrICmp(zLeft, "cipher_store_pass")==0 && zRight ) {
-    sqlcipher_codec_set_store_pass(ctx, sqlite3GetBoolean(zRight, 1));
+    if(ctx) {
+      sqlcipher_codec_set_store_pass(ctx, sqlite3GetBoolean(zRight, 1));
+    }
   } else
   if( sqlite3StrICmp(zLeft, "cipher_store_pass")==0 && !zRight ) {
-    char *store_pass_value = sqlite3_mprintf("%d", sqlcipher_codec_get_store_pass(ctx));
-    codec_vdbe_return_static_string(pParse, "cipher_store_pass", store_pass_value);
-    sqlite3_free(store_pass_value);
+    if(ctx){
+      char *store_pass_value = sqlite3_mprintf("%d", sqlcipher_codec_get_store_pass(ctx));
+      codec_vdbe_return_static_string(pParse, "cipher_store_pass", store_pass_value);
+      sqlite3_free(store_pass_value);
+    }
   }
   if( sqlite3StrICmp(zLeft, "cipher_profile")== 0 && zRight ){
       char *profile_status = sqlite3_mprintf("%d", sqlcipher_cipher_profile(db, zRight));
diff --git a/test/crypto.test b/test/crypto.test
index b7cbf7b..84f8d57 100644
--- a/test/crypto.test
+++ b/test/crypto.test
@@ -1923,7 +1923,7 @@ db close
 file delete -force test.db
 
 # verify invalid cipher does not cause segfault
-if_built_with_openssl verify-invalid-cipher-does_not_segfault {
+if_built_with_openssl verify-invalid-cipher-does-not-segfault {
     sqlite_orig db test.db
     execsql {
         PRAGMA key = 'test';
@@ -1934,6 +1934,18 @@ if_built_with_openssl verify-invalid-cipher-does_not_segfault {
 db close
 file delete -force test.db
 
+# verify setting cipher_store_pass before key
+# does not cause segfault
+do_test verify-cipher-store-pass-before-key-does-not-segfault {
+    sqlite_orig db test.db
+    execsql {
+        PRAGMA cipher_store_pass = 1;
+        PRAGMA key = 'test';
+    }
+} {}
+db close
+file delete -force test.db
+
 # verify the pragma cipher
 # reports the default value
 if_built_with_openssl verify-pragma-cipher-default {