From 4b31a370062721200ca6c624057190cac6d01bd9 Mon Sep 17 00:00:00 2001 From: Nick Parker Date: Tue, 26 Nov 2013 09:52:55 -0600 Subject: [PATCH] Enforce prefix and suffix format for cipher_add_random --- src/crypto_impl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/crypto_impl.c b/src/crypto_impl.c index 6ef38bd..9a94582 100644 --- a/src/crypto_impl.c +++ b/src/crypto_impl.c @@ -1126,7 +1126,8 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) { int sqlcipher_codec_add_random(codec_ctx *ctx, const char *zRight){ int random_sz = strlen(zRight); - if (random_sz == ((ctx->read_ctx->key_sz * 2) + 3) && sqlite3StrNICmp((const char *)zRight ,"x'", 2) == 0) { + const char *suffix = &zRight[random_sz-1]; + if (sqlite3StrNICmp((const char *)zRight ,"x'", 2) == 0 && sqlite3StrNICmp(suffix, "'", 1) == 0) { int rc = 0; unsigned char *random; int n = random_sz - 3; /* adjust for leading x' and tailing ' */