Prevent segfault when invalid cipher name provided, identified by Nicholas Starke

This commit is contained in:
Nick Parker 2015-04-16 08:55:44 -05:00
parent 388970a669
commit c14afcf742
2 changed files with 17 additions and 2 deletions

View File

@ -186,8 +186,11 @@ static int sqlcipher_openssl_cipher(void *ctx, int mode, unsigned char *key, int
static int sqlcipher_openssl_set_cipher(void *ctx, const char *cipher_name) {
openssl_ctx *o_ctx = (openssl_ctx *)ctx;
o_ctx->evp_cipher = (EVP_CIPHER *) EVP_get_cipherbyname(cipher_name);
return SQLITE_OK;
EVP_CIPHER* cipher = (EVP_CIPHER *) EVP_get_cipherbyname(cipher_name);
if(cipher != NULL) {
o_ctx->evp_cipher = cipher;
}
return cipher != NULL ? SQLITE_OK : SQLITE_ERROR;
}
static const char* sqlcipher_openssl_get_cipher(void *ctx) {

View File

@ -1922,6 +1922,18 @@ do_test verify-pragma-cipher-page-size-changed {
db close
file delete -force test.db
# verify invalid cipher does not cause segfault
if_built_with_openssl verify-invalid-cipher-does_not_segfault {
sqlite_orig db test.db
execsql {
PRAGMA key = 'test';
PRAGMA cipher = 'junk';
PRAGMA cipher;
}
} {AES-256-CBC}
db close
file delete -force test.db
# verify the pragma cipher
# reports the default value
if_built_with_openssl verify-pragma-cipher-default {