From 2ce01668d6e1aa16a1fc4cbb05851c8bcb59e865 Mon Sep 17 00:00:00 2001 From: Stephen Lombardo Date: Mon, 22 Nov 2021 17:21:08 -0500 Subject: [PATCH] clarifying comments about codec error handling --- src/crypto.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/crypto.c b/src/crypto.c index 2f951b7f..683fb89a 100644 --- a/src/crypto.c +++ b/src/crypto.c @@ -747,7 +747,9 @@ static void* sqlite3Codec(void *iCtx, void *data, Pgno pgno, int mode) { rc = SQLITE_ERROR; } #endif - if(rc != SQLITE_OK) { /* clear results of failed cipher operation and set error */ + if(rc != SQLITE_OK) { + /* failure to decrypt a page is considered a permanent error and will render the pager unusable + in order to prevent inconsistent data being loaded into page cache */ sqlcipher_memset((unsigned char*) buffer+offset, 0, page_sz-offset); sqlcipher_codec_ctx_set_error(ctx, rc); } @@ -774,7 +776,9 @@ static void* sqlite3Codec(void *iCtx, void *data, Pgno pgno, int mode) { rc = SQLITE_ERROR; } #endif - if(rc != SQLITE_OK) { /* clear results of failed cipher operation and set error */ + if(rc != SQLITE_OK) { + /* failure to encrypt a page is considered a permanent error and will render the pager unusable + in order to prevent corrupted pages from being written to the main databased when using WAL */ sqlcipher_memset((unsigned char*)buffer+offset, 0, page_sz-offset); sqlcipher_codec_ctx_set_error(ctx, rc); return NULL;