From e04d8c98cfc052f65c36e862518cc1dffb49c539 Mon Sep 17 00:00:00 2001 From: Stephen Lombardo Date: Fri, 8 Feb 2019 15:00:18 -0500 Subject: [PATCH] clear buffer if cipher operation fails per #304 --- src/crypto.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/crypto.c b/src/crypto.c index 0c433679..e60b5335 100644 --- a/src/crypto.c +++ b/src/crypto.c @@ -683,7 +683,10 @@ static void* sqlite3Codec(void *iCtx, void *data, Pgno pgno, int mode) { memcpy(buffer, plaintext_header_sz ? pData : (void *) SQLITE_FILE_HEADER, offset); rc = sqlcipher_page_cipher(ctx, cctx, pgno, CIPHER_DECRYPT, page_sz - offset, pData + offset, (unsigned char*)buffer + offset); - if(rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, rc); + if(rc != SQLITE_OK) { /* clear results of failed cipher operation and set error */ + sqlcipher_memset(buffer+offset, 0, page_sz-offset); + sqlcipher_codec_ctx_set_error(ctx, rc); + } memcpy(pData, buffer, page_sz); /* copy buffer data back to pData and return */ return pData; break; @@ -702,7 +705,10 @@ static void* sqlite3Codec(void *iCtx, void *data, Pgno pgno, int mode) { memcpy(buffer, plaintext_header_sz ? pData : kdf_salt, offset); } rc = sqlcipher_page_cipher(ctx, cctx, pgno, CIPHER_ENCRYPT, page_sz - offset, pData + offset, (unsigned char*)buffer + offset); - if(rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, rc); + if(rc != SQLITE_OK) { /* clear results of failed cipher operation and set error */ + sqlcipher_memset(buffer+offset, 0, page_sz-offset); + sqlcipher_codec_ctx_set_error(ctx, rc); + } return buffer; /* return persistent buffer data, pData remains intact */ break;