Fix potential crash with multiple in-process sqlite uses

This commit is contained in:
Panu Matilainen 2023-06-27 10:28:29 +03:00
parent 7e09257606
commit 75bce87293
2 changed files with 58 additions and 1 deletions

View File

@ -0,0 +1,52 @@
From ea3187cfcf9cac87e5bc5e7db79b0338da9e355e Mon Sep 17 00:00:00 2001
Message-ID: <ea3187cfcf9cac87e5bc5e7db79b0338da9e355e.1687844980.git.pmatilai@redhat.com>
From: Panu Matilainen <pmatilai@redhat.com>
Date: Mon, 26 Jun 2023 12:45:09 +0300
Subject: [PATCH] Don't muck with per-process global sqlite configuration from
the db backend
sqlite3_config() affects all in-process uses of sqlite. librpm being a
low-level library, it has no business whatsoever making such decisions
for the applications running on top of it. Besides that, the callback can
easily end up pointing to an already closed database, causing an
innocent API user to crash in librpm on an entirely unrelated error on
some other database. "Oops."
The sqlite API doesn't seem to provide any per-db or non-global context
for logging errors, thus we can only remove the call and let sqlite output
errors the way it pleases (print through stderr, presumably).
Thanks to Jan Palus for spotting and reporting!
---
lib/backend/sqlite.c | 8 --------
1 file changed, 8 deletions(-)
diff --git a/lib/backend/sqlite.c b/lib/backend/sqlite.c
index 5a029d575..b61273226 100644
--- a/lib/backend/sqlite.c
+++ b/lib/backend/sqlite.c
@@ -44,13 +44,6 @@ static void rpm_match3(sqlite3_context *sctx, int argc, sqlite3_value **argv)
sqlite3_result_int(sctx, match);
}
-static void errCb(void *data, int err, const char *msg)
-{
- rpmdb rdb = data;
- rpmlog(RPMLOG_WARNING, "%s: %s: %s\n",
- rdb->db_descr, sqlite3_errstr(err), msg);
-}
-
static int dbiCursorReset(dbiCursor dbc)
{
if (dbc->stmt) {
@@ -170,7 +163,6 @@ static int sqlite_init(rpmdb rdb, const char * dbhome)
* the "database is locked" errors at every cost
*/
sqlite3_busy_timeout(sdb, 10000);
- sqlite3_config(SQLITE_CONFIG_LOG, errCb, rdb);
sqlexec(sdb, "PRAGMA secure_delete = OFF");
sqlexec(sdb, "PRAGMA case_sensitive_like = ON");
--
2.41.0

View File

@ -32,7 +32,7 @@
%global rpmver 4.18.91 %global rpmver 4.18.91
#global snapver rc1 #global snapver rc1
%global baserelease 4 %global baserelease 5
%global sover 10 %global sover 10
%global srcver %{rpmver}%{?snapver:-%{snapver}} %global srcver %{rpmver}%{?snapver:-%{snapver}}
@ -147,7 +147,9 @@ rpm-4.9.90-no-man-dirs.patch
rpm-4.18.90-disable-sysusers.patch rpm-4.18.90-disable-sysusers.patch
rpm-4.18.90-weak-user-group.patch rpm-4.18.90-weak-user-group.patch
# Patches already upstream: # Patches already upstream:
0001-Don-t-muck-with-per-process-global-sqlite-configurat.patch
# ... # ...
# These are not yet upstream # These are not yet upstream
@ -620,6 +622,9 @@ fi
%doc %{_defaultdocdir}/rpm/API/ %doc %{_defaultdocdir}/rpm/API/
%changelog %changelog
* Tue Jun 27 2023 Panu Matilainen <pmatilai@redhat.com> - 4.18.91-5
- Fix potential crash with multiple in-process sqlite uses
* Mon Jun 26 2023 Python Maint <python-maint@redhat.com> - 4.18.91-4 * Mon Jun 26 2023 Python Maint <python-maint@redhat.com> - 4.18.91-4
- Rebuilt for Python 3.12 - Rebuilt for Python 3.12