From: Jeremy Harris Date: Sun, 28 Jun 2020 14:24:21 +0000 (+0100) Subject: Sqlite: fix segfault on bad/missing sqlite_dbfile. Bug 2606 X-Git-Url: https://git.exim.org/users/heiko/exim.git/commitdiff_plain/3d0472791a0928963a3f8184fe28479e80d1a47d Sqlite: fix segfault on bad/missing sqlite_dbfile. Bug 2606 --- diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 83d027d0f..b2b9a74b8 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -66,6 +66,9 @@ JH/12 Bug 2607: Fix the ${srs_encode } expansion to handle quoted local_parts. JH/13 Fix dsearch "subdir" filter to ignore ".". Previously only ".." was excluded, not matching the documentation. +JH/14 Bug 2606: Fix a segfault in sqlite lookups. When no, or a bad, filename + was given for the sqlite_dbfile a trap resulted. + Exim version 4.94 ----------------- diff --git a/src/src/lookups/sqlite.c b/src/src/lookups/sqlite.c index dc4439153..1638ea401 100644 --- a/src/src/lookups/sqlite.c +++ b/src/src/lookups/sqlite.c @@ -24,16 +24,23 @@ sqlite_open(const uschar * filename, uschar ** errmsg) sqlite3 *db = NULL; int ret; -if (!filename || !*filename) filename = sqlite_dbfile; -if (*filename != '/') +if (!filename || !*filename) + { + DEBUG(D_lookup) debug_printf_indent("Using sqlite_dbfile: %s\n", sqlite_dbfile); + filename = sqlite_dbfile; + } +if (!filename || *filename != '/') *errmsg = US"absolute file name expected for \"sqlite\" lookup"; else if ((ret = sqlite3_open(CCS filename, &db)) != 0) { *errmsg = (void *)sqlite3_errmsg(db); + sqlite3_close(db); + db = NULL; DEBUG(D_lookup) debug_printf_indent("Error opening database: %s\n", *errmsg); } -sqlite3_busy_timeout(db, 1000 * sqlite_lock_timeout); +if (db) + sqlite3_busy_timeout(db, 1000 * sqlite_lock_timeout); return db; } diff --git a/test/scripts/2600-SQLite/2600 b/test/scripts/2600-SQLite/2600 index d7e4d69d8..a11d46ef1 100644 --- a/test/scripts/2600-SQLite/2600 +++ b/test/scripts/2600-SQLite/2600 @@ -43,3 +43,9 @@ ${lookup sqlite{DIR/aux-fixed/sqlitedb select name from them where id='userx';}} exim -DDATA=DIR/aux-fixed/sqlitedb -d-all+lookup -be ${lookup sqlite{select name from them where id='userx';}} **** +exim -DDATA=nonabsolute_filename -d-all+lookup -be +${lookup sqlite{select name from them where id='userx';}} +**** +exim -DDATA=DIR/missingfile -d-all+lookup -be +${lookup sqlite{select name from them where id='userx';}} +**** diff --git a/test/stderr/2600 b/test/stderr/2600 index ecc3c2091..e9fab9154 100644 --- a/test/stderr/2600 +++ b/test/stderr/2600 @@ -618,6 +618,7 @@ configuration file is TESTSUITE/test-config admin user dropping to exim gid; retaining priv uid search_open: sqlite "NULL" + Using sqlite_dbfile: TESTSUITE/aux-fixed/sqlitedb search_find: file="NULL" key="select name from them where id='userx';" partial=-1 affix=NULL starflags=0 opts=NULL LRU list: @@ -628,3 +629,28 @@ dropping to exim gid; retaining priv uid lookup yielded: Ayen Other search_tidyup called >>>>>>>>>>>>>>>> Exim pid=pppp (fresh-exec) terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +admin user +dropping to exim gid; retaining priv uid + search_open: sqlite "NULL" + Using sqlite_dbfile: nonabsolute_filename +search_tidyup called +>>>>>>>>>>>>>>>> Exim pid=pppp (fresh-exec) terminating with rc=0 >>>>>>>>>>>>>>>> +Exim version x.yz .... +configuration file is TESTSUITE/test-config +admin user +dropping to exim gid; retaining priv uid + search_open: sqlite "NULL" + Using sqlite_dbfile: TESTSUITE/missingfile + search_find: file="NULL" + key="select name from them where id='userx';" partial=-1 affix=NULL starflags=0 opts=NULL + LRU list: + internal_search_find: file="NULL" + type=sqlite key="select name from them where id='userx';" opts=NULL + database lookup required for select name from them where id='userx'; + sqlite3_exec failed: no such table: them + creating new cache entry + lookup failed +search_tidyup called +>>>>>>>>>>>>>>>> Exim pid=pppp (fresh-exec) terminating with rc=0 >>>>>>>>>>>>>>>> diff --git a/test/stdout/2600 b/test/stdout/2600 index c21783b86..0a0a461ce 100644 --- a/test/stdout/2600 +++ b/test/stdout/2600 @@ -46,3 +46,7 @@ after" id=newline > > Ayen Other > +> Failed: absolute file name expected for "sqlite" lookup +> +> +>