All the secure-delete setting to be changed at run-time using a pragma.
The SQLITE_SECURE_DELETE compile-time option determines the default setting. FossilOrigin-Name: f72f8a870a0fc98a9f2b564ffafe7946bbce506e
This commit is contained in:
drh
parent
56f2996b48
commit
5b47efa662
32
manifest
32
manifest
@ -1,5 +1,8 @@
|
||||
C Fix\sa\ssegfault\sin\sfts3\sthat\smay\soccur\sif\sthe\ssnippet,\soffsets\sor\smatchinfo\sfunctions\sare\sused\sin\sa\squery\sthat\sdoes\snot\scontain\sa\sMATCH\sclause.
|
||||
D 2010-02-10T05:33:18
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA1
|
||||
|
||||
C All\sthe\ssecure-delete\ssetting\sto\sbe\schanged\sat\srun-time\susing\sa\spragma.\nThe\sSQLITE_SECURE_DELETE\scompile-time\soption\sdetermines\sthe\sdefault\ssetting.
|
||||
D 2010-02-12T18:18:39
|
||||
F Makefile.arm-wince-mingw32ce-gcc fcd5e9cd67fe88836360bb4f9ef4cb7f8e2fb5a0
|
||||
F Makefile.in c5827ead754ab32b9585487177c93bb00b9497b3
|
||||
F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654
|
||||
@ -108,9 +111,9 @@ F src/auth.c 523da7fb4979469955d822ff9298352d6b31de34
|
||||
F src/backup.c 744e98359dfc79fed43e8dec911e33e108b06aae
|
||||
F src/bitvec.c 06ad2c36a9c3819c0b9cbffec7b15f58d5d834e0
|
||||
F src/btmutex.c 96a12f50f7a17475155971a241d85ec5171573ff
|
||||
F src/btree.c efdef3953c49e28f8b8fa9cc0ac5754cc1a7489a
|
||||
F src/btree.h 7944a9dac59eb3e541aad45fd2747f1051e7c63d
|
||||
F src/btreeInt.h 54f4245decd0409ea52cf9aee422d3d761d7ac10
|
||||
F src/btree.c 25078c9bba2ed69f1c929e19fe71659d55511f99
|
||||
F src/btree.h 0e193b7e90f1d78b79c79474040e3d66a553a4fa
|
||||
F src/btreeInt.h 71ed5e7f009caf17b7dc304350b3cb64b5970135
|
||||
F src/build.c 81412e0f3cabd0cc7a71a1644c46d9ccad9613f5
|
||||
F src/callback.c 908f3e0172c3d4058f4ca0acd42c637c52e9669f
|
||||
F src/complete.c 4c8a742c4a4a6d9c835912648f5c8f032ea36c7b
|
||||
@ -150,13 +153,13 @@ F src/os_common.h 240c88b163b02c21a9f21f87d49678a0aa21ff30
|
||||
F src/os_os2.c 75a8c7b9a00a2cf1a65f9fa4afbc27d46634bb2f
|
||||
F src/os_unix.c 85479b27b995c2924a0905e4767d58598fb45000
|
||||
F src/os_win.c 5ffab20249a61e0625f869efe157fa009747039b
|
||||
F src/pager.c 4cf8da7cf454d09086400c3b2943b41e6e46e829
|
||||
F src/pager.c 5dee83c3cf4e94b72fcd81dca67abd7617227217
|
||||
F src/pager.h 1b32faf2e578ac3e7bcf9c9d11217128261c5c54
|
||||
F src/parse.y ace5c7a125d9f2a410e431ee3209034105045f7e
|
||||
F src/pcache.c 815bcb3cf0e14b23212efd3f4981f667a5fd633e
|
||||
F src/pcache.h c683390d50f856d4cd8e24342ae62027d1bb6050
|
||||
F src/pcache1.c 2bb2261190b42a348038f5b1c285c8cef415fcc8
|
||||
F src/pragma.c 5644b2cc765f68253765e0b16ce3a2bfc092342d
|
||||
F src/pragma.c c0591d6f77be6b281f5cb68031c9aab0a7bf50a4
|
||||
F src/prepare.c d4cd38ccfb51f1424d0e61d4878a810b7e1ebb60
|
||||
F src/printf.c 2c2702dc4955394dae554b7c45f45656eb42de7f
|
||||
F src/random.c cd4a67b3953b88019f8cd4ccd81394a8ddfaba50
|
||||
@ -786,7 +789,14 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
|
||||
F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
|
||||
F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e
|
||||
F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f
|
||||
P f64b81f13de4875343c752e7183bf61032dc9594
|
||||
R 5333db164ef39e64c57fafc741c13181
|
||||
U dan
|
||||
Z d15835a4ab01775366b26edc0ebe998b
|
||||
P 14ab536a96f81595ab8c3dcd4b72075f1a827c8b
|
||||
R 8c56002353eb719f638bc73e0f805265
|
||||
U drh
|
||||
Z 9e25690ce3b9770e58f6c8fa7d210a05
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1.4.6 (GNU/Linux)
|
||||
|
||||
iD8DBQFLdZuDoxKgR168RlERAnGTAKCGoy1G06Shul4IKI+EICeUa82BwACeLCUf
|
||||
+FBQFqONYf4Ztpufoz0uTZE=
|
||||
=Tyh+
|
||||
-----END PGP SIGNATURE-----
|
||||
|
||||
@ -1 +1 @@
|
||||
14ab536a96f81595ab8c3dcd4b72075f1a827c8b
|
||||
f72f8a870a0fc98a9f2b564ffafe7946bbce506e
|
||||
67
src/btree.c
67
src/btree.c
@ -1247,11 +1247,11 @@ static int freeSpace(MemPage *pPage, int start, int size){
|
||||
assert( sqlite3_mutex_held(pPage->pBt->mutex) );
|
||||
assert( size>=0 ); /* Minimum cell size is 4 */
|
||||
|
||||
#ifdef SQLITE_SECURE_DELETE
|
||||
/* Overwrite deleted information with zeros when the SECURE_DELETE
|
||||
** option is enabled at compile-time */
|
||||
memset(&data[start], 0, size);
|
||||
#endif
|
||||
if( pPage->pBt->secureDelete ){
|
||||
/* Overwrite deleted information with zeros when the secure_delete
|
||||
** option is enabled */
|
||||
memset(&data[start], 0, size);
|
||||
}
|
||||
|
||||
/* Add the space back into the linked list of freeblocks. Note that
|
||||
** even though the freeblock list was checked by btreeInitPage(),
|
||||
@ -1483,9 +1483,9 @@ static void zeroPage(MemPage *pPage, int flags){
|
||||
assert( sqlite3PagerGetData(pPage->pDbPage) == data );
|
||||
assert( sqlite3PagerIswriteable(pPage->pDbPage) );
|
||||
assert( sqlite3_mutex_held(pBt->mutex) );
|
||||
#ifdef SQLITE_SECURE_DELETE
|
||||
memset(&data[hdr], 0, pBt->usableSize - hdr);
|
||||
#endif
|
||||
if( pBt->secureDelete ){
|
||||
memset(&data[hdr], 0, pBt->usableSize - hdr);
|
||||
}
|
||||
data[hdr] = (char)flags;
|
||||
first = hdr + 8 + 4*((flags&PTF_LEAF)==0 ?1:0);
|
||||
memset(&data[hdr+1], 0, 4);
|
||||
@ -1805,6 +1805,9 @@ int sqlite3BtreeOpen(
|
||||
pBt->pCursor = 0;
|
||||
pBt->pPage1 = 0;
|
||||
pBt->readOnly = sqlite3PagerIsreadonly(pBt->pPager);
|
||||
#ifdef SQLITE_SECURE_DELETE
|
||||
pBt->secureDelete = 1;
|
||||
#endif
|
||||
pBt->pageSize = get2byte(&zDbHeader[16]);
|
||||
if( pBt->pageSize<512 || pBt->pageSize>SQLITE_MAX_PAGE_SIZE
|
||||
|| ((pBt->pageSize-1)&pBt->pageSize)!=0 ){
|
||||
@ -2161,6 +2164,22 @@ int sqlite3BtreeMaxPageCount(Btree *p, int mxPage){
|
||||
sqlite3BtreeLeave(p);
|
||||
return n;
|
||||
}
|
||||
|
||||
/*
|
||||
** Set the secureDelete flag if newFlag is 0 or 1. If newFlag is -1,
|
||||
** then make no changes. Always return the value of the secureDelete
|
||||
** setting after the change.
|
||||
*/
|
||||
int sqlite3BtreeSecureDelete(Btree *p, int newFlag){
|
||||
int b;
|
||||
sqlite3BtreeEnter(p);
|
||||
if( newFlag>=0 ){
|
||||
p->pBt->secureDelete = (newFlag!=0) ? 1 : 0;
|
||||
}
|
||||
b = p->pBt->secureDelete;
|
||||
sqlite3BtreeLeave(p);
|
||||
return b;
|
||||
}
|
||||
#endif /* !defined(SQLITE_OMIT_PAGER_PRAGMAS) || !defined(SQLITE_OMIT_VACUUM) */
|
||||
|
||||
/*
|
||||
@ -4904,17 +4923,17 @@ static int freePage2(BtShared *pBt, MemPage *pMemPage, Pgno iPage){
|
||||
nFree = get4byte(&pPage1->aData[36]);
|
||||
put4byte(&pPage1->aData[36], nFree+1);
|
||||
|
||||
#ifdef SQLITE_SECURE_DELETE
|
||||
/* If the SQLITE_SECURE_DELETE compile-time option is enabled, then
|
||||
** always fully overwrite deleted information with zeros.
|
||||
*/
|
||||
if( (!pPage && (rc = btreeGetPage(pBt, iPage, &pPage, 0)))
|
||||
|| (rc = sqlite3PagerWrite(pPage->pDbPage))
|
||||
){
|
||||
goto freepage_out;
|
||||
if( pBt->secureDelete ){
|
||||
/* If the secure_delete option is enabled, then
|
||||
** always fully overwrite deleted information with zeros.
|
||||
*/
|
||||
if( (!pPage && (rc = btreeGetPage(pBt, iPage, &pPage, 0)))
|
||||
|| (rc = sqlite3PagerWrite(pPage->pDbPage))
|
||||
){
|
||||
goto freepage_out;
|
||||
}
|
||||
memset(pPage->aData, 0, pPage->pBt->pageSize);
|
||||
}
|
||||
memset(pPage->aData, 0, pPage->pBt->pageSize);
|
||||
#endif
|
||||
|
||||
/* If the database supports auto-vacuum, write an entry in the pointer-map
|
||||
** to indicate that the page is free.
|
||||
@ -4965,11 +4984,9 @@ static int freePage2(BtShared *pBt, MemPage *pMemPage, Pgno iPage){
|
||||
if( rc==SQLITE_OK ){
|
||||
put4byte(&pTrunk->aData[4], nLeaf+1);
|
||||
put4byte(&pTrunk->aData[8+nLeaf*4], iPage);
|
||||
#ifndef SQLITE_SECURE_DELETE
|
||||
if( pPage ){
|
||||
if( pPage && !pBt->secureDelete ){
|
||||
sqlite3PagerDontWrite(pPage->pDbPage);
|
||||
}
|
||||
#endif
|
||||
rc = btreeSetHasContent(pBt, iPage);
|
||||
}
|
||||
TRACE(("FREE-PAGE: %d leaf on trunk page %d\n",pPage->pgno,pTrunk->pgno));
|
||||
@ -5778,10 +5795,10 @@ static int balance_nonroot(
|
||||
** In this case, temporarily copy the cell into the aOvflSpace[]
|
||||
** buffer. It will be copied out again as soon as the aSpace[] buffer
|
||||
** is allocated. */
|
||||
#ifdef SQLITE_SECURE_DELETE
|
||||
memcpy(&aOvflSpace[apDiv[i]-pParent->aData], apDiv[i], szNew[i]);
|
||||
apDiv[i] = &aOvflSpace[apDiv[i]-pParent->aData];
|
||||
#endif
|
||||
if( pBt->secureDelete ){
|
||||
memcpy(&aOvflSpace[apDiv[i]-pParent->aData], apDiv[i], szNew[i]);
|
||||
apDiv[i] = &aOvflSpace[apDiv[i]-pParent->aData];
|
||||
}
|
||||
dropCell(pParent, i+nxDiv-pParent->nOverflow, szNew[i], &rc);
|
||||
}
|
||||
}
|
||||
|
||||
@ -81,6 +81,7 @@ int sqlite3BtreeSyncDisabled(Btree*);
|
||||
int sqlite3BtreeSetPageSize(Btree *p, int nPagesize, int nReserve, int eFix);
|
||||
int sqlite3BtreeGetPageSize(Btree*);
|
||||
int sqlite3BtreeMaxPageCount(Btree*,int);
|
||||
int sqlite3BtreeSecureDelete(Btree*,int);
|
||||
int sqlite3BtreeGetReserve(Btree*);
|
||||
int sqlite3BtreeSetAutoVacuum(Btree *, int);
|
||||
int sqlite3BtreeGetAutoVacuum(Btree *);
|
||||
|
||||
@ -407,6 +407,7 @@ struct BtShared {
|
||||
MemPage *pPage1; /* First page of the database */
|
||||
u8 readOnly; /* True if the underlying file is readonly */
|
||||
u8 pageSizeFixed; /* True if the page size can no longer be changed */
|
||||
u8 secureDelete; /* True if secure_delete is enabled */
|
||||
#ifndef SQLITE_OMIT_AUTOVACUUM
|
||||
u8 autoVacuum; /* True if auto-vacuum is enabled */
|
||||
u8 incrVacuum; /* True if incr-vacuum is enabled */
|
||||
|
||||
@ -2875,9 +2875,7 @@ static int pager_write_pagelist(PgHdr *pList){
|
||||
** any such pages to the file.
|
||||
**
|
||||
** Also, do not write out any page that has the PGHDR_DONT_WRITE flag
|
||||
** set (set by sqlite3PagerDontWrite()). Note that if compiled with
|
||||
** SQLITE_SECURE_DELETE the PGHDR_DONT_WRITE bit is never set and so
|
||||
** the second test is always true.
|
||||
** set (set by sqlite3PagerDontWrite()).
|
||||
*/
|
||||
if( pgno<=pPager->dbSize && 0==(pList->flags&PGHDR_DONT_WRITE) ){
|
||||
i64 offset = (pgno-1)*(i64)pPager->pageSize; /* Offset to write */
|
||||
@ -4385,7 +4383,6 @@ int sqlite3PagerIswriteable(DbPage *pPg){
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef SQLITE_SECURE_DELETE
|
||||
/*
|
||||
** A call to this routine tells the pager that it is not necessary to
|
||||
** write the information on page pPg back to the disk, even though
|
||||
@ -4411,7 +4408,6 @@ void sqlite3PagerDontWrite(PgHdr *pPg){
|
||||
#endif
|
||||
}
|
||||
}
|
||||
#endif /* !defined(SQLITE_SECURE_DELETE) */
|
||||
|
||||
/*
|
||||
** This routine is called to increment the value of the database file
|
||||
|
||||
19
src/pragma.c
19
src/pragma.c
@ -416,6 +416,25 @@ void sqlite3Pragma(
|
||||
returnSingleInt(pParse, "max_page_count", newMax);
|
||||
}else
|
||||
|
||||
/*
|
||||
** PRAGMA [database.]secure_delete
|
||||
** PRAGMA [database.]secure_delete=ON/OFF
|
||||
**
|
||||
** The first form reports the current setting for the
|
||||
** secure_delete flag. The second form changes the secure_delete
|
||||
** flag setting and reports thenew value.
|
||||
*/
|
||||
if( sqlite3StrICmp(zLeft,"secure_delete")==0 ){
|
||||
Btree *pBt = pDb->pBt;
|
||||
int b = -1;
|
||||
assert( pBt!=0 );
|
||||
if( zRight ){
|
||||
b = getBoolean(zRight);
|
||||
}
|
||||
b = sqlite3BtreeSecureDelete(pBt, b);
|
||||
returnSingleInt(pParse, "secure_delete", b);
|
||||
}else
|
||||
|
||||
/*
|
||||
** PRAGMA [database.]page_count
|
||||
**
|
||||
|
||||
Loading…
Reference in New Issue
Block a user