Documentation Source Text

Check-in [0e82b7e2dd]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Change log typo fixes.
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 0e82b7e2ddb95985fb0e40f3e2bcca39328d8cbf78d26623e52fbec828d5d15b
User & Date: drh 2017-07-25 17:03:27
Context
2017-07-26
15:06
Update test metrics on the testing.html page. check-in: 6fc727b510 user: drh tags: trunk
2017-07-25
17:03
Change log typo fixes. check-in: 0e82b7e2dd user: drh tags: trunk
15:57
More typo fixes. check-in: 9fdf1274f9 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to pages/bindptr.in.

    85     85   <p>
    86     86   Because the pointer is passed in the t1 column of the t1
    87     87   table as a BLOB (in older versions of SQLite), such a query would have 
    88     88   shown the value of the
    89     89   pointer in hex.  The attacker could then modify that pointer to try to
    90     90   get the snippet() function to modify memory in some other part of 
    91     91   the application address space instead of the fts3cursor object it 
    92         -was suppose to be operating on:
           92  +was supposed to be operating on:
    93     93   
    94     94   <codeblock>
    95     95   SELECT snippet(x'6092310100000000') FROM t1 WHERE cx MATCH $pattern;
    96     96   </codeblock>
    97     97   
    98     98   <p>
    99     99   Historically, this was not considered a threat.  The argument was that if
................................................................................
   107    107   arbitrary SQL, and so most uses of SQLite are immute to the attack above.
   108    108   But there are some notable exceptions.  To wit:
   109    109   
   110    110   <ul>
   111    111   <li><p>
   112    112   The [https://en.wikipedia.org/wiki/Web_SQL_Database|WebSQL] interface
   113    113   to webkit allowed any webpage to to run arbitrary SQL in the browser
   114         -for Chrome and Safari.  That arbitrary SQL was suppose to be run inside
          114  +for Chrome and Safari.  That arbitrary SQL was supposed to be run inside
   115    115   a sandbox where it could do no harm even if exploited, but that sandbox
   116    116   turned out to be less secure than people supposed.  In the spring of 2017, 
   117    117   one team of hackers was able to root an iMac using a long sequence of 
   118    118   exploits, one of which involved corrupting the pointers passed as BLOB 
   119    119   values to the snippet() FTS3 function of an SQLite database running via
   120    120   the WebSQL interface inside of Safari.
   121    121   

Changes to pages/changes.in.

    20     20     set xrefChng($date) $nChng
    21     21     incr nChng
    22     22   }
    23     23   
    24     24   chng {2017-08-01 (3.20.0)} {
    25     25   <li> Update the text of error messages returned by [sqlite3_errmsg()] for some
    26     26        error codes.
    27         -<li> Add new interfaces [pointer passing interfaces].
           27  +<li> Add new [pointer passing interfaces].
    28     28   <li> Backwards-incompatible changes to some extensions in order to take 
    29     29        advantage of the improved security offered by the new 
    30     30        [pointer passing interfaces]:
    31     31        <ul>
    32     32        <li> [Extending FTS5] &rarr; requires [sqlite3_bind_pointer()] to find
    33     33             the fts5_api pointer.
    34     34        <li> [carray(PTR,N)] &rarr; requires [sqlite3_bind_pointer()] to set the PTR parameter.
................................................................................
    36     36             &rarr; requires [sqlite3_bind_pointer()] to set the PTR parameter.
    37     37        </ul>
    38     38   <li> Added the [SQLITE_STMT virtual table] extension.
    39     39   <li> Added the [COMPLETION extension] - designed to suggest
    40     40        tab-completions for interactive user interfaces.  This is a work in progress.
    41     41        Expect further enhancements in future releases.
    42     42   <li> Added the [UNION virtual table] extension.
    43         -     tab-completions for interactive user interfaces.  This is a work in progress.
    44         -     Expect further enhancements in future releases.
    45     43   <li> The built-in [date and time functions] have been enhanced so that they can be
    46         -     used within [CHECK constraints], [indexes on expressions], and in the WHERE clause
    47         -     of a [partial index], provided that they do not use the 'now', 'localtime', or
           44  +     used in [CHECK constraints], in [indexes on expressions], and in the WHERE clause
           45  +     of a [partial indexes], provided that they do not use the 'now', 'localtime', or
    48     46        'utc' keywords.  [date/time special case|Futher information].
    49     47   <li> Added the [sqlite3_prepare_v3()] and [sqlite3_prepare16_v3()] interfaces
    50     48        with the extra "prepFlags" parameters.
    51     49   <li> Provide the [SQLITE_PREPARE_PERSISTENT] flag for [sqlite3_prepare_v3()] and
    52     50        use it to limit [lookaside memory] misuse by [FTS3], [FTS5], and the
    53     51        [R-Tree extension].
    54     52   <li> Added the [PRAGMA secure_delete=FAST] command.  When secure_delete is