gpg: Make sure we only have a single SQL statement.

* g10/tofu.c (sqlite3_stepx): Make sure SQL only contains a single SQL statement. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
author: Neal H. Walfield <neal@g10code.com> 2015-10-26 13:41:07 +0100
committer: Neal H. Walfield <neal@g10code.com> 2015-10-26 13:41:59 +0100
commit: c18fb0d99b633bb267dead6e7c46229f4b780bc3 (patch)
tree: 6cec0729d488b896b589f4c1c6955a0b02c86183 /g10
parent: gpg: When the TOFU DB is in batch mode, periodically drop the locks. (diff)
download: gnupg2-c18fb0d99b633bb267dead6e7c46229f4b780bc3.tar.xz
gnupg2-c18fb0d99b633bb267dead6e7c46229f4b780bc3.zip
1 files changed, 16 insertions, 1 deletions
diff --git a/g10/tofu.c b/g10/tofu.c
index 4eab487b6..43a6224a8 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -289,10 +289,25 @@ sqlite3_stepx (sqlite3 *db,
     }
   else
     {
-      rc = sqlite3_prepare_v2 (db, sql, -1, &stmt, NULL);
+      const char *tail = NULL;
+
+      rc = sqlite3_prepare_v2 (db, sql, -1, &stmt, &tail);
       if (rc)
         log_fatal ("failed to prepare SQL: %s", sql);
 
+      /* We can only process a single statement.  */
+      if (tail)
+        {
+          while (*tail == ' ' || *tail == ';')
+            tail ++;
+
+          if (*tail)
+            log_fatal
+              ("sqlite3_stepx can only process a single SQL statement."
+               "  Second statement starts with: '%s'\n",
+               tail);
+        }
+
       if (stmtp)
         *stmtp = stmt;
     }
author	Neal H. Walfield <neal@g10code.com>	2015-10-26 13:41:07 +0100
committer	Neal H. Walfield <neal@g10code.com>	2015-10-26 13:41:59 +0100
commit	c18fb0d99b633bb267dead6e7c46229f4b780bc3 (patch)
tree	6cec0729d488b896b589f4c1c6955a0b02c86183 /g10
parent	gpg: When the TOFU DB is in batch mode, periodically drop the locks. (diff)
download	gnupg2-c18fb0d99b633bb267dead6e7c46229f4b780bc3.tar.xz gnupg2-c18fb0d99b633bb267dead6e7c46229f4b780bc3.zip