Memory leaks in native_key_mutf8(3.5.4) & native_key_char(3.5.3)

tommy8421 · September 23, 2016, 2:36am

in version 3.5.4, file net_sqlcipher_database_SQLiteDatabase.cpp:
void native_key_mutf8(JNIEnv* env, jobject object, jcharArray jKey) {
int rc;
int idx;
jint releaseElements = 0;
jboolean arrayIsCopy;
sqlite3 handle = (sqlite3 )env->GetIntField(object, offset_db_handle);
jsize sz = env->GetArrayLength(jKey);
jchar jKeyChar = env->GetCharArrayElements(jKey, &arrayIsCopy);
jstring key = env->NewString(jKeyChar, sz);
const char password = env->GetStringUTFChars(key, JNI_FALSE);
int password_sz = env->GetStringUTFLength(key);
if(password_sz > 0){
rc = sqlite3_key(handle, password, password_sz);
if(rc != SQLITE_OK){
throw_sqlite3_exception(env, handle);
}
}
env->ReleaseStringUTFChars(key, password);
}

the pointer jKeyChar should be release after use by add the following line at the end of the above function.
env->ReleaseCharArrayElements(jKey, jKeyChar, JNI_ABORT);

in version 3.5.3, native_key has the same bug as above.

developernotes · September 23, 2016, 2:08pm

Hello @tommy8421

Thanks for catching that, I have pushed up a fix in the master branch on Github! The utility of the native_key_mutf8 should be rather rare in practice. Take care!

tommy8421 · September 26, 2016, 4:45am

hello @developernotes,
thanks for your updating.

Topic		Replies	Views
SQLCipher for Android 3.5.4 Release Updates	0	2555	September 13, 2016
SQLCipher 3.3.0 Release SQLCipher	17	4591	October 15, 2015
SQLCipher for Android 3.5.2 Release Updates	0	1737	July 8, 2016
SQLCipher Memory management mechanisms SQLCipher	3	393	July 6, 2019
Accessing sqlcipher from native code on Andriod SQLCipher	3	1061	September 12, 2016

Memory leaks in native_key_mutf8(3.5.4) & native_key_char(3.5.3)

Related Topics