Update SQLite to use rngset and bzero instead of memset (reapply 39bf41f4)

2025-08-08 19:00:27 +00:00 · 2022-11-22 22:34:06 -08:00 · 2022-11-22 22:34:06 -08:00 · 95595c1d5a
commit 95595c1d5a
parent 58d70269f0
3 changed files with 25 additions and 70 deletions
--- a/third_party/sqlite3/os_unix.c
+++ b/third_party/sqlite3/os_unix.c
@ -43,8 +43,10 @@
 **   *  Definitions of sqlite3_vfs objects for all locking methods
 **      plus implementations of sqlite3_os_init() and sqlite3_os_end().
 */
 #include "libc/stdio/rand.h"
 #include "third_party/sqlite3/sqliteInt.h"
-#if SQLITE_OS_UNIX              /* This file is used on unix only */
+#if SQLITE_OS_UNIX /* This file is used on unix only */
                   /* clang-format off */
 /*
 ** There are various methods for file locking used for concurrency
@ -163,13 +165,6 @@
 */
 #define SQLITE_FSFLAGS_IS_MSDOS     0x1
 /*
 ** If we are to be thread-safe, include the pthreads header.
 */
 #if SQLITE_THREADSAFE
 #include "libc/thread/thread.h"
 #endif
 /*
 ** Default permissions when creating a new file
 */
@ -1240,7 +1235,7 @@ static int unixLogErrorAtLine(
  */ 
 #if SQLITE_THREADSAFE && defined(HAVE_STRERROR_R)
  char aErr[80];
-  memset(aErr, 0, sizeof(aErr));
+  bzero(aErr, sizeof(aErr));
  zErr = aErr;
  /* If STRERROR_R_CHAR_P (set by autoconf scripts) or __USE_GNU is defined,
@ -1414,7 +1409,7 @@ static int findInodeInfo(
  }
 #endif
-  memset(&fileId, 0, sizeof(fileId));
+  bzero(&fileId, sizeof(fileId));
  fileId.dev = statbuf.st_dev;
 #if OS_VXWORKS
  fileId.pId = pFile->pId;
@ -1431,7 +1426,7 @@ static int findInodeInfo(
    if( pInode==0 ){
      return SQLITE_NOMEM_BKPT;
    }
-    memset(pInode, 0, sizeof(*pInode));
+    bzero(pInode, sizeof(*pInode));
    memcpy(&pInode->fileId, &fileId, sizeof(fileId));
    if( sqlite3GlobalConfig.bCoreMutex ){
      pInode->pLockMutex = sqlite3_mutex_alloc(SQLITE_MUTEX_FAST);
@ -2121,7 +2116,7 @@ static int closeUnixFile(sqlite3_file *id){
  OSTRACE(("CLOSE   %-3d\n", pFile->h));
  OpenCounter(-1);
  sqlite3_free(pFile->pPreallocatedUnused);
-  memset(pFile, 0, sizeof(unixFile));
+  bzero(pFile, sizeof(unixFile));
  return SQLITE_OK;
 }
@ -3403,7 +3398,7 @@ static int unixRead(
  }else{
    storeLastErrno(pFile, 0);   /* not a system error */
    /* Unread parts of the buffer must be zero-filled */
-    memset(&((char*)pBuf)[got], 0, amt-got);
+    bzero(&((char*)pBuf)[got], amt-got);
    return SQLITE_IOERR_SHORT_READ;
  }
 }
@ -4603,7 +4598,7 @@ static int unixOpenSharedMemory(unixFile *pDbFd){
  /* Allocate space for the new unixShm object. */
  p = sqlite3_malloc64( sizeof(*p) );
  if( p==0 ) return SQLITE_NOMEM_BKPT;
-  memset(p, 0, sizeof(*p));
+  bzero(p, sizeof(*p));
  assert( pDbFd->pShm==0 );
  /* Check to see if a unixShmNode object already exists. Reuse an existing
@ -4638,7 +4633,7 @@ static int unixOpenSharedMemory(unixFile *pDbFd){
      rc = SQLITE_NOMEM_BKPT;
      goto shm_open_err;
    }
-    memset(pShmNode, 0, sizeof(*pShmNode)+nShmFilename);
+    bzero(pShmNode, sizeof(*pShmNode)+nShmFilename);
    zShm = pShmNode->zFilename = (char*)&pShmNode[1];
 #ifdef SQLITE_SHM_DIRECTORY
    sqlite3_snprintf(nShmFilename, zShm, 
@ -4848,7 +4843,7 @@ static int unixShmMap(
          rc = SQLITE_NOMEM_BKPT;
          goto shmpage_out;
        }
-        memset(pMem, 0, nMap);
+        bzero(pMem, nMap);
      }
      for(i=0; i<nShmPerMap; i++){
@ -4882,7 +4877,7 @@ static int assertLockingArrayOk(unixShmNode *pShmNode){
  int aLock[SQLITE_SHM_NLOCK];
  assert( sqlite3_mutex_held(pShmNode->pShmMutex) );
-  memset(aLock, 0, sizeof(aLock));
+  bzero(aLock, sizeof(aLock));
  for(pX=pShmNode->pFirst; pX; pX=pX->pNext){
    int i;
    for(i=0; i<SQLITE_SHM_NLOCK; i++){
@ -4980,7 +4975,7 @@ static int unixShmLock(
      if( bUnlock ){
        rc = unixShmSystemLock(pDbFd, F_UNLCK, ofst+UNIX_SHM_BASE, n);
        if( rc==SQLITE_OK ){
-          memset(&aLock[ofst], 0, sizeof(int)*n);
+          bzero(&aLock[ofst], sizeof(int)*n);
        }
      }else if( ALWAYS(p->sharedMask & (1<<ofst)) ){
        assert( n==1 && aLock[ofst]>1 );
@ -6164,7 +6159,7 @@ static int unixOpen(
    randomnessPid = osGetpid(0);
    sqlite3_randomness(0,0);
  }
-  memset(p, 0, sizeof(unixFile));
+  bzero(p, sizeof(unixFile));
 #ifdef SQLITE_ASSERT_NO_FILES
  /* Applications that never read or write a persistent disk files */
@ -6574,7 +6569,6 @@ static int unixFullPathname(
 ** Interfaces for opening a shared library, finding entry points
 ** within the shared library, and closing the shared library.
 */
 #include <dlfcn.h>
 static void *unixDlOpen(sqlite3_vfs *NotUsed, const char *zFilename){
  UNUSED_PARAMETER(NotUsed);
  return dlopen(zFilename, RTLD_NOW | RTLD_GLOBAL);
@ -6637,38 +6631,8 @@ static void unixDlClose(sqlite3_vfs *NotUsed, void *pHandle){
 static int unixRandomness(sqlite3_vfs *NotUsed, int nBuf, char *zBuf){
  UNUSED_PARAMETER(NotUsed);
  assert((size_t)nBuf>=(sizeof(time_t)+sizeof(int)));
  /* We have to initialize zBuf to prevent valgrind from reporting
  ** errors.  The reports issued by valgrind are incorrect - we would
  ** prefer that the randomness be increased by making use of the
  ** uninitialized space in zBuf - but valgrind errors tend to worry
  ** some users.  Rather than argue, it seems easier just to initialize
  ** the whole array and silence valgrind, even if that means less randomness
  ** in the random seed.
  **
  ** When testing, initializing zBuf[] to zero is all we do.  That means
  ** that we always use the same random number sequence.  This makes the
  ** tests repeatable.
  */
  memset(zBuf, 0, nBuf);
  randomnessPid = osGetpid(0);  
-#if !defined(SQLITE_TEST) && !defined(SQLITE_OMIT_RANDOMNESS)
+  rngset(zBuf, nBuf, rdseed, -1);
  {
    int fd, got;
    fd = robust_open("/dev/urandom", O_RDONLY, 0);
    if( fd<0 ){
      time_t t;
      time(&t);
      memcpy(zBuf, &t, sizeof(t));
      memcpy(&zBuf[sizeof(t)], &randomnessPid, sizeof(randomnessPid));
      assert( sizeof(t)+sizeof(randomnessPid)<=(size_t)nBuf );
      nBuf = sizeof(t) + sizeof(randomnessPid);
    }else{
      do{ got = osRead(fd, zBuf, nBuf); }while( got<0 && errno==EINTR );
      robust_close(0, fd, __LINE__);
    }
  }
 #endif
  return nBuf;
 }
@ -7103,9 +7067,9 @@ static int proxyCreateUnixFile(
    rc = SQLITE_NOMEM_BKPT;
    goto end_create_proxy;
  }
-  memset(pNew, 0, sizeof(unixFile));
+  bzero(pNew, sizeof(unixFile));
  pNew->openFlags = openFlags;
-  memset(&dummyVfs, 0, sizeof(dummyVfs));
+  bzero(&dummyVfs, sizeof(dummyVfs));
  dummyVfs.pAppData = (void*)&autolockIoFinder;
  dummyVfs.zName = "dummy";
  pUnused->fd = fd;
@ -7141,7 +7105,7 @@ extern int gethostuuid(uuid_t id, const struct timespec *wait);
 */
 static int proxyGetHostID(unsigned char *pHostID, int *pError){
  assert(PROXY_HOSTIDLEN == sizeof(uuid_t));
-  memset(pHostID, 0, PROXY_HOSTIDLEN);
+  bzero(pHostID, PROXY_HOSTIDLEN);
 #if HAVE_GETHOSTUUID
  {
    struct timespec timeout = {1, 0}; /* 1 sec timeout */
@ -7246,7 +7210,7 @@ static int proxyConchLock(unixFile *pFile, uuid_t myHostID, int lockType){
  int nTries = 0;
  struct timespec conchModTime;
-  memset(&conchModTime, 0, sizeof(conchModTime));
+  bzero(&conchModTime, sizeof(conchModTime));
  do {
    rc = conchFile->pMethod->xLock((sqlite3_file*)conchFile, lockType);
    nTries ++;
@ -7696,7 +7660,7 @@ static int proxyTransformUnixFile(unixFile *pFile, const char *path) {
  if( pCtx==0 ){
    return SQLITE_NOMEM_BKPT;
  }
-  memset(pCtx, 0, sizeof(*pCtx));
+  bzero(pCtx, sizeof(*pCtx));
  rc = proxyCreateConchPathname(dbPath, &pCtx->conchFilePath);
  if( rc==SQLITE_OK ){
--- a/third_party/sqlite3/shell.c
+++ b/third_party/sqlite3/shell.c
@ -310,15 +310,6 @@ static sqlite3_int64 timeOfDay(void){
 #if !defined(_WIN32) && !defined(WIN32) && !defined(__minux)
 #include "libc/time/time.h"
 /* VxWorks does not support getrusage() as far as we can determine */
 #if defined(_WRS_KERNEL) || defined(__RTP__)
 struct rusage {
  struct timeval ru_utime; /* user CPU time used */
  struct timeval ru_stime; /* system CPU time used */
 };
 #define getrusage(A,B) memset(B,0,sizeof(*B))
 #endif
 /* Saved resource information for the beginning of an operation */
 static struct rusage sBegin;  /* CPU time at start */
 static sqlite3_int64 iBegin;  /* Wall-clock time at start */
--- a/third_party/sqlite3/wal.c
+++ b/third_party/sqlite3/wal.c
@ -644,8 +644,8 @@ static SQLITE_NOINLINE int walIndexPageRealloc(
      *ppPage = 0;
      return SQLITE_NOMEM_BKPT;
    }
-    memset((void*)&apNew[pWal->nWiData], 0,
+    bzero((void*)&apNew[pWal->nWiData],
-           sizeof(u32*)*(iPage+1-pWal->nWiData));
+          sizeof(u32*)*(iPage+1-pWal->nWiData));
    pWal->apWiData = apNew;
    pWal->nWiData = iPage+1;
  }
@ -841,7 +841,7 @@ static void walEncodeFrame(
    sqlite3Put4byte(&aFrame[16], aCksum[0]);
    sqlite3Put4byte(&aFrame[20], aCksum[1]);
  }else{
-    memset(&aFrame[8], 0, 16);
+    bzero(&aFrame[8], 16);
  }
 }
@ -1106,7 +1106,7 @@ static void walCleanupHash(Wal *pWal){
  */
  nByte = (int)((char *)sLoc.aHash - (char *)&sLoc.aPgno[iLimit]);
  assert( nByte>=0 );
-  memset((void *)&sLoc.aPgno[iLimit], 0, nByte);
+  bzero((void *)&sLoc.aPgno[iLimit], nByte);
 #ifdef SQLITE_ENABLE_EXPENSIVE_ASSERT
  /* Verify that the every entry in the mapping region is still reachable
@ -1153,7 +1153,7 @@ static int walIndexAppend(Wal *pWal, u32 iFrame, u32 iPage){
    if( idx==1 ){
      int nByte = (int)((u8*)&sLoc.aHash[HASHTABLE_NSLOT] - (u8*)sLoc.aPgno);
      assert( nByte>=0 );
-      memset((void*)sLoc.aPgno, 0, nByte);
+      bzero((void*)sLoc.aPgno, nByte);
    }
    /* If the entry in aPgno[] is already set, then the previous writer