SGX_SQLite
SGX_SQLite copied to clipboard
yerzhan7
SQLite database inside a secure Intel SGX enclave (Linux)
I tried standard SQLite commands in your db like ".tables" but only got a syntax error. Would you please explain the usage of your db here?
Hi,sir, I think there is a security issue here,could you help me confirm it? in sqlite.c: ``` if( m!=0 ){ struct stat statbuf; // statbuf is not initializatized,which may exist...
Hi, While fuzzing sqlite we found data races on the following objects: ``` vfsList randomnessPid inodeList db sqlite3PendingByte ``` We believe this project is not supposed to be used in...
Hello, sealing/unsealing the db file will interrupt with the open and close operation of the DB ? Thanks, LA
Hi, While fuzzing existing SGX applications, we were able to find hangs and crashes on SQLite, as reported by the attachments. The attachment is the output of the fuzzer which...
Data races among the following shared variables and functions. | shared variable | function1 | function2 | |---|---|---| |azDirs.11933|unixGetTempname|unixGetTempname| |azDirs.11933+0x8|unixGetTempname|unixGetTempname| |dummy.17089+0x8|multiSelect|multiSelect| |dummy.17089+0x8|sqlite3ExprCodeTarget|multiSelect| |dummy.17089+0x8|sqlite3ExprCodeTarget|sqlite3ExprCodeTarget| |inodeList|unixClose|unixClose| |inodeList|unixClose|unixOpen| |inodeList|unixOpen|unixOpen| |mem0|sqlite3_initialize.part.319|sqlite3_initialize.part.319| |mem0+0x10|sqlite3ScratchFree|sqlite3_initialize.part.319| |mem0+0x10|sqlite3_initialize.part.319|sqlite3_initialize.part.319| |mem0+0x18|sqlite3ScratchFree|sqlite3ScratchFree|...
ecall_closedb() must set db pointer to NULL after free the object. ```C void ecall_closedb(){ sqlite3_close(db); db = NULL; // change ocall_println_string("Enclave: Closed database connection"); } ``` Otherwise a check like:...
In `seekAndRead`, `osRead` call `ocall_read`, and get `got` from host, but without proper check, and then it used in `memset` of `unixRead`, cause `&pBuf[got]` stack overflow ```cpp SQLITE_PRIVATE int sqlite3BtreeOpen(...)...
My machine is `Ubuntu24.04`, if I run `make`, then I get the following wrong message: ```txt g++ Enclave/Enclave_t.o Enclave/Enclave.o Enclave/sqlite3.o Enclave/ocall_interface.o -o enclave.so -m64 -O2 -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L/opt/intel/sgxsdk/lib64...
