Check for valid context before using cipher_store_pass

Identified by Nicholas Starke

Author: developernotes

src/crypto.c

@@ -97,12 +97,16 @@ int sqlcipher_codec_pragma(sqlite3* db, int iDb, Parse *pParse, const char *zLef
     }
   } else
   if( sqlite3StrICmp(zLeft, "cipher_store_pass")==0 && zRight ) {
-    sqlcipher_codec_set_store_pass(ctx, sqlite3GetBoolean(zRight, 1));
+    if(ctx) {
+      sqlcipher_codec_set_store_pass(ctx, sqlite3GetBoolean(zRight, 1));
+    }
   } else
   if( sqlite3StrICmp(zLeft, "cipher_store_pass")==0 && !zRight ) {
-    char *store_pass_value = sqlite3_mprintf("%d", sqlcipher_codec_get_store_pass(ctx));
-    codec_vdbe_return_static_string(pParse, "cipher_store_pass", store_pass_value);
-    sqlite3_free(store_pass_value);
+    if(ctx){
+      char *store_pass_value = sqlite3_mprintf("%d", sqlcipher_codec_get_store_pass(ctx));
+      codec_vdbe_return_static_string(pParse, "cipher_store_pass", store_pass_value);
+      sqlite3_free(store_pass_value);
+    }
   }
   if( sqlite3StrICmp(zLeft, "cipher_profile")== 0 && zRight ){
       char *profile_status = sqlite3_mprintf("%d", sqlcipher_cipher_profile(db, zRight));

test/crypto.test

@@ -1923,7 +1923,7 @@ db close
 file delete -force test.db
 
 # verify invalid cipher does not cause segfault
-if_built_with_openssl verify-invalid-cipher-does_not_segfault {
+if_built_with_openssl verify-invalid-cipher-does-not-segfault {
     sqlite_orig db test.db
     execsql {
         PRAGMA key = 'test';
@@ -1934,6 +1934,18 @@ if_built_with_openssl verify-invalid-cipher-does_not_segfault {
 db close
 file delete -force test.db
 
+# verify setting cipher_store_pass before key
+# does not cause segfault
+do_test verify-cipher-store-pass-before-key-does-not-segfault {
+    sqlite_orig db test.db
+    execsql {
+        PRAGMA cipher_store_pass = 1;
+        PRAGMA key = 'test';
+    }
+} {}
+db close
+file delete -force test.db
+
 # verify the pragma cipher
 # reports the default value
 if_built_with_openssl verify-pragma-cipher-default {