Skip to content

fix: Re-enable SQLite3DB::LoadPlugin() with allow_load_plugin flag #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
renecannao merged 1 commit into from
Jan 22, 2026
Merged

fix: Re-enable SQLite3DB::LoadPlugin() with allow_load_plugin flag #28

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions lib/sqlite3db.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1065,14 +1065,15 @@ SQLite3_result::SQLite3_result() {

/**
* @brief Loads a SQLite3 plugin.
*
*
* This function loads a SQLite3 plugin specified by the given plugin_name.
* It initializes function pointers to SQLite3 API functions provided by the plugin.
* If the plugin_name is NULL, it loads the built-in SQLite3 library and initializes function pointers to its API functions.
*
*
* @param[in] plugin_name The name of the SQLite3 plugin library to load.
*/
void SQLite3DB::LoadPlugin(const char *plugin_name) {
const bool allow_load_plugin = false; // TODO: Revisit plugin loading safety mechanism
Copy link

@gemini-code-assist gemini-code-assist bot Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

Hardcoding allow_load_plugin to false directly within the LoadPlugin function makes it impossible to enable dynamic plugin loading without recompiling the application. For better flexibility and maintainability, this flag should be a configurable global variable (e.g., within GloVars) that can be managed externally, such as through a configuration file or command-line argument. This would allow for easier future enablement or testing of dynamic plugins.

proxy_sqlite3_config = NULL;
proxy_sqlite3_bind_double = NULL;
proxy_sqlite3_bind_int = NULL;
Expand Down Expand Up @@ -1109,7 +1110,7 @@ void SQLite3DB::LoadPlugin(const char *plugin_name) {
proxy_sqlite3_prepare_v2 = NULL;
proxy_sqlite3_open_v2 = NULL;
proxy_sqlite3_exec = NULL;
if (plugin_name) {
if (plugin_name && allow_load_plugin == true) {
Copy link

@gemini-code-assist gemini-code-assist bot Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The condition allow_load_plugin == true will always evaluate to false because allow_load_plugin is hardcoded to false on line 1076. This means the code block responsible for loading external SQLite3 plugins will never be executed. While this aligns with the current safety measure to disable dynamic plugin loading, it creates a dead code path that could be confusing or misleading for future developers. Consider removing the allow_load_plugin == true part if the intent is to permanently disable dynamic loading, or make allow_load_plugin truly configurable if dynamic loading is a future possibility.

	if (plugin_name) {

int fd = -1;
fd = ::open(plugin_name, O_RDONLY);
char binary_sha1_sqlite3[SHA_DIGEST_LENGTH*2+1];
Expand Down
15 changes: 1 addition & 14 deletions src/main.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1381,20 +1381,7 @@ void ProxySQL_Main_init() {
static void LoadPlugins() {
GloMyLdapAuth = NULL;
if (proxy_sqlite3_open_v2 == nullptr) {
if (GloVars.sqlite3_plugin) {
proxy_warning("SQLite3 plugin loading disabled: function replacement is temporarily disabled for plugin: %s\n", GloVars.sqlite3_plugin);
} else {
proxy_warning("SQLite3 plugin function replacement is disabled; no sqlite3 plugin specified\n");
}
/*
* Temporarily disabled: do not replace proxy_sqlite3_* symbols from plugins because
* this can change core sqlite3 behavior unexpectedly. The original call is kept
* here for reference and to make re-enabling trivial in the future.
* TODO: Revisit plugin function replacement and implement a safer mechanism
* for plugin-provided sqlite3 capabilities (create a ticket/PR and reference it here).
*/
// SQLite3DB::LoadPlugin(GloVars.sqlite3_plugin);

SQLite3DB::LoadPlugin(GloVars.sqlite3_plugin);
}
if (GloVars.web_interface_plugin) {
dlerror();
Expand Down