From 07ca482e4e675bc50cea6003b501c080a0c55e89 Mon Sep 17 00:00:00 2001
From: Stephen Lombardo <sjlombardo@zetetic.net>
Date: Wed, 8 Sep 2021 10:26:36 -0400
Subject: [PATCH] disable memory security feature by default; once it is turned
 on it can't be turned off

---
 src/crypto_impl.c        |  9 ++++++---
 test/sqlcipher-core.test | 14 +++++++-------
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/src/crypto_impl.c b/src/crypto_impl.c
index f20d1101..e798b65d 100644
--- a/src/crypto_impl.c
+++ b/src/crypto_impl.c
@@ -51,7 +51,7 @@ static volatile int default_page_size = 4096;
 static volatile int default_plaintext_header_sz = 0;
 static volatile int default_hmac_algorithm = SQLCIPHER_HMAC_SHA512;
 static volatile int default_kdf_algorithm = SQLCIPHER_PBKDF2_HMAC_SHA512;
-static volatile int mem_security_on = 1;
+static volatile int mem_security_on = 0;
 static volatile int mem_security_initialized = 0;
 static volatile int mem_security_activated = 0;
 static volatile unsigned int sqlcipher_activate_count = 0;
@@ -836,8 +836,11 @@ int sqlcipher_get_default_pagesize() {
 }
 
 void sqlcipher_set_mem_security(int on) {
-  mem_security_on = on;
-  mem_security_activated = 0;
+  /* memory security can only be enabled, not disabled */
+  if(on) {
+    mem_security_on = on;
+    mem_security_activated = 0;
+  }
 }
 
 int sqlcipher_get_mem_security() {
diff --git a/test/sqlcipher-core.test b/test/sqlcipher-core.test
index cc368339..185a0ff8 100644
--- a/test/sqlcipher-core.test
+++ b/test/sqlcipher-core.test
@@ -730,20 +730,20 @@ db close
 file delete -force test.db
 
 # verify memory security behavior
-# initially should report ON
-# then disable, check that it is off
-# turn it back on, then check. 
+# initially should report OFF
+# then enable, check that it is ON
+# try to turn if off, but verify that it
+# can't be unset.
 do_test verify-memory-security {
     sqlite_orig db test.db
     execsql {
         PRAGMA cipher_memory_security;
-        PRAGMA cipher_memory_security = OFF;
-        PRAGMA cipher_memory_security;
         PRAGMA cipher_memory_security = ON;
         PRAGMA cipher_memory_security;
-        
+        PRAGMA cipher_memory_security = OFF;
+        PRAGMA cipher_memory_security;
     }
-} {1 0 1}
+} {0 1 1}
 db close
 file delete -force test.db
 
-- 
2.11.4.GIT