Because the authors found out about it by chance on Hacker News.
That said, these issues are not a big deal.
The first one concerns someone manually reading a signature with cat (which is completely untrusted at that stage, since nothing has been verified), then using the actual tool meant to parse it, and ignoring that tool’s output. cat is a different tool from minisign.
If you manually cat a file, it can contain arbitrary characters, not just in the specific location this report focuses on, but anywhere in the file.
The second issue is about trusting an untrusted signer who could include control characters in a comment.
In that case, a malicious signer could just make the signed file itself malicious as well, so you shouldn’t trust them in the first place.
Still, it’s worth fixing. In the Zig implementation of minisign, these characters are escaped when printed. In the C implementation, invalid strings are now rejected at load time.
I just end up using most of these models with Claude Code as the tooling because it just seems to work better than anything else. Crush also works well.
How do you use these in practice? Both Python and Go don’t make it easy to link a different variation of SQLite with one of these plugins compiled in. How do you make it work?
I don't think SqliteMultipleCiphers can be built into a runtime loadable extension (and the Turso thing is just a copy of it).
I'm confident that a scheme based on tweakable block cyphers (like Adiantum or AES XTS) could be made into decent runtime loadable extension.
I implemented such schemes for my Go driver, but Go code is not really ideal to make a runtime loadable extension of (it'd have to be ported to C/Rust/zig).
That said, these issues are not a big deal.
The first one concerns someone manually reading a signature with cat (which is completely untrusted at that stage, since nothing has been verified), then using the actual tool meant to parse it, and ignoring that tool’s output. cat is a different tool from minisign.
If you manually cat a file, it can contain arbitrary characters, not just in the specific location this report focuses on, but anywhere in the file.
The second issue is about trusting an untrusted signer who could include control characters in a comment.
In that case, a malicious signer could just make the signed file itself malicious as well, so you shouldn’t trust them in the first place.
Still, it’s worth fixing. In the Zig implementation of minisign, these characters are escaped when printed. In the C implementation, invalid strings are now rejected at load time.
reply