关联漏洞
介绍
# SQLite JDBC Driver
[](https://github.com/xerial/sqlite-jdbc/actions/workflows/ci.yml?query=branch%3Amaster)
[](https://gitter.im/xerial/sqlite-jdbc?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
[](https://maven-badges.herokuapp.com/maven-central/org.xerial/sqlite-jdbc/)
[](https://javadoc.io/doc/org.xerial/sqlite-jdbc)
[](https://oss.sonatype.org/content/repositories/snapshots/org/xerial/sqlite-jdbc/)
SQLite JDBC is a library for accessing and creating [SQLite](https://www.sqlite.org) database files in Java.
Our SQLiteJDBC library requires no configuration since native libraries for major OSs, including Windows, macOS, Linux etc., are assembled into a single JAR (Java Archive) file.
# Usage
:arrow_right: More usage examples and configuration are available in [USAGE.md](USAGE.md)
SQLite JDBC is a library for accessing SQLite databases through the JDBC API. For the general usage of JDBC, see [JDBC Tutorial](https://docs.oracle.com/javase/tutorial/jdbc/index.html) or [Oracle JDBC Documentation](https://www.oracle.com/technetwork/java/javase/tech/index-jsp-136101.html).
1. [Download](#download) `sqlite-jdbc-(VERSION).jar`
then append this jar file into your classpath.
2. Open a SQLite database connection from your code. (see the example below)
## Example usage
Assuming `sqlite-jdbc-(VERSION).jar` is placed in the current directory.
```shell
> javac Sample.java
> java -classpath ".;sqlite-jdbc-(VERSION).jar" Sample # in Windows
or
> java -classpath ".:sqlite-jdbc-(VERSION).jar" Sample # in macOS or Linux
name = leo
id = 1
name = yui
id = 2
```
**Sample.java**
```java
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
public class Sample
{
public static void main(String[] args)
{
Connection connection = null;
try
{
// create a database connection
connection = DriverManager.getConnection("jdbc:sqlite:sample.db");
Statement statement = connection.createStatement();
statement.setQueryTimeout(30); // set timeout to 30 sec.
statement.executeUpdate("drop table if exists person");
statement.executeUpdate("create table person (id integer, name string)");
statement.executeUpdate("insert into person values(1, 'leo')");
statement.executeUpdate("insert into person values(2, 'yui')");
ResultSet rs = statement.executeQuery("select * from person");
while(rs.next())
{
// read the result set
System.out.println("name = " + rs.getString("name"));
System.out.println("id = " + rs.getInt("id"));
}
}
catch(SQLException e)
{
// if the error message is "out of memory",
// it probably means no database file is found
System.err.println(e.getMessage());
}
finally
{
try
{
if(connection != null)
connection.close();
}
catch(SQLException e)
{
// connection close failed.
System.err.println(e.getMessage());
}
}
}
}
```
# How does SQLiteJDBC work?
Our SQLite JDBC driver package (i.e., `sqlite-jdbc-(VERSION).jar`) contains three
types of native SQLite libraries (`sqlite-jdbc.dll`, `sqlite-jdbc.jnilib`, `sqlite-jdbc.so`),
each of them is compiled for Windows, macOS and Linux. An appropriate native library
file is automatically extracted into your OS's temporary folder, when your program
loads `org.sqlite.JDBC` driver.
## Supported Operating Systems
Since sqlite-jdbc-3.6.19, the natively compiled SQLite engines will be used for
the following operating systems:
| | x86 | x86_64 | armv5 | armv6 | armv7 | arm64 | ppc64 |
|--------------|-----|--------|-------|-------|-------|-------|-------|
| Windows | ✔ | ✔ | | | ✔ | ✔ | |
| macOS | | ✔ | | | | ✔ | |
| Linux (libc) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
| Linux (musl) | ✔ | ✔ | | | | ✔ | |
| Android | ✔ | ✔ | ✔ | | | ✔ | |
| FreeBSD | ✔ | ✔ | | | | ✔ | |
In the other OSs not listed above, the pure-java SQLite is used. (Applies to versions before 3.7.15)
If you want to use the native library for your OS, [build the source from scratch](./CONTRIBUTING.md).
# Download
Download from [Maven Central](https://search.maven.org/artifact/org.xerial/sqlite-jdbc) or from the [releases](https://github.com/xerial/sqlite-jdbc/releases) page.
```xml
<dependencies>
<dependency>
<groupId>org.xerial</groupId>
<artifactId>sqlite-jdbc</artifactId>
<version>(version)</version>
</dependency>
</dependencies>
```
Snapshots of the development version are available in [Sonatype's snapshots repository](https://oss.sonatype.org/content/repositories/snapshots/org/xerial/sqlite-jdbc/).
## Project versioning explained
The project's version follows the version of the SQLite library that is bundled in the jar, with an extra digit to denote the project's increment.
For example, if the SQLite version is `3.39.2`, the project version will be `3.39.2.x`, where `x` starts at 0, and increments with every release that is not changing the SQLite version.
If the SQLite version is updated to `3.40.0`, the project version will be updated to `3.40.0.0`.
## Hint for maven-shade-plugin
You may need to add shade plugin transformer to solve `No suitable driver found for jdbc:sqlite:` issue.
```xml
<transformer
implementation="org.apache.maven.plugins.shade.resource.AppendingTransformer">
<resource>META-INF/services/java.sql.Driver</resource>
</transformer>
```
```xml
<dependency>
<groupId>org.xerial</groupId>
<artifactId>sqlite-jdbc</artifactId>
<version>(version)</version>
</dependency>
```
# How can I help?
We are always looking for:
- **Reviewers** for issues or PRs, you can check https://github.com/xerial/sqlite-jdbc/labels/review%20wanted
- **Contributors** to submit PRs, you can check https://github.com/xerial/sqlite-jdbc/labels/help%20wanted and https://github.com/xerial/sqlite-jdbc/labels/good%20first%20issue
Please read our [contribution](./CONTRIBUTING.md) guide.
文件快照
[4.0K] /data/pocs/24c0afb3fba9fbdacebf71bc1b81ff38eac34f04
├── [ 595] amalgamation_version.sh
├── [4.0K] archive
│ ├── [2.1M] nestedvm-2007-06-30.tgz
│ ├── [501K] nestedvm-2009-08-09.tgz
│ └── [ 47K] regex3.8a.tar.gz
├── [6.4K] CHANGELOG
├── [3.7K] CONTRIBUTING.md
├── [4.0K] demo
│ ├── [ 179] applet-demo.html
│ ├── [978K] AppletDemo.jar
│ └── [1.6K] Sample.java
├── [4.0K] docker
│ ├── [6.7K] dockcross-android-arm
│ ├── [6.7K] dockcross-android-arm64
│ ├── [6.7K] dockcross-android-x86
│ ├── [6.7K] dockcross-android-x86_64
│ ├── [6.7K] dockcross-arm64-lts
│ ├── [6.7K] dockcross-armv5
│ ├── [6.7K] dockcross-armv6-lts
│ ├── [6.7K] dockcross-armv7a-lts
│ ├── [6.7K] dockcross-musl-arm64
│ ├── [6.7K] dockcross-ppc64
│ ├── [6.7K] dockcross-windows-arm64
│ ├── [6.7K] dockcross-windows-armv7
│ ├── [6.7K] dockcross-windows-x64
│ ├── [6.7K] dockcross-windows-x86
│ ├── [ 129] Dockerfile.alpine-linux_x86
│ ├── [ 124] Dockerfile.alpine-linux_x86_64
│ ├── [ 122] Dockerfile.linux_x86
│ ├── [ 105] Dockerfile.linux_x86_64
│ ├── [ 254] Dockerfile.rcodesign
│ └── [ 234] updatescripts.sh
├── [1.8K] jreleaser.yml
├── [4.0K] lib
│ ├── [4.0K] inc_linux
│ │ ├── [ 73K] jni.h
│ │ └── [ 491] jni_md.h
│ ├── [4.0K] inc_mac
│ │ ├── [ 67K] jni.h
│ │ └── [ 507] jni_md.h
│ ├── [4.0K] inc_win
│ │ ├── [ 66K] jni.h
│ │ └── [ 437] jni_md.h
│ └── [ 24K] jdbc-api-1.4.jar
├── [ 11K] LICENSE
├── [1.3K] LICENSE.zentus
├── [ 11K] Makefile
├── [ 11K] Makefile.common
├── [ 312] maven-eclipse.xml
├── [ 12K] NEWS.md
├── [ 174] NOTICE
├── [ 16K] pom.xml
├── [6.9K] README.md
├── [ 360] settings.xml
├── [ 19K] SQLiteJDBC.wiki
├── [4.0K] src
│ ├── [4.0K] main
│ │ ├── [4.0K] ext
│ │ │ └── [ 51K] extension-functions.c
│ │ ├── [4.0K] java
│ │ │ └── [4.0K] org
│ │ │ └── [4.0K] sqlite
│ │ │ ├── [2.0K] BusyHandler.java
│ │ │ ├── [3.5K] Collation.java
│ │ │ ├── [4.0K] core
│ │ │ │ ├── [3.4K] Codes.java
│ │ │ │ ├── [6.5K] CoreDatabaseMetaData.java
│ │ │ │ ├── [4.4K] CorePreparedStatement.java
│ │ │ │ ├── [4.9K] CoreResultSet.java
│ │ │ │ ├── [4.8K] CoreStatement.java
│ │ │ │ ├── [ 48K] DB.java
│ │ │ │ ├── [ 54K] NativeDB.c
│ │ │ │ ├── [ 19K] NativeDB.java
│ │ │ │ └── [5.6K] SafeStmtPtr.java
│ │ │ ├── [4.0K] date
│ │ │ │ ├── [ 12K] DateFormatUtils.java
│ │ │ │ ├── [3.5K] DateParser.java
│ │ │ │ ├── [3.6K] DatePrinter.java
│ │ │ │ ├── [4.0K] ExceptionUtils.java
│ │ │ │ ├── [ 21K] FastDateFormat.java
│ │ │ │ ├── [ 34K] FastDateParser.java
│ │ │ │ ├── [ 41K] FastDatePrinter.java
│ │ │ │ ├── [ 11K] FormatCache.java
│ │ │ │ └── [1.4K] package-info.java
│ │ │ ├── [5.4K] ExtendedCommand.java
│ │ │ ├── [ 11K] Function.java
│ │ │ ├── [4.0K] javax
│ │ │ │ ├── [1.8K] SQLiteConnectionPoolDataSource.java
│ │ │ │ └── [ 14K] SQLitePooledConnection.java
│ │ │ ├── [4.0K] jdbc3
│ │ │ │ ├── [ 12K] JDBC3Connection.java
│ │ │ │ ├── [ 87K] JDBC3DatabaseMetaData.java
│ │ │ │ ├── [ 17K] JDBC3PreparedStatement.java
│ │ │ │ ├── [ 32K] JDBC3ResultSet.java
│ │ │ │ ├── [ 587] JDBC3Savepoint.java
│ │ │ │ └── [ 16K] JDBC3Statement.java
│ │ │ ├── [4.0K] jdbc4
│ │ │ │ ├── [2.9K] JDBC4Connection.java
│ │ │ │ ├── [1.8K] JDBC4DatabaseMetaData.java
│ │ │ │ ├── [ 393] JDBC4PooledConnection.java
│ │ │ │ ├── [4.0K] JDBC4PreparedStatement.java
│ │ │ │ ├── [ 23K] JDBC4ResultSet.java
│ │ │ │ └── [1.4K] JDBC4Statement.java
│ │ │ ├── [3.4K] JDBC.java
│ │ │ ├── [1.5K] ProgressHandler.java
│ │ │ ├── [ 162] SQLiteCommitListener.java
│ │ │ ├── [ 47K] SQLiteConfig.java
│ │ │ ├── [5.1K] SQLiteConnectionConfig.java
│ │ │ ├── [ 20K] SQLiteConnection.java
│ │ │ ├── [ 19K] SQLiteDataSource.java
│ │ │ ├── [ 11K] SQLiteErrorCode.java
│ │ │ ├── [1.3K] SQLiteException.java
│ │ │ ├── [ 16K] SQLiteJDBCLoader.java
│ │ │ ├── [ 626] SQLiteLimits.java
│ │ │ ├── [2.1K] SQLiteOpenMode.java
│ │ │ ├── [ 267] SQLiteUpdateListener.java
│ │ │ └── [4.0K] util
│ │ │ ├── [9.4K] OSInfo.java
│ │ │ ├── [1.1K] ProcessRunner.java
│ │ │ ├── [1.8K] QueryUtils.java
│ │ │ ├── [3.4K] ResourceFinder.java
│ │ │ └── [ 414] StringUtils.java
│ │ ├── [4.0K] java9
│ │ │ └── [ 364] module-info.java
│ │ └── [4.0K] resources
│ │ ├── [ 15] java.sql.Driver
│ │ ├── [4.0K] META-INF
│ │ │ └── [4.0K] native-image
│ │ │ └── [4.0K] org.xerial
│ │ │ └── [4.0K] sqlite-jdbc
│ │ │ ├── [3.1K] jni-config.json
│ │ │ ├── [ 32] native-image.properties
│ │ │ └── [ 293] resource-config.json
│ │ ├── [4.0K] org
│ │ │ └── [4.0K] sqlite
│ │ │ └── [4.0K] native
│ │ │ ├── [4.0K] FreeBSD
│ │ │ │ ├── [4.0K] aarch64
│ │ │ │ │ └── [1.1M] libsqlitejdbc.so
│ │ │ │ ├── [4.0K] x86
│ │ │ │ │ └── [864K] libsqlitejdbc.so
│ │ │ │ └── [4.0K] x86_64
│ │ │ │ └── [959K] libsqlitejdbc.so
│ │ │ ├── [4.0K] Linux
│ │ │ │ ├── [4.0K] aarch64
│ │ │ │ │ └── [1001K] libsqlitejdbc.so
│ │ │ │ ├── [4.0K] arm
│ │ │ │ │ └── [874K] libsqlitejdbc.so
│ │ │ │ ├── [4.0K] armv6
│ │ │ │ │ └── [866K] libsqlitejdbc.so
│ │ │ │ ├── [4.0K] armv7
│ │ │ │ │ └── [862K] libsqlitejdbc.so
│ │ │ │ ├── [4.0K] ppc64
│ │ │ │ │ └── [1.1M] libsqlitejdbc.so
│ │ │ │ ├── [4.0K] x86
│ │ │ │ │ └── [865K] libsqlitejdbc.so
│ │ │ │ └── [4.0K] x86_64
│ │ │ │ └── [973K] libsqlitejdbc.so
│ │ │ ├── [4.0K] Linux-Android
│ │ │ │ ├── [4.0K] aarch64
│ │ │ │ │ └── [1.1M] libsqlitejdbc.so
│ │ │ │ ├── [4.0K] arm
│ │ │ │ │ └── [1.0M] libsqlitejdbc.so
│ │ │ │ ├── [4.0K] x86
│ │ │ │ │ └── [1.2M] libsqlitejdbc.so
│ │ │ │ └── [4.0K] x86_64
│ │ │ │ └── [1.1M] libsqlitejdbc.so
│ │ │ ├── [4.0K] Linux-Musl
│ │ │ │ ├── [4.0K] aarch64
│ │ │ │ │ └── [1005K] libsqlitejdbc.so
│ │ │ │ ├── [4.0K] x86
│ │ │ │ │ └── [965K] libsqlitejdbc.so
│ │ │ │ └── [4.0K] x86_64
│ │ │ │ └── [972K] libsqlitejdbc.so
│ │ │ ├── [4.0K] Mac
│ │ │ │ ├── [4.0K] aarch64
│ │ │ │ │ └── [1000K] libsqlitejdbc.jnilib
│ │ │ │ └── [4.0K] x86_64
│ │ │ │ └── [1.1M] libsqlitejdbc.jnilib
│ │ │ └── [4.0K] Windows
│ │ │ ├── [4.0K] aarch64
│ │ │ │ └── [1000K] sqlitejdbc.dll
│ │ │ ├── [4.0K] armv7
│ │ │ │ └── [734K] sqlitejdbc.dll
│ │ │ ├── [4.0K] x86
│ │ │ │ └── [841K] sqlitejdbc.dll
│ │ │ └── [4.0K] x86_64
│ │ │ └── [902K] sqlitejdbc.dll
│ │ └── [ 48] sqlite-jdbc.properties
│ └── [4.0K] test
│ ├── [4.0K] java
│ │ └── [4.0K] org
│ │ └── [4.0K] sqlite
│ │ ├── [4.0K] architecture
│ │ │ ├── [ 979] CodingRulesTest.java
│ │ │ └── [ 697] TestCodingRulesTest.java
│ │ ├── [5.3K] BackupTest.java
│ │ ├── [9.7K] BusyHandlerTest.java
│ │ ├── [ 921] CachedRowSetTest.java
│ │ ├── [7.9K] CollationTest.java
│ │ ├── [ 14K] ConnectionTest.java
│ │ ├── [4.0K] core
│ │ │ └── [1.3K] NativeDBHelper.java
│ │ ├── [ 80K] DBMetaDataTest.java
│ │ ├── [4.8K] ErrorMessageTest.java
│ │ ├── [2.7K] ExtendedCommandTest.java
│ │ ├── [3.0K] ExtensionTest.java
│ │ ├── [1.9K] FetchSizeTest.java
│ │ ├── [6.2K] InsertQueryTest.java
│ │ ├── [ 12K] JDBCTest.java
│ │ ├── [ 25K] JSON1Test.java
│ │ ├── [ 11K] ListenerTest.java
│ │ ├── [ 12K] MathFunctionsTest.java
│ │ ├── [1.0K] MetadataLeakTest.java
│ │ ├── [6.5K] MultipleClassLoaderTest.java
│ │ ├── [3.9K] PreparedStatementThreadTest.java
│ │ ├── [ 30K] PrepStmtTest.java
│ │ ├── [4.3K] ProgressHandlerTest.java
│ │ ├── [ 13K] QueryTest.java
│ │ ├── [2.7K] ReadUncommittedTest.java
│ │ ├── [ 15K] ResultSetTest.java
│ │ ├── [1.8K] ResultSetWithoutResultsTest.java
│ │ ├── [10.0K] RSMetaDataTest.java
│ │ ├── [6.6K] SavepointTest.java
│ │ ├── [2.0K] SQLiteConfigTest.java
│ │ ├── [3.0K] SQLiteConnectionPoolDataSourceTest.java
│ │ ├── [2.9K] SQLiteDataSourceTest.java
│ │ ├── [5.2K] SQLiteJDBCLoaderTest.java
│ │ ├── [ 24K] StatementTest.java
│ │ ├── [ 15K] TransactionTest.java
│ │ ├── [ 730] TypeMapTest.java
│ │ ├── [1.2K] UDFCustomErrorTest.java
│ │ ├── [ 18K] UDFTest.java
│ │ ├── [4.0K] util
│ │ │ └── [6.7K] OSInfoTest.java
│ │ └── [2.2K] Utils.java
│ └── [4.0K] resources
│ ├── [4.0K] META-INF
│ │ └── [4.0K] native-image
│ │ └── [4.0K] org.xerial
│ │ └── [4.0K] sqlite-jdbc
│ │ ├── [ 233] reflect-config.json
│ │ └── [ 275] resource-config.json
│ └── [4.0K] org
│ └── [4.0K] sqlite
│ ├── [ 10K] attach_test.db
│ ├── [ 10K] sample.db
│ └── [2.5K] testdb.jar
├── [7.1K] USAGE.md
└── [ 15] VERSION
71 directories, 179 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。