database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-11-18 10:21:03 +03:00
Code Activity

Protect access to the WhereLoop.u union using nearby assert()s and

Browse Source 
branches.

FossilOrigin-Name: bdd840216cc4c5293c112f182a189f7562b3cc0f6270e3c4af5eb2e8bd61ccc9
This commit is contained in:
drh
2021-10-14 19:28:28 +00:00
parent bc98f904e3
commit 0475629d47
5 changed files with 27 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/wherecode.c
View File

@@ -567,8 +567,8 @@ static int codeEqualityTerm(
sqlite3VdbeAddOp2(v, bRev ? OP_Last : OP_Rewind, iTab, 0);
VdbeCoverageIf(v, bRev);
VdbeCoverageIf(v, !bRev);
assert( (pLoop->wsFlags & WHERE_MULTI_OR)==0 );
assert( (pLoop->wsFlags & WHERE_MULTI_OR)==0 );
pLoop->wsFlags |= WHERE_IN_ABLE;
if( pLevel->u.in.nIn==0 ){
pLevel->addrNxt = sqlite3VdbeMakeLabel(pParse);
@@ -1430,7 +1430,12 @@ Bitmask sqlite3WhereCodeOneLoopStart(
pLevel->p1 = iCur;
pLevel->op = pWInfo->eOnePass ? OP_Noop : OP_VNext;
pLevel->p2 = sqlite3VdbeCurrentAddr(v);
iIn = pLevel->u.in.nIn;
assert( (pLoop->wsFlags & WHERE_MULTI_OR)==0 );
if( pLoop->wsFlags & WHERE_IN_ABLE ){
iIn = pLevel->u.in.nIn;
}else{
iIn = 0;
}
for(j=nConstraint-1; j>=0; j--){
pTerm = pLoop->aLTerm[j];
if( (pTerm->eOperator & WO_IN)!=0 ) iIn--;
@@ -2319,7 +2324,10 @@ Bitmask sqlite3WhereCodeOneLoopStart(
}
}
ExplainQueryPlanPop(pParse);
pLevel->u.pCovidx = pCov;
assert( pLevel->pWLoop==pLoop );
assert( (pLoop->wsFlags & WHERE_MULTI_OR)!=0 );
assert( (pLoop->wsFlags & WHERE_IN_ABLE)==0 );
pLevel->u.pCoveringIdx = pCov;
if( pCov ) pLevel->iIdxCur = iCovCur;
if( pAndExpr ){
pAndExpr->pLeft = 0;