database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-07-24 22:22:08 +03:00
Code Activity

Fix an almost entirely harmless buffer overread in the sessions module.

Browse Source 
FossilOrigin-Name: 89b0ee3351381f7bc666cb206f77a56f2e0d4a0e
This commit is contained in:
dan
2016-04-29 10:13:22 +00:00
parent 8443533178
commit 14faa061fd
3 changed files with 18 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
ext/session/sqlite3session.c
View File

@ -592,14 +592,19 @@ static int sessionChangeEqual(
int iCol; /* Used to iterate through table columns */
for(iCol=0; iCol<pTab->nCol; iCol++){
int n1 = sessionSerialLen(a1);
int n2 = sessionSerialLen(a2);
if( pTab->abPK[iCol] ){
int n1 = sessionSerialLen(a1);
int n2 = sessionSerialLen(a2);
if( pTab->abPK[iCol] && (n1!=n2 || memcmp(a1, a2, n1)) ){
return 0;
if( pTab->abPK[iCol] && (n1!=n2 || memcmp(a1, a2, n1)) ){
return 0;
}
a1 += n1;
a2 += n2;
}else{
if( bLeftPkOnly==0 ) a1 += sessionSerialLen(a1);
if( bRightPkOnly==0 ) a2 += sessionSerialLen(a2);
}
if( pTab->abPK[iCol] || bLeftPkOnly==0 ) a1 += n1;
if( pTab->abPK[iCol] || bRightPkOnly==0 ) a2 += n2;
}
return 1;