database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-08-07 02:42:48 +03:00
Code Activity

Range check the column index on the sqlite3_preupdate_old() interface

Browse Source 
and return SQLITE_MISUSE if too large.
[forum:/forumpost/b617e497287235d0|Forum post b617e49728].

FossilOrigin-Name: 6a5701e6c7be25cba93e55438f950966e1dacb32eb2b23a8acc8ac53da6f0a85
This commit is contained in:
drh
2025-06-24 15:58:32 +00:00
parent 513fff88c4
commit 66cd200ede
4 changed files with 17 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
manifest
View File

@@ -1,5 +1,5 @@
C API\sdoc\stypo\sfixes\sand\sone\srephrasing\simprovement\sfrom\sbrickviking. C Range\scheck\sthe\scolumn\sindex\son\sthe\ssqlite3_preupdate_old()\sinterface\nand\sreturn\sSQLITE_MISUSE\sif\stoo\slarge.\n[forum:/forumpost/b617e497287235d0|Forum\spost\sb617e49728].
D 2025-06-24T07:38:52.089 D 2025-06-24T15:58:32.400
F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
@@ -855,7 +855,7 @@ F src/vacuum.c 1bacdd0a81d2b5dc1c508fbf0d938c89fa78dd8d5b46ec92686d44030d4f4789
F src/vdbe.c 7e29623ca387880b8893e69135a0ff240c3dcaf0710f7a46a5f95b062cf93883 F src/vdbe.c 7e29623ca387880b8893e69135a0ff240c3dcaf0710f7a46a5f95b062cf93883
F src/vdbe.h 93761ed7c6b8bc19524912fd9b9b587d41bf4f1d0ade650a00dadc10518d8958 F src/vdbe.h 93761ed7c6b8bc19524912fd9b9b587d41bf4f1d0ade650a00dadc10518d8958
F src/vdbeInt.h 0bc581a9763be385e3af715e8c0a503ba8422c2b7074922faf4bb0d6ae31b15e F src/vdbeInt.h 0bc581a9763be385e3af715e8c0a503ba8422c2b7074922faf4bb0d6ae31b15e
F src/vdbeapi.c 613a6f29efacd6ed83e886b6e52db0fe52ba80a596b0a137608db1948bad90a9 F src/vdbeapi.c 89b9772baa0f272f97e3bebfb047957ac494a63d74c50303900fa357237f6e37
F src/vdbeaux.c fd2c6b19a8892c31a2adc719f156f313560f9cc490cdbd04ff08fdae5d7aedb7 F src/vdbeaux.c fd2c6b19a8892c31a2adc719f156f313560f9cc490cdbd04ff08fdae5d7aedb7
F src/vdbeblob.c b1b4032cac46b41e44b957c4d00aee9851f862dfd85ecb68116ba49884b03dfd F src/vdbeblob.c b1b4032cac46b41e44b957c4d00aee9851f862dfd85ecb68116ba49884b03dfd
F src/vdbemem.c e67d9c6484d868c879d20c70d00bf4a9058082f1d4058607ca15d50eb3aebc21 F src/vdbemem.c e67d9c6484d868c879d20c70d00bf4a9058082f1d4058607ca15d50eb3aebc21
@@ -1300,7 +1300,7 @@ F test/genesis.tcl 1e2e2e8e5cc4058549a154ff1892fe5c9de19f98
F test/having.test a89236dd8d55aa50c4805f82ac9daf64d477a44d712d8209c118978d0ca21ec9 F test/having.test a89236dd8d55aa50c4805f82ac9daf64d477a44d712d8209c118978d0ca21ec9
F test/hexlit.test 4a6a5f46e3c65c4bf1fa06f5dd5a9507a5627751 F test/hexlit.test 4a6a5f46e3c65c4bf1fa06f5dd5a9507a5627751
F test/hidden.test 23c1393a79e846d68fd902d72c85d5e5dcf98711 F test/hidden.test 23c1393a79e846d68fd902d72c85d5e5dcf98711
F test/hook.test 3481a68009fe143e3363fca922f6fc7a1e1f3776c51e42777f1a01b26ad2a9c8 F test/hook.test 393d08ec818612616fcd667143d4da949b5d1c1e895b74ade50eda638221777d
F test/hook2.test b9ff3b8c6519fb67f33192f1afe86e7782ee4ac8 F test/hook2.test b9ff3b8c6519fb67f33192f1afe86e7782ee4ac8
F test/icu.test 8da7d52cd9722c82f33b0466ed915460cb03c23a38f18a9a2d3ff97da9a4a8c0 F test/icu.test 8da7d52cd9722c82f33b0466ed915460cb03c23a38f18a9a2d3ff97da9a4a8c0
F test/ieee754.test b0945d12be7d255f3dfa18e2511b17ca37e0edd2b803231c52d05b86c04ab26e F test/ieee754.test b0945d12be7d255f3dfa18e2511b17ca37e0edd2b803231c52d05b86c04ab26e
@@ -2208,8 +2208,8 @@ F tool/version-info.c 3b36468a90faf1bbd59c65fd0eb66522d9f941eedd364fabccd7227350
F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7 F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7
F tool/warnings.sh 1ad0169b022b280bcaaf94a7fa231591be96b514230ab5c98fbf15cd7df842dd F tool/warnings.sh 1ad0169b022b280bcaaf94a7fa231591be96b514230ab5c98fbf15cd7df842dd
F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
P 48044a6b57c0a16cb75139c103ad88ca4ab64d74f70a3dee0d8b817fbfbec3c6 P 85e8060c4701a601d4bc8a639acd268ee4f2736193820d55ecd9b8abf864132f
R 6950a2557a728a71da9183561b80ed9a R 7a40bf02c66f099438601c139d9a1a50
U stephan U drh
Z 0a05828b7939870d7b1a3c418b4916e6 Z edd7df670cebec9e45d79e597cebcba6
# Remove this line to create a well-formed Fossil manifest. # Remove this line to create a well-formed Fossil manifest.

2
manifest.uuid
View File

@@ -1 +1 @@
85e8060c4701a601d4bc8a639acd268ee4f2736193820d55ecd9b8abf864132f 6a5701e6c7be25cba93e55438f950966e1dacb32eb2b23a8acc8ac53da6f0a85

3
src/vdbeapi.c
View File

@@ -2192,6 +2192,9 @@ int sqlite3_preupdate_old(sqlite3 *db, int iIdx, sqlite3_value **ppValue){
} }
if( p->pPk ){ if( p->pPk ){
iStore = sqlite3TableColumnToIndex(p->pPk, iIdx); iStore = sqlite3TableColumnToIndex(p->pPk, iIdx);
}else if( iIdx >= p->pTab->nCol ){
rc = SQLITE_MISUSE_BKPT;
goto preupdate_old_out;
}else{ }else{
iStore = sqlite3TableColumnToStorage(p->pTab, iIdx); iStore = sqlite3TableColumnToStorage(p->pTab, iIdx);
} }

5
test/hook.test
View File

@@ -488,6 +488,11 @@ proc preupdate_hook {args} {
set type [lindex $args 0] set type [lindex $args 0]
eval lappend ::preupdate $args eval lappend ::preupdate $args
if {$type != "INSERT"} { if {$type != "INSERT"} {
set x [catch {db preupdate old [db preupdate count]}]
if {!$x} {
lappend "ERROR: sqlite3_preupdate_old() accepted an out-of-bounds\
column index"
}
for {set i 0} {$i < [db preupdate count]} {incr i} { for {set i 0} {$i < [db preupdate count]} {incr i} {
lappend ::preupdate [db preupdate old $i] lappend ::preupdate [db preupdate old $i]
} }