Make sure zeroblob does reasonable things with a negative argument or

an argument that is larger than the maximum blob size. (CVS 4048) FossilOrigin-Name: f40218434e549144ddb48303df30e5191d44d3fc
2025-10-24 09:53:10 +03:00 · 2007-06-07 19:08:32 +00:00
parent 6c900c3df7
commit 98640a3fa1
8 changed files with 72 additions and 27 deletions
--- a/24
+++ b/24
@@ -1,5 +1,5 @@
-C Fix\san\serror\sin\stest\sfile\ssqllimits1.test\sthat\swas\scausing\sa\stest\sto\sfail\swhen\sSQLITE_MAX_EXPR_DEPTH\swas\sdefined.\s(CVS\s4047)
+C Make\ssure\szeroblob\sdoes\sreasonable\sthings\swith\sa\snegative\sargument\sor\nan\sargument\sthat\sis\slarger\sthan\sthe\smaximum\sblob\ssize.\s(CVS\s4048)
-D 2007-06-07T15:45:35
+D 2007-06-07T19:08:33
 F Makefile.in a42354804b50c2708ce72cf79e4daa30f50191b5
 F Makefile.linux-gcc 2d8574d1ba75f129aba2019f0b959db380a90935
 F README 9c4e2d6706bdcc3efdd773ce752a8cdab4f90028
@@ -72,12 +72,12 @@ F src/date.c 6049db7d5a8fdf2c677ff7d58fa31d4f6593c988
 F src/delete.c 5c0d89b3ef7d48fe1f5124bfe8341f982747fe29
 F src/experimental.c 1b2d1a6cd62ecc39610e97670332ca073c50792b
 F src/expr.c fb386ee80026e221869f49159c0963e851c184c9
-F src/func.c dfd0dd496dac46c2b14a88292cd9e141aae3ba63
+F src/func.c 4668843e6f0d27653939e12fc32276fb8e38d21a
 F src/hash.c 67b23e14f0257b69a3e8aa663e4eeadc1a2b6fd5
 F src/hash.h 1b3f7e2609141fd571f62199fc38687d262e9564
 F src/insert.c e595ca26805dfb3a9ebaabc28e7947c479f3b14d
 F src/legacy.c 388c71ad7fbcd898ba1bcbfc98a3ac954bfa5d01
-F src/limits.h 40c30b6379b6c3b90f9ea3fb07f4272273c82b8c
+F src/limits.h 4cb1dbbc528a347fa0e8ad46729dab93297d77ed
 F src/loadext.c afe4f4755dc49c36ef505748bbdddecb9f1d02a2
 F src/main.c 797dc983716c1480f6af78a36be3add8806211a1
 F src/malloc.c 07790014b4b126016ce3c94885a215e45eb07ad5
@@ -133,14 +133,14 @@ F src/update.c 3359041db390a8f856d67272f299600e2104f350
 F src/utf.c 01b2aba02b10d12903e9e1ff897215c9faf6b662
 F src/util.c 80cdf6b68d03b8f0ab3237a390842e039cff66c6
 F src/vacuum.c 8bd895d29e7074e78d4e80f948e35ddc9cf2beef
-F src/vdbe.c 74a82e8dc0cd84416fcca63d158c5ab8715f158d
+F src/vdbe.c 265d7061e91ebd81ebf8337ce1bac52c0548522e
 F src/vdbe.h 001c5b257567c1d3de7feb2203aac71d0d7b16a3
 F src/vdbeInt.h 7d2bf163d6d4e815724a457f2216dd8e38c3955c
 F src/vdbeapi.c 3747e4c3bc3139ff688bb3df462b10e42c084d16
 F src/vdbeaux.c a978d170b2ca99c8ff3da8a91f116a66da2600ac
 F src/vdbeblob.c 96f3572fdc45eda5be06e6372b612bc30742d9f0
 F src/vdbefifo.c 3ca8049c561d5d67cbcb94dc909ae9bb68c0bf8f
-F src/vdbemem.c 328e4897431a277e8670159a4ecc82754f5d9d75
+F src/vdbemem.c d86c25bbfe8102499ff7505fca44a779c68694d8
 F src/vtab.c c5ebebf615b2f29499fbe97a584c4bb342632aa0
 F src/where.c 0662fcd87987a8e131dcf8963e4a3ad696c085f3
 F tclinstaller.tcl 4356d9d94d2b5ed5e68f9f0c80c4df3048dd7617
@@ -352,7 +352,7 @@ F test/sort.test 0e4456e729e5a92a625907c63dcdedfbe72c5dc5
 F test/speed1.test 22e1b27af0683ed44dcd2f93ed817a9c3e65084a
 F test/speed2.test 53177056baf6556dcbdcf032bbdfc41c1aa74ded
 F test/speed3.test 27a71b5cc83c1f23baf6d0ee52e2f195e3c415f2
-F test/sqllimits1.test 2b5c2588ab238393f70484f20c42fa63b9ee9db4
+F test/sqllimits1.test c74c7cdbb23406c5408d2d9ddbe7da5b5a946c46
 F test/subquery.test ae324ee928c5fb463a3ce08a8860d6e7f1ca5797
 F test/subselect.test 974e87f8fc91c5f00dd565316d396a5a6c3106c4
 F test/substr.test 9f26cfca74397b26ab217fb838c3d0549eb4bcf3
@@ -424,7 +424,7 @@ F test/where.test 5c342d6ad0d777275d4740ea5cbeaf5173b6eda4
 F test/where2.test 3249d426b3fc7a106713d784e1628307fc308d2e
 F test/where3.test 0a30fe9808b0fa01c46d0fcf4fac0bf6cf75bb30
 F test/where4.test f80207a4ea6504f3d0962f3ecebc7db274ea50c0
-F test/zeroblob.test 0e0250c8853f78e22dd0c07eccb36126d8be7aa6
+F test/zeroblob.test c5096545085330b7886d2f977272a73d9fa7737e
 F tool/diffdb.c 7524b1b5df217c20cd0431f6789851a4e0cb191b
 F tool/fragck.tcl 5265a95126abcf6ab357f7efa544787e5963f439
 F tool/lemon.c c8c8b25ab1ac8156b3ad83ba4ea1bf00d5e07f5a
@@ -500,7 +500,7 @@ F www/tclsqlite.tcl bb0d1357328a42b1993d78573e587c6dcbc964b9
 F www/vdbe.tcl 87a31ace769f20d3627a64fa1fade7fed47b90d0
 F www/version3.tcl 890248cf7b70e60c383b0e84d77d5132b3ead42b
 F www/whentouse.tcl fc46eae081251c3c181bd79c5faef8195d7991a5
-P 0d71ad4591eae9de8749fb2da6455ac661587f7a
+P e66aa2c34a5c767554c022d01386a95558083e84
-R 568d0bfde11a5e6cd8f6ef6027ce04e4
+R a5d8e1e0d04beefa5c17cf48926f9278
-U danielk1977
+U drh
-Z 9f0068ecb3378dda7d3a6337789d2e41
+Z a838a68aee7be6bf9246efacd8855808
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-e66aa2c34a5c767554c022d01386a95558083e84
+f40218434e549144ddb48303df30e5191d44d3fc
--- a/src/func.c
+++ b/src/func.c
@@ -16,7 +16,7 @@
 ** sqliteRegisterBuildinFunctions() found at the bottom of the file.
 ** All other code has file scope.
 **
-** $Id: func.c,v 1.159 2007/05/15 14:40:11 drh Exp $
+** $Id: func.c,v 1.160 2007/06/07 19:08:33 drh Exp $
 */
 #include "sqliteInt.h"
 #include <ctype.h>
@@ -756,10 +756,14 @@ static void zeroblobFunc(
  int argc,
  sqlite3_value **argv
 ){
-  int n;
+  i64 n;
  assert( argc==1 );
-  n = sqlite3_value_int(argv[0]);
+  n = sqlite3_value_int64(argv[0]);
  if( n>SQLITE_MAX_LENGTH ){
    sqlite3_result_error_toobig(context);
  }else{
    sqlite3_result_zeroblob(context, n);
  }
 }
 /*
--- a/src/limits.h
+++ b/src/limits.h
@@ -12,7 +12,7 @@
 ** 
 ** This file defines various limits of what SQLite can process.
 **
-** @(#) $Id: limits.h,v 1.7 2007/06/07 10:55:36 drh Exp $
+** @(#) $Id: limits.h,v 1.8 2007/06/07 19:08:34 drh Exp $
 */
 /*
@@ -80,6 +80,7 @@
 /*
 ** The maximum number of opcodes in a VDBE program.
 ** Not currently enforced.
 */
 #ifndef SQLITE_MAX_VDBE_OP
 # define SQLITE_MAX_VDBE_OP 25000
--- a/src/vdbe.c
+++ b/src/vdbe.c
@@ -43,7 +43,7 @@
 ** in this file for details.  If in doubt, do not deviate from existing
 ** commenting and indentation practices when changing or adding code.
 **
-** $Id: vdbe.c,v 1.623 2007/05/23 06:31:39 drh Exp $
+** $Id: vdbe.c,v 1.624 2007/06/07 19:08:34 drh Exp $
 */
 #include "sqliteInt.h"
 #include "os.h"
@@ -5139,8 +5139,7 @@ too_big:
  rc = SQLITE_TOOBIG;
  goto vdbe_halt;
-  /* Jump to here if a malloc() fails.  It's hard to get a malloc()
+  /* Jump to here if a malloc() fails.
  ** to fail on a modern VM computer, so this code is untested.
  */
 no_mem:
  sqlite3SetString(&p->zErrMsg, "out of memory", (char*)0);
--- a/src/vdbemem.c
+++ b/src/vdbemem.c
@@ -98,8 +98,11 @@ int sqlite3VdbeMemDynamicify(Mem *pMem){
 int sqlite3VdbeMemExpandBlob(Mem *pMem){
  if( pMem->flags & MEM_Zero ){
    char *pNew;
    int nByte;
    assert( (pMem->flags & MEM_Blob)!=0 );
-    pNew = sqliteMalloc(pMem->n+pMem->u.i);
+    nByte = pMem->n + pMem->u.i;
    if( nByte<=0 ) nByte = 1;
    pNew = sqliteMalloc(nByte);
    if( pNew==0 ){ 
      return SQLITE_NOMEM;
    }
@@ -411,6 +414,7 @@ void sqlite3VdbeMemSetZeroBlob(Mem *pMem, int n){
  pMem->flags = MEM_Blob|MEM_Zero|MEM_Short;
  pMem->type = SQLITE_BLOB;
  pMem->n = 0;
  if( n<0 ) n = 0;
  pMem->u.i = n;
  pMem->z = pMem->zShort;
  pMem->enc = SQLITE_UTF8;
--- a/test/sqllimits1.test
+++ b/test/sqllimits1.test
@@ -12,7 +12,7 @@
 # This file contains tests to verify that the limits defined in
 # sqlite source file limits.h are enforced.
 #
-# $Id: sqllimits1.test,v 1.9 2007/06/07 15:45:35 danielk1977 Exp $
+# $Id: sqllimits1.test,v 1.10 2007/06/07 19:08:34 drh Exp $
 set testdir [file dirname $argv0]
 source $testdir/tester.tcl
@@ -41,9 +41,12 @@ source $testdir/tester.tcl
 # Test cases sqllimits-1.* test that the SQLITE_MAX_LENGTH limit
 # is enforced.
 #
-do_test sqllimits-1.1 {
+do_test sqllimits-1.1.1 {
  catchsql { SELECT randomblob(2147483647) }
 } {1 {string or blob too big}}
 do_test sqllimits-1.1.2 {
  catchsql { SELECT zeroblob(2147483647) }
 } {1 {string or blob too big}}
 # Large, but allowable, blob-size.
 #
@@ -58,6 +61,18 @@ do_test sqllimits-1.3 {
 } {1 {string or blob too big}}
 do_test sqllimits-1.4 {
  catchsql { SELECT LENGTH(zeroblob($::LARGESIZE)) }
 } "0 $::LARGESIZE"
 do_test sqllimits-1.5 {
  catchsql { SELECT quote(zeroblob($::LARGESIZE)) }
 } {1 {string or blob too big}}
 do_test sqllimits-1.6 {
  catchsql { SELECT zeroblob(-1) }
 } {0 {}}
 do_test sqllimits-1.9 {
  set ::str [string repeat A 65537]
  set ::rep [string repeat B 65537]
  catchsql { SELECT replace($::str, 'A', $::rep) }
@@ -437,5 +452,3 @@ do_test sqllimits-1.12.2 {
 } {1 {string or blob too big}}
 finish_test
--- a/test/zeroblob.test
+++ b/test/zeroblob.test
@@ -13,7 +13,7 @@
 # including the sqlite3_bind_zeroblob(), sqlite3_result_zeroblob(),
 # and the built-in zeroblob() SQL function.
 #
-# $Id: zeroblob.test,v 1.5 2007/05/30 06:19:33 danielk1977 Exp $
+# $Id: zeroblob.test,v 1.6 2007/06/07 19:08:34 drh Exp $
 set testdir [file dirname $argv0]
 source $testdir/tester.tcl
@@ -152,4 +152,28 @@ do_test zeroblob-5.4 {
 } [execsql {SELECT zeroblob(100)}]
 # Check for malicious use of zeroblob.  Make sure nothing crashes.
 #
 do_test zeroblob-6.1.1 { 
  execsql {select zeroblob(-1)} 
 } {{}} 
 do_test zeroblob-6.1.2 { 
  execsql {select zeroblob(-10)} 
 } {{}} 
 do_test zeroblob-6.1.3 { 
  execsql {select zeroblob(-100)} 
 } {{}} 
 do_test zeroblob-6.2 { 
  execsql {select length(zeroblob(-1))} 
 } {0} 
 do_test zeroblob-6.3 { 
  execsql {select zeroblob(-1)|1} 
 } {1} 
 do_test zeroblob-6.4 { 
  catchsql {select length(zeroblob(2147483648))} 
 } {1 {string or blob too big}} 
 do_test zeroblob-6.5 { 
  catchsql {select zeroblob(2147483648)} 
 } {1 {string or blob too big}} 
 finish_test
		`@@ -1 +1 @@`
			`e66aa2c34a5c767554c022d01386a95558083e84`				`f40218434e549144ddb48303df30e5191d44d3fc`