From e1f49b88501363222a3f13c25c1ec4e08150811b Mon Sep 17 00:00:00 2001 From: drh Date: Fri, 3 Jan 2020 00:28:14 +0000 Subject: [PATCH 1/6] Fix a problem in sqlite3TreeViewBareExprList() in which the routine was not interpreting the new ExprList format correctly. FossilOrigin-Name: cd56872afbb4edeff2e8c1cb1c8d47c7a9b333b3fc416c20183250807291fae8 --- manifest | 13 ++++++------- manifest.uuid | 2 +- src/treeview.c | 1 + 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/manifest b/manifest index ed9effd846..4440d9e596 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Add\sthe\stwo-size\slookaside\smemory\sallocator.\s\sAlso,\sreduce\sthe\sper-entry\nsize\sof\sthe\sExprList\sobject. -D 2020-01-02T22:28:47.433 +C Fix\sa\sproblem\sin\ssqlite3TreeViewBareExprList()\sin\swhich\sthe\sroutine\swas\nnot\sinterpreting\sthe\snew\sExprList\sformat\scorrectly. +D 2020-01-03T00:28:14.306 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -593,7 +593,7 @@ F src/test_window.c cdae419fdcea5bad6dcd9368c685abdad6deb59e9fc8b84b153de513d394 F src/test_wsd.c 41cadfd9d97fe8e3e4e44f61a4a8ccd6f7ca8fe9 F src/threads.c 4ae07fa022a3dc7c5beb373cf744a85d3c5c6c3c F src/tokenize.c 7b17f6e2f20f6cbcb0b215025a86b7457c38451fc7622f705e553d7a488c572d -F src/treeview.c 74d4fb2b6a2eaced4c0a6e22a9caf6e4a975577774456575065c5c921bdb3381 +F src/treeview.c 2f712c821748dccced8977c33de83146e75a193afd17da3da8ad64e0225fee20 F src/trigger.c a40d50e88bd3355f1d2a73f0a3b2d6b42eae26ca4219001b82ef0d064439badc F src/update.c 9ad19af96aff95dc02a923a99f97c1bc0b909009a29a2914b796f786b9ac0c60 F src/upsert.c 2920de71b20f04fe25eb00b655d086f0ba60ea133c59d7fa3325c49838818e78 @@ -1853,8 +1853,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 7405e982257611803792617f5d8142c54f9831b4a030f4de8607888c525e6289 34b877742ef78e9bb3f16815180f4ad9cd722beb1d610f713400a3b25d68aa9b -R 896a86b40586a93b7de7ff4de391d81d -T +closed 34b877742ef78e9bb3f16815180f4ad9cd722beb1d610f713400a3b25d68aa9b +P 51665bf0f975fb248964a4be205a4f3285d3f3f8cc697977d264efefbbe20dd8 +R 8459c9056b34d50995b431eb3c997586 U drh -Z 486c5971cb86c4301cea954c124cc71f +Z 2198282fcf120035e4a8ba3edeb717df diff --git a/manifest.uuid b/manifest.uuid index b1fa06af2e..aa6783ac27 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -51665bf0f975fb248964a4be205a4f3285d3f3f8cc697977d264efefbbe20dd8 \ No newline at end of file +cd56872afbb4edeff2e8c1cb1c8d47c7a9b333b3fc416c20183250807291fae8 \ No newline at end of file diff --git a/src/treeview.c b/src/treeview.c index e6ec4161bb..938c1f1a1f 100644 --- a/src/treeview.c +++ b/src/treeview.c @@ -730,6 +730,7 @@ void sqlite3TreeViewBareExprList( int j = pList->a[i].u.x.iOrderByCol; char *zName = pList->a[i].zEName; int moreToFollow = inExpr - 1; + if( pList->a[i].eEName!=ENAME_NAME ) zName = 0; if( j || zName ){ sqlite3TreeViewPush(pView, moreToFollow); moreToFollow = 0; From 0cbec59c8bbaa2e2ddf13928441d68b28a9aa3d0 Mon Sep 17 00:00:00 2001 From: drh Date: Fri, 3 Jan 2020 02:20:37 +0000 Subject: [PATCH 2/6] When generating the name of a view (or common table expression) because the SQL does not specify a name, avoid the names "true" and "false" which might be confused for the boolean literals of the same name, leading to an inconsistent abstract syntax tree. FossilOrigin-Name: ff9492d3ff733c222ea67f23d478df1547641b5e2e6dd870b0b29e25c13f3739 --- manifest | 18 +++++++++--------- manifest.uuid | 2 +- src/expr.c | 21 ++++++++++++++++++--- src/select.c | 2 +- src/sqliteInt.h | 1 + test/with1.test | 24 ++++++++++++++++++++++++ 6 files changed, 54 insertions(+), 14 deletions(-) diff --git a/manifest b/manifest index 4440d9e596..250def6b1d 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sa\sproblem\sin\ssqlite3TreeViewBareExprList()\sin\swhich\sthe\sroutine\swas\nnot\sinterpreting\sthe\snew\sExprList\sformat\scorrectly. -D 2020-01-03T00:28:14.306 +C When\sgenerating\sthe\sname\sof\sa\sview\s(or\scommon\stable\sexpression)\sbecause\sthe\nSQL\sdoes\snot\sspecify\sa\sname,\savoid\sthe\snames\s"true"\sand\s"false"\swhich\smight\nbe\sconfused\sfor\sthe\sboolean\sliterals\sof\sthe\ssame\sname,\sleading\sto\san\ninconsistent\sabstract\ssyntax\stree. +D 2020-01-03T02:20:37.589 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -480,7 +480,7 @@ F src/date.c e1d8ac7102f3f283e63e13867acb0efa33861cf34f0faf4cdbaf9fa7a1eb7041 F src/dbpage.c 135eb3b5e74f9ef74bde5cec2571192c90c86984fa534c88bf4a055076fa19b7 F src/dbstat.c 6c407e549406c10fde9ac3987f6d734459205239ad370369bc5fcd683084a4fa F src/delete.c a5c59b9c0251cf7682bc52af0d64f09b1aefc6781a63592c8f1136f7b73c66e4 -F src/expr.c bef2f4c18a90fec59575dba1e32cc7d120af4120105bf503b843507f03f1d378 +F src/expr.c 53106d7ca6a00b8fc91d3ab5338561b02efc9d282525e8101423f9c933dd50f0 F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007 F src/fkey.c 92a248ec0fa4ed8ab60c98d9b188ce173aaf218f32e7737ba77deb2a684f9847 F src/func.c 259496e4856bd0a3215d16804992f3339f3e8db29f129a5a7285c341488bbe9c @@ -528,12 +528,12 @@ F src/printf.c 9be6945837c839ba57837b4bc3af349eba630920fa5532aa518816defe42a7d4 F src/random.c 80f5d666f23feb3e6665a6ce04c7197212a88384 F src/resolve.c 938295261d556dc173e7c4b85c921b565b25c38656b924bdf03c3ff8f37e24ab F src/rowset.c d977b011993aaea002cab3e0bb2ce50cf346000dff94e944d547b989f4b1fe93 -F src/select.c 8791103f21df458fdaba16c7d6452f92b00363f222f0f242661654f12455ea0a +F src/select.c 6a2d755e068b36678317654c953ffaafc4a6282ebb1f67b217a8e960d58992b7 F src/shell.c.in 90b002bf0054399cbbfac62dd752a9b05770427ba141bcba75eefbb0098f4280 F src/sqlite.h.in 51f69c62ba3e980aca1e39badcaf9ad13f008774fe1bb8e7f57e3e456c656670 F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8 F src/sqlite3ext.h 72af51aa4e912e14cd495fb6e7fac65f0940db80ed950d90911aff292cc47ce2 -F src/sqliteInt.h 7f028954dc3602b5505064b1028ac671965bfd9905316767cb3298f945478ac0 +F src/sqliteInt.h a694b38db1748007390cbafcaba56d5379203c23ab5ae7d3a538f367e8638102 F src/sqliteLimit.h 1513bfb7b20378aa0041e7022d04acb73525de35b80b252f1b83fedb4de6a76b F src/status.c 9ff2210207c6c3b4d9631a8241a7d45ab1b26a0e9c84cb07a9b5ce2de9a3b278 F src/table.c b46ad567748f24a326d9de40e5b9659f96ffff34 @@ -1733,7 +1733,7 @@ F test/windowB.test 7a983ea1cc1cf72be7f378e4b32f6cb2d73014c5cd8b25aaee825164cd42 F test/windowerr.tcl f5acd6fbc210d7b5546c0e879d157888455cd4a17a1d3f28f07c1c8a387019e0 F test/windowerr.test a8b752402109c15aa1c5efe1b93ccb0ce1ef84fa964ae1cd6684dd0b3cc1819b F test/windowfault.test 8e3b69abe0eea9595ba3940afd9c63644e11966ed8815734b67f1479a8e9891a -F test/with1.test d32792084dcb5f6c047d77bb8a032822ef9fe050ade07d0aeffa37753a05e3c9 +F test/with1.test 386d1c1763a9d369fd08ea03145869b6313ba263e1a102df5a275007000d1b47 F test/with2.test e0030e2f0267a910d6c0e4f46f2dfe941c1cc0d4f659ba69b3597728e7e8f1ab F test/with3.test 7de8dff2891aca0f9453463e4a2d6eb995baf137827d5596116fee53e22a4e29 F test/with4.test 257be66c0c67fee1defbbac0f685c3465e2cad037f21ce65f23f86084f198205 @@ -1853,7 +1853,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 51665bf0f975fb248964a4be205a4f3285d3f3f8cc697977d264efefbbe20dd8 -R 8459c9056b34d50995b431eb3c997586 +P cd56872afbb4edeff2e8c1cb1c8d47c7a9b333b3fc416c20183250807291fae8 +R 2d4c4407cbf30d2c83e3f90fdf5f6138 U drh -Z 2198282fcf120035e4a8ba3edeb717df +Z df9525e36468611f3a07620ddc0d95cd diff --git a/manifest.uuid b/manifest.uuid index aa6783ac27..b76c673578 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -cd56872afbb4edeff2e8c1cb1c8d47c7a9b333b3fc416c20183250807291fae8 \ No newline at end of file +ff9492d3ff733c222ea67f23d478df1547641b5e2e6dd870b0b29e25c13f3739 \ No newline at end of file diff --git a/src/expr.c b/src/expr.c index 2d9854c895..cc795c09f0 100644 --- a/src/expr.c +++ b/src/expr.c @@ -1848,19 +1848,34 @@ int sqlite3SelectWalkFail(Walker *pWalker, Select *NotUsed){ return WRC_Abort; } +/* +** Check the input string to see if it is "true" or "false" (in any case). +** +** If the string is.... Return +** "true" EP_IsTrue +** "false" EP_IsFalse +** anything else 0 +*/ +u32 sqlite3IsTrueOrFalse(const char *zIn){ + if( sqlite3StrICmp(zIn, "true")==0 ) return EP_IsTrue; + if( sqlite3StrICmp(zIn, "false")==0 ) return EP_IsFalse; + return 0; +} + + /* ** If the input expression is an ID with the name "true" or "false" ** then convert it into an TK_TRUEFALSE term. Return non-zero if ** the conversion happened, and zero if the expression is unaltered. */ int sqlite3ExprIdToTrueFalse(Expr *pExpr){ + u32 v; assert( pExpr->op==TK_ID || pExpr->op==TK_STRING ); if( !ExprHasProperty(pExpr, EP_Quoted) - && (sqlite3StrICmp(pExpr->u.zToken, "true")==0 - || sqlite3StrICmp(pExpr->u.zToken, "false")==0) + && (v = sqlite3IsTrueOrFalse(pExpr->u.zToken))!=0 ){ pExpr->op = TK_TRUEFALSE; - ExprSetProperty(pExpr, pExpr->u.zToken[4]==0 ? EP_IsTrue : EP_IsFalse); + ExprSetProperty(pExpr, v); return 1; } return 0; diff --git a/src/select.c b/src/select.c index 63d76a4679..df8daef993 100644 --- a/src/select.c +++ b/src/select.c @@ -2003,7 +2003,7 @@ int sqlite3ColumnsFromExprList( zName = pEList->a[i].zEName; } } - if( zName ){ + if( zName && !sqlite3IsTrueOrFalse(zName) ){ zName = sqlite3DbStrDup(db, zName); }else{ zName = sqlite3MPrintf(db,"column%d",i+1); diff --git a/src/sqliteInt.h b/src/sqliteInt.h index d936b2c30d..bab9fba4ad 100644 --- a/src/sqliteInt.h +++ b/src/sqliteInt.h @@ -4249,6 +4249,7 @@ void sqlite3EndTransaction(Parse*,int); void sqlite3Savepoint(Parse*, int, Token*); void sqlite3CloseSavepoints(sqlite3 *); void sqlite3LeaveMutexAndCloseZombie(sqlite3*); +u32 sqlite3IsTrueOrFalse(const char*); int sqlite3ExprIdToTrueFalse(Expr*); int sqlite3ExprTruthValue(const Expr*); int sqlite3ExprIsConstant(Expr*); diff --git a/test/with1.test b/test/with1.test index 5631bfb69d..f798dd2111 100644 --- a/test/with1.test +++ b/test/with1.test @@ -1140,4 +1140,28 @@ do_execsql_test 24.2 { 3 1 1 3 } +# 2020-01-02 chromium ticket 1033461 +# Do not allow the generated name of a CTE be "true" or "false" as +# such a label might be later confused for the boolean literals of +# the same name, causing inconsistencies in the abstract syntax +# tree. This problem first arose in version 3.23.0 when SQLite +# began recognizing "true" and "false" as boolean literals, but also +# had to continue to recognize "true" and "false" as identifiers for +# backwards compatibility. +# +reset_db +do_execsql_test 25.1 { + CREATE TABLE dual(dummy); + INSERT INTO dual(dummy) VALUES('X'); + WITH cte1 AS ( + SELECT TRUE, ( + WITH cte2 AS (SELECT avg(DISTINCT TRUE) FROM dual) + SELECT 2571 FROM cte2 + ) AS subquery1 + FROM dual + GROUP BY 1 + ) + SELECT (SELECT 1324 FROM cte1) FROM cte1; +} {1324} + finish_test From aa328b6ab13d97f092bced55f8faeb13b4c42237 Mon Sep 17 00:00:00 2001 From: dan Date: Fri, 3 Jan 2020 13:55:14 +0000 Subject: [PATCH 3/6] Ensure that when a Select object is reset a new, empty, SrcList is allocated. FossilOrigin-Name: 4889cbf898d7ec54f061b21b6d3621b22fc482cbeaa7115d40995a4cc30e41db --- manifest | 16 ++++++++-------- manifest.uuid | 2 +- src/select.c | 1 + test/window1.test | 23 +++++++++++++++++++++++ 4 files changed, 33 insertions(+), 9 deletions(-) diff --git a/manifest b/manifest index 250def6b1d..797361775c 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C When\sgenerating\sthe\sname\sof\sa\sview\s(or\scommon\stable\sexpression)\sbecause\sthe\nSQL\sdoes\snot\sspecify\sa\sname,\savoid\sthe\snames\s"true"\sand\s"false"\swhich\smight\nbe\sconfused\sfor\sthe\sboolean\sliterals\sof\sthe\ssame\sname,\sleading\sto\san\ninconsistent\sabstract\ssyntax\stree. -D 2020-01-03T02:20:37.589 +C Ensure\sthat\swhen\sa\sSelect\sobject\sis\sreset\sa\snew,\sempty,\sSrcList\sis\sallocated. +D 2020-01-03T13:55:14.564 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -528,7 +528,7 @@ F src/printf.c 9be6945837c839ba57837b4bc3af349eba630920fa5532aa518816defe42a7d4 F src/random.c 80f5d666f23feb3e6665a6ce04c7197212a88384 F src/resolve.c 938295261d556dc173e7c4b85c921b565b25c38656b924bdf03c3ff8f37e24ab F src/rowset.c d977b011993aaea002cab3e0bb2ce50cf346000dff94e944d547b989f4b1fe93 -F src/select.c 6a2d755e068b36678317654c953ffaafc4a6282ebb1f67b217a8e960d58992b7 +F src/select.c 64bf450dc0f2b37be8d2be6ff7d25a70de37ef6fb64527c68f767fe9fe47bc55 F src/shell.c.in 90b002bf0054399cbbfac62dd752a9b05770427ba141bcba75eefbb0098f4280 F src/sqlite.h.in 51f69c62ba3e980aca1e39badcaf9ad13f008774fe1bb8e7f57e3e456c656670 F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8 @@ -1714,7 +1714,7 @@ F test/win32heap.test 10fd891266bd00af68671e702317726375e5407561d859be1aa04696f2 F test/win32lock.test fbf107c91d8f5512be5a5b87c4c42ab9fdd54972 F test/win32longpath.test 169c75a3b2e43481f4a62122510210c67b08f26d F test/win32nolock.test ac4f08811a562e45a5755e661f45ca85892bdbbc -F test/window1.test 30f38038f2878a28befa66c288099e5da131ba673799d73d0864f08375d503e1 +F test/window1.test b61afc46bad183e19dcd46119d908ee79aecfd5929e61d332dba4ce9c2c0b7b9 F test/window2.tcl 492c125fa550cda1dd3555768a2303b3effbeceee215293adf8871efc25f1476 F test/window2.test e466a88bd626d66edc3d352d7d7e1d5531e0079b549ba44efb029d1fbff9fd3c F test/window3.tcl acea6e86a4324a210fd608d06741010ca83ded9fde438341cb978c49928faf03 @@ -1853,7 +1853,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P cd56872afbb4edeff2e8c1cb1c8d47c7a9b333b3fc416c20183250807291fae8 -R 2d4c4407cbf30d2c83e3f90fdf5f6138 -U drh -Z df9525e36468611f3a07620ddc0d95cd +P ff9492d3ff733c222ea67f23d478df1547641b5e2e6dd870b0b29e25c13f3739 +R 6d6e6fecfce942a481e283b1c0c2a9e4 +U dan +Z d65258fbc060b0ebe3f9befe743fe2c5 diff --git a/manifest.uuid b/manifest.uuid index b76c673578..6457a419cd 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -ff9492d3ff733c222ea67f23d478df1547641b5e2e6dd870b0b29e25c13f3739 \ No newline at end of file +4889cbf898d7ec54f061b21b6d3621b22fc482cbeaa7115d40995a4cc30e41db \ No newline at end of file diff --git a/src/select.c b/src/select.c index df8daef993..09e674a8ad 100644 --- a/src/select.c +++ b/src/select.c @@ -202,6 +202,7 @@ void sqlite3SelectReset(Parse *pParse, Select *p){ memset(&p->iLimit, 0, sizeof(Select) - offsetof(Select,iLimit)); p->pEList = sqlite3ExprListAppend(pParse, 0, sqlite3ExprAlloc(pParse->db,TK_NULL,0,0)); + p->pSrc = sqlite3DbMallocZero(pParse->db, sizeof(SrcList)); } } diff --git a/test/window1.test b/test/window1.test index a2d26a2f7b..bc5796f87a 100644 --- a/test/window1.test +++ b/test/window1.test @@ -1554,4 +1554,27 @@ do_execsql_test 46.4 { OR ((SELECT sum(a)OVER(ORDER BY a)) AND a<=10) } 10 +#------------------------------------------------------------------------- +reset_db +do_execsql_test 47.0 { + CREATE TABLE t1( + a, + e, + f, + g UNIQUE, + h UNIQUE + ); +} + +do_execsql_test 47.1 { + CREATE VIEW t2(k) AS + SELECT e FROM t1 WHERE g = 'abc' OR h BETWEEN 10 AND f; +} + +do_catchsql_test 47.2 { + SELECT 234 FROM t2 + WHERE k=1 + OR (SELECT k FROM t2 WHERE (SELECT sum(a) OVER() FROM t1 GROUP BY 1)); +} {1 {misuse of window function sum()}} + finish_test From 90996885fcad330e5773ae77b2f0276e9233bb47 Mon Sep 17 00:00:00 2001 From: drh Date: Fri, 3 Jan 2020 14:16:43 +0000 Subject: [PATCH 4/6] Fix the OP_Copy-coalesce optimization so that if the previous row happens to end with OP_Copy but is not a candidate for the optimization due to jumps, then the optimization is correctly bypassed. FossilOrigin-Name: b36126c1889e323c9a8f04b4f4884576993c845e7d393e5e73aaa6ab5158c1f9 --- manifest | 16 ++++++++-------- manifest.uuid | 2 +- src/expr.c | 4 ++++ test/select1.test | 3 +++ 4 files changed, 16 insertions(+), 9 deletions(-) diff --git a/manifest b/manifest index 797361775c..f7378272ed 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Ensure\sthat\swhen\sa\sSelect\sobject\sis\sreset\sa\snew,\sempty,\sSrcList\sis\sallocated. -D 2020-01-03T13:55:14.564 +C Fix\sthe\sOP_Copy-coalesce\soptimization\sso\sthat\sif\sthe\sprevious\srow\shappens\nto\send\swith\sOP_Copy\sbut\sis\snot\sa\scandidate\sfor\sthe\soptimization\sdue\sto\sjumps,\nthen\sthe\soptimization\sis\scorrectly\sbypassed. +D 2020-01-03T14:16:43.141 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -480,7 +480,7 @@ F src/date.c e1d8ac7102f3f283e63e13867acb0efa33861cf34f0faf4cdbaf9fa7a1eb7041 F src/dbpage.c 135eb3b5e74f9ef74bde5cec2571192c90c86984fa534c88bf4a055076fa19b7 F src/dbstat.c 6c407e549406c10fde9ac3987f6d734459205239ad370369bc5fcd683084a4fa F src/delete.c a5c59b9c0251cf7682bc52af0d64f09b1aefc6781a63592c8f1136f7b73c66e4 -F src/expr.c 53106d7ca6a00b8fc91d3ab5338561b02efc9d282525e8101423f9c933dd50f0 +F src/expr.c 70af050710e92b16dac5498005e77a8fd799eda31cac19f641da5b0531cccb03 F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007 F src/fkey.c 92a248ec0fa4ed8ab60c98d9b188ce173aaf218f32e7737ba77deb2a684f9847 F src/func.c 259496e4856bd0a3215d16804992f3339f3e8db29f129a5a7285c341488bbe9c @@ -1295,7 +1295,7 @@ F test/schema6.test e4bd1f23d368695eb9e7b51ef6e02ca0642ea2ab4a52579959826b5e7dce F test/schemafault.test 1936bceca55ac82c5efbcc9fc91a1933e45c8d1e1d106b9a7e56c972a5a2a51e F test/securedel.test 2f70b2449186a1921bd01ec9da407fbfa98c3a7a5521854c300c194b2ff09384 F test/securedel2.test 2d54c28e46eb1fd6902089958b20b1b056c6f1c5 -F test/select1.test 0aaefed5e770232effeba2d19b8dde01b639d617b844cb2492a75961e4119549 +F test/select1.test 009a6d8eacd9684d046302b8d13b50846a87e39d6f08e92178aa13e95ea29a2d F test/select2.test 352480e0e9c66eda9c3044e412abdf5be0215b56 F test/select3.test 3905450067c28766bc83ee397f6d87342de868baa60f2bcfd00f286dfbd62cb9 F test/select4.test 5389d9895968d1196c457d59b3ee6515d771d328 @@ -1853,7 +1853,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P ff9492d3ff733c222ea67f23d478df1547641b5e2e6dd870b0b29e25c13f3739 -R 6d6e6fecfce942a481e283b1c0c2a9e4 -U dan -Z d65258fbc060b0ebe3f9befe743fe2c5 +P 4889cbf898d7ec54f061b21b6d3621b22fc482cbeaa7115d40995a4cc30e41db +R 08e8e017bd785f9894e0fa9f6ebc60bd +U drh +Z c0b2c81a3a0405edc8e28815ea102073 diff --git a/manifest.uuid b/manifest.uuid index 6457a419cd..3ae53d260f 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -4889cbf898d7ec54f061b21b6d3621b22fc482cbeaa7115d40995a4cc30e41db \ No newline at end of file +b36126c1889e323c9a8f04b4f4884576993c845e7d393e5e73aaa6ab5158c1f9 \ No newline at end of file diff --git a/src/expr.c b/src/expr.c index cc795c09f0..0c4a611758 100644 --- a/src/expr.c +++ b/src/expr.c @@ -3620,6 +3620,9 @@ static int exprCodeInlineFunction( VdbeCoverage(v); sqlite3ExprCode(pParse, pFarg->a[i].pExpr, target); } + if( sqlite3VdbeGetOp(v, -1)->opcode==OP_Copy ){ + sqlite3VdbeChangeP5(v, 1); /* Tag trailing OP_Copy as not mergable */ + } sqlite3VdbeResolveLabel(v, endCoalesce); break; } @@ -4607,6 +4610,7 @@ int sqlite3ExprCodeExprList( && (pOp=sqlite3VdbeGetOp(v, -1))->opcode==OP_Copy && pOp->p1+pOp->p3+1==inReg && pOp->p2+pOp->p3+1==target+i + && pOp->p5==0 /* The do-not-merge flag must be clear */ ){ pOp->p3++; }else{ diff --git a/test/select1.test b/test/select1.test index b4d62554ae..b9414d3857 100644 --- a/test/select1.test +++ b/test/select1.test @@ -1197,5 +1197,8 @@ do_execsql_test select-20.10 { WHERE ((SELECT t1.a FROM t1 AS x GROUP BY b) AND b=0) OR a = 10; } {10 Y} +do_execsql_test select-20.20 { + SELECT ifnull(a, max((SELECT 123))), count(a) FROM t1 ; +} {10 1} finish_test From 607dd6e6080c260e73dbacf777cf43d9cd22bd18 Mon Sep 17 00:00:00 2001 From: dan Date: Fri, 3 Jan 2020 14:27:08 +0000 Subject: [PATCH 5/6] Fix a possible NULL pointer dereference caused by using a "VALUES(...)" as a component of a compound SELECT with non-integer ORDER BY clause terms. FossilOrigin-Name: 9d791116420f4e3f613775569e0a0cba2fc22da568b2fb2df920bcf9c9002938 --- manifest | 16 ++++++++-------- manifest.uuid | 2 +- src/resolve.c | 7 ++----- test/orderby1.test | 4 ++++ 4 files changed, 15 insertions(+), 14 deletions(-) diff --git a/manifest b/manifest index f7378272ed..e435770e4a 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sthe\sOP_Copy-coalesce\soptimization\sso\sthat\sif\sthe\sprevious\srow\shappens\nto\send\swith\sOP_Copy\sbut\sis\snot\sa\scandidate\sfor\sthe\soptimization\sdue\sto\sjumps,\nthen\sthe\soptimization\sis\scorrectly\sbypassed. -D 2020-01-03T14:16:43.141 +C Fix\sa\spossible\sNULL\spointer\sdereference\scaused\sby\susing\sa\s"VALUES(...)"\sas\sa\scomponent\sof\sa\scompound\sSELECT\swith\snon-integer\sORDER\sBY\sclause\sterms. +D 2020-01-03T14:27:08.910 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -526,7 +526,7 @@ F src/pragma.h ec3b31eac9b1df040f1cc8cb3d89bc06605c3b4cb3d76f833de8d6d6c3f77f04 F src/prepare.c 6049beb71385f017af6fc320d2c75a4e50b75e280c54232442b785fbb83df057 F src/printf.c 9be6945837c839ba57837b4bc3af349eba630920fa5532aa518816defe42a7d4 F src/random.c 80f5d666f23feb3e6665a6ce04c7197212a88384 -F src/resolve.c 938295261d556dc173e7c4b85c921b565b25c38656b924bdf03c3ff8f37e24ab +F src/resolve.c 31dc20837034491e5a043f411425a507b306ceedf40d666af5fc87b13020ff3d F src/rowset.c d977b011993aaea002cab3e0bb2ce50cf346000dff94e944d547b989f4b1fe93 F src/select.c 64bf450dc0f2b37be8d2be6ff7d25a70de37ef6fb64527c68f767fe9fe47bc55 F src/shell.c.in 90b002bf0054399cbbfac62dd752a9b05770427ba141bcba75eefbb0098f4280 @@ -1199,7 +1199,7 @@ F test/openv2.test 0d3040974bf402e19b7df4b783e447289d7ab394 F test/optfuzz-db01.c a0c256905c8ac79f9a5de2f374a3d9f757bef0dca2a238dc7c10cc8a38031834 F test/optfuzz-db01.txt 21f6bdeadc701cf11528276e2a55c70bfcb846ba42df327f979bd9e7b6ce7041 F test/optfuzz.c 50e330304eb1992e15ddd11f3daaad9bcc0d9aaad09cb2bcc77f9515df2e88b1 -F test/orderby1.test e4501f54721f804ca56922e253403ac6775f88e9f07569994ce99212b3ca5b10 +F test/orderby1.test 6bf0ce45cbfb1cf4779dd418ac5e8cf66abfa04de2c1d2edf1e0e85f1520d8f3 F test/orderby2.test bc11009f7cd99d96b1b11e57b199b00633eb5b04 F test/orderby3.test 8619d06a3debdcd80a27c0fdea5c40b468854b99 F test/orderby4.test 4d39bfbaaa3ae64d026ca2ff166353d2edca4ba4 @@ -1853,7 +1853,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 4889cbf898d7ec54f061b21b6d3621b22fc482cbeaa7115d40995a4cc30e41db -R 08e8e017bd785f9894e0fa9f6ebc60bd -U drh -Z c0b2c81a3a0405edc8e28815ea102073 +P b36126c1889e323c9a8f04b4f4884576993c845e7d393e5e73aaa6ab5158c1f9 +R 75718b3ecb40084b909fa43386a332aa +U dan +Z 2bca40ae05d6e85633d3e5915ae4749d diff --git a/manifest.uuid b/manifest.uuid index 3ae53d260f..a35df94030 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -b36126c1889e323c9a8f04b4f4884576993c845e7d393e5e73aaa6ab5158c1f9 \ No newline at end of file +9d791116420f4e3f613775569e0a0cba2fc22da568b2fb2df920bcf9c9002938 \ No newline at end of file diff --git a/src/resolve.c b/src/resolve.c index f69f9ef311..31b443ed83 100644 --- a/src/resolve.c +++ b/src/resolve.c @@ -453,8 +453,7 @@ static int lookupName( for(j=0; jnExpr; j++){ char *zAs = pEList->a[j].zEName; if( pEList->a[j].eEName==ENAME_NAME - && ALWAYS(zAs!=0) - && sqlite3StrICmp(zAs, zCol)==0 + && sqlite3_stricmp(zAs, zCol)==0 ){ Expr *pOrig; assert( pExpr->pLeft==0 && pExpr->pRight==0 ); @@ -1123,10 +1122,8 @@ static int resolveAsName( if( pE->op==TK_ID ){ char *zCol = pE->u.zToken; for(i=0; inExpr; i++){ - char *zAs = pEList->a[i].zEName; if( pEList->a[i].eEName==ENAME_NAME - && ALWAYS(zAs!=0) - && sqlite3StrICmp(zAs, zCol)==0 + && sqlite3_stricmp(pEList->a[i].zEName, zCol)==0 ){ return i+1; } diff --git a/test/orderby1.test b/test/orderby1.test index 836ca4b83b..5152ffaf89 100644 --- a/test/orderby1.test +++ b/test/orderby1.test @@ -558,5 +558,9 @@ do_execsql_test 10.0 { SELECT b, rowid, '^' FROM t10 ORDER BY b, a LIMIT 4; } {2 1 ^ 4 3 ^ 4 4 ^ 7 5 ^} +do_catchsql_test 11.0 { + VALUES(2) EXCEPT SELECT '' ORDER BY abc +} {1 {1st ORDER BY term does not match any column in the result set}} + finish_test From 4c983b2f86d6440cb0687008fd200b681f692749 Mon Sep 17 00:00:00 2001 From: drh Date: Fri, 3 Jan 2020 14:34:04 +0000 Subject: [PATCH 6/6] Remove an over-zealous ALWAYS() macro and add a test case that shows that the conditional can sometimes be false. FossilOrigin-Name: 536e9a9d1bd514056ecbc8172ed58f2656a86f791a15e526ae2e5f2c93687b6a --- manifest | 16 ++++++++-------- manifest.uuid | 2 +- src/build.c | 2 +- test/collate1.test | 12 ++++++++++++ 4 files changed, 22 insertions(+), 10 deletions(-) diff --git a/manifest b/manifest index e435770e4a..8e0a0698d7 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sa\spossible\sNULL\spointer\sdereference\scaused\sby\susing\sa\s"VALUES(...)"\sas\sa\scomponent\sof\sa\scompound\sSELECT\swith\snon-integer\sORDER\sBY\sclause\sterms. -D 2020-01-03T14:27:08.910 +C Remove\san\sover-zealous\sALWAYS()\smacro\sand\sadd\sa\stest\scase\sthat\sshows\sthat\nthe\sconditional\scan\ssometimes\sbe\sfalse. +D 2020-01-03T14:34:04.183 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -472,7 +472,7 @@ F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6 F src/btree.c f191aa4d99597a1ad77cb15a9473f1183f2a12a7f1650a7705eaac9085e493bb F src/btree.h 6111552f19ed7a40f029cf4b33badc6fef9880314fffd80a945f0b7f43ab7471 F src/btreeInt.h 6794084fad08c9750b45145743c0e3e5c27c94dee89f26dd8df7073314934fd2 -F src/build.c 9b7153d93308783c801c5c36d9b4b3189ab4f00cd9ad6bf4d6c9750378a56be9 +F src/build.c 67b1a8d3ac700747687dbdc49ded847a3c17fef450a8c919ac0399b44cbd4215 F src/callback.c 88615dfc0a82167b65b452b4b305dbf86be77200b3343c6ffc6d03e92a01d181 F src/complete.c a3634ab1e687055cd002e11b8f43eb75c17da23e F src/ctime.c 1b0724e66f95f33b160b1af85caaf9cceb325d22abf39bd24df4f54a73982251 @@ -735,7 +735,7 @@ F test/chunksize.test 427d87791743486cbf0c3b8c625002f3255cb3a89c6eba655a98923b13 F test/close.test eccbad8ecd611d974cbf47278c3d4e5874faf02d811338d5d348af42d56d647c F test/closure01.test 9905883f1b171a4638f98fc764879f154e214a306d3d8daf412a15e7f3a9b1e0 F test/coalesce.test cee0dccb9fbd2d494b77234bccf9dc6c6786eb91 -F test/collate1.test 4178fda6f4cd757b7a278e6b83805868fb1eb46edafb6e3d4bcc2419f8d93202 +F test/collate1.test 532b4992f78e91dd80c2e3c7bd944fada8cbe3d6c0ded0b20f7182b4dfca0006 F test/collate2.test 9aaa410a00734e48bcb27f3872617d6f69b2a621 F test/collate3.test 89defc49983ddfbf0a0555aca8c0521a676f56a5 F test/collate4.test c953715fb498b87163e3e73dd94356bff1f317bd @@ -1853,7 +1853,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P b36126c1889e323c9a8f04b4f4884576993c845e7d393e5e73aaa6ab5158c1f9 -R 75718b3ecb40084b909fa43386a332aa -U dan -Z 2bca40ae05d6e85633d3e5915ae4749d +P 9d791116420f4e3f613775569e0a0cba2fc22da568b2fb2df920bcf9c9002938 +R 95579694e6c940cfce958a36249eabe6 +U drh +Z 7a1e3b4d114838baf5b8097e8c4ad0d7 diff --git a/manifest.uuid b/manifest.uuid index a35df94030..cac5ef7bc0 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -9d791116420f4e3f613775569e0a0cba2fc22da568b2fb2df920bcf9c9002938 \ No newline at end of file +536e9a9d1bd514056ecbc8172ed58f2656a86f791a15e526ae2e5f2c93687b6a \ No newline at end of file diff --git a/src/build.c b/src/build.c index 23d7e7910f..81332356ec 100644 --- a/src/build.c +++ b/src/build.c @@ -2638,7 +2638,7 @@ int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){ sqlite3ColumnsFromExprList(pParse, pTable->pCheck, &pTable->nCol, &pTable->aCol); if( db->mallocFailed==0 - && ALWAYS(pParse->nErr==0) + && pParse->nErr==0 && pTable->nCol==pSel->pEList->nExpr ){ sqlite3SelectAddColumnTypeAndCollation(pParse, pTable, pSel, diff --git a/test/collate1.test b/test/collate1.test index f21d367b9f..007dd7c370 100644 --- a/test/collate1.test +++ b/test/collate1.test @@ -436,4 +436,16 @@ do_faultsim_test 9.1 -faults oom* -body { faultsim_test_result {0 {}} } +# 2020-01-03 dbsqlfuzz find +# +reset_db +do_catchsql_test 10.0 { + CREATE TABLE t1(a INTEGER PRIMARY KEY,b); + INSERT INTO t1 VALUES(0,NULL); + CREATE TABLE t2(x UNIQUE); + CREATE VIEW v1a(z,y) AS SELECT x COLLATE x FROM t2; + SELECT a,b,z,y,'' FROM t1 JOIN v1a ON b IS NOT FALSE; +} {1 {no such collation sequence: x}} + + finish_test