database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-11-12 13:01:09 +03:00
Code Activity

Ensure that all expressions that are to be evaluated once at the start of

Browse Source 
a prepared statement (the Parse.pConstExpr expressions) pass the
sqlite3ExprIsConstantNotJoin() test. It is not sufficient to pass just the
sqlite3ExprIsConstant() test as that would allow through column references
that are bound to constants by the WHERE clause in the constant propagation
optimization.  This fixes a problem discovered by OSSFuzz.

FossilOrigin-Name: 8bc7f84c39f913b0b0f5e9f5fd9d7dd8bda8422248c069712b6992c32c759a83
This commit is contained in:
drh
2018-08-04 15:16:20 +00:00
parent a4b5fb55f3
commit b8b0669065
3 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/expr.c
View File

@@ -4352,7 +4352,7 @@ void sqlite3ExprCodeCopy(Parse *pParse, Expr *pExpr, int target){
** might choose to code the expression at initialization time.
*/
void sqlite3ExprCodeFactorable(Parse *pParse, Expr *pExpr, int target){
if( pParse->okConstFactor && sqlite3ExprIsConstant(pExpr) ){
if( pParse->okConstFactor && sqlite3ExprIsConstantNotJoin(pExpr) ){
sqlite3ExprCodeAtInit(pParse, pExpr, target);
}else{
sqlite3ExprCode(pParse, pExpr, target);
@@ -4434,7 +4434,9 @@ int sqlite3ExprCodeExprList(
}else{
sqlite3VdbeAddOp2(v, copyOp, j+srcReg-1, target+i);
}
}else if( (flags & SQLITE_ECEL_FACTOR)!=0 && sqlite3ExprIsConstant(pExpr) ){
}else if( (flags & SQLITE_ECEL_FACTOR)!=0
&& sqlite3ExprIsConstantNotJoin(pExpr)
){
sqlite3ExprCodeAtInit(pParse, pExpr, target+i);
}else{
int inReg = sqlite3ExprCodeTarget(pParse, pExpr, target+i);