mirror of
https://github.com/sqlite/sqlite.git
synced 2025-08-08 14:02:16 +03:00
Fix a problem allowing a Table object to be deleted from within a call to the xDestroy method of the associated virtual table, causing a use-after-free error.
FossilOrigin-Name: 1dbbb0101e8213b92b9a4c78c0fd2f9d0240a8ea3b40dff1033d1b8d71fb04ef
This commit is contained in:
dan
15
manifest
15
manifest
@@ -1,5 +1,5 @@
|
|||||||
C Fix\san\serror\smessage\sin\sthe\sLemon\sparser\sgenerator.
|
C Fix\sa\sproblem\sallowing\sa\sTable\sobject\sto\sbe\sdeleted\sfrom\swithin\sa\scall\sto\sthe\sxDestroy\smethod\sof\sthe\sassociated\svirtual\stable,\scausing\sa\suse-after-free\serror.
|
||||||
D 2019-04-30T14:26:31.199
|
D 2019-04-30T15:36:32.034
|
||||||
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
|
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
|
||||||
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
|
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
|
||||||
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
|
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
|
||||||
@@ -600,7 +600,7 @@ F src/vdbeblob.c f5c70f973ea3a9e915d1693278a5f890dc78594300cf4d54e64f2b0917c9419
|
|||||||
F src/vdbemem.c dd2ee49255c4c5450f2b0887ef44cea8faa1cd7a46501b39a1a82b113ae418e3
|
F src/vdbemem.c dd2ee49255c4c5450f2b0887ef44cea8faa1cd7a46501b39a1a82b113ae418e3
|
||||||
F src/vdbesort.c 66592d478dbb46f19aed0b42222325eadb84deb40a90eebe25c6e7c1d8468f47
|
F src/vdbesort.c 66592d478dbb46f19aed0b42222325eadb84deb40a90eebe25c6e7c1d8468f47
|
||||||
F src/vdbetrace.c 79d6dbbc479267b255a7de8080eee6e729928a0ef93ed9b0bfa5618875b48392
|
F src/vdbetrace.c 79d6dbbc479267b255a7de8080eee6e729928a0ef93ed9b0bfa5618875b48392
|
||||||
F src/vtab.c 4c5959e00b7a142198d178e3a822f4e05f36f2d1a3c57657373f9487154fc06b
|
F src/vtab.c 1fa256c6ddad7a81e2a4dc080d015d4b0a7135767717d311298e47f6fca64bb3
|
||||||
F src/vxworks.h d2988f4e5a61a4dfe82c6524dd3d6e4f2ce3cdb9
|
F src/vxworks.h d2988f4e5a61a4dfe82c6524dd3d6e4f2ce3cdb9
|
||||||
F src/wal.c b09a2a9cab50efa08451a8c81d47052120ad5da174048c6d0b08d405384abdf2
|
F src/wal.c b09a2a9cab50efa08451a8c81d47052120ad5da174048c6d0b08d405384abdf2
|
||||||
F src/wal.h 606292549f5a7be50b6227bd685fa76e3a4affad71bb8ac5ce4cb5c79f6a176a
|
F src/wal.h 606292549f5a7be50b6227bd685fa76e3a4affad71bb8ac5ce4cb5c79f6a176a
|
||||||
@@ -975,6 +975,7 @@ F test/fts4merge4.test d895b1057a7798b67e03455d0fa50e9ea836c47b
|
|||||||
F test/fts4noti.test 5553d7bb2e20bf4a06b23e849352efc022ce6309
|
F test/fts4noti.test 5553d7bb2e20bf4a06b23e849352efc022ce6309
|
||||||
F test/fts4onepass.test d69ddc4ee3415e40b0c5d1d0408488a87614d4f63ba9c44f3e52db541d6b7cc7
|
F test/fts4onepass.test d69ddc4ee3415e40b0c5d1d0408488a87614d4f63ba9c44f3e52db541d6b7cc7
|
||||||
F test/fts4opt.test 0fd0cc84000743ff2a883b9b84b4a5be07249f0ba790c8848a757164cdd46b2a
|
F test/fts4opt.test 0fd0cc84000743ff2a883b9b84b4a5be07249f0ba790c8848a757164cdd46b2a
|
||||||
|
F test/fts4rename.test 6015a355ec3a11a51eb5b88802b3b2c1788786c54b77b17f3e077b7c93ff8611
|
||||||
F test/fts4umlaut.test fcaca4471de7e78c9d1f7e8976e3e8704d7d8ad979d57a739d00f3f757380429
|
F test/fts4umlaut.test fcaca4471de7e78c9d1f7e8976e3e8704d7d8ad979d57a739d00f3f757380429
|
||||||
F test/fts4unicode.test ceca76422abc251818cb25dabe33d3c3970da5f7c90e1540f190824e6b3a7c95
|
F test/fts4unicode.test ceca76422abc251818cb25dabe33d3c3970da5f7c90e1540f190824e6b3a7c95
|
||||||
F test/full.test 6b3c8fb43c6beab6b95438c1675374b95fab245d
|
F test/full.test 6b3c8fb43c6beab6b95438c1675374b95fab245d
|
||||||
@@ -1821,7 +1822,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
|
|||||||
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
|
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
|
||||||
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
|
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
|
||||||
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
|
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
|
||||||
P f97626f921dafe596b615a168ef31987f4a1c0b52956443e1a5c1148b49cab74
|
P b6d7d42b7426622a26b67809cd1f21285fea120aa1897377b9946840463b41f1
|
||||||
R 716d456c280daf5c4e086f08a5ceb68c
|
R 6adb84036e04ae37c244138c75843359
|
||||||
U drh
|
U dan
|
||||||
Z 897d4bc356296ccb4d7eda6e238b1690
|
Z bb2c7686d9426e0e670050982240668c
|
||||||
|
|||||||
@@ -1 +1 @@
|
|||||||
b6d7d42b7426622a26b67809cd1f21285fea120aa1897377b9946840463b41f1
|
1dbbb0101e8213b92b9a4c78c0fd2f9d0240a8ea3b40dff1033d1b8d71fb04ef
|
||||||
@@ -841,6 +841,7 @@ int sqlite3VtabCallDestroy(sqlite3 *db, int iDb, const char *zTab){
|
|||||||
p = vtabDisconnectAll(db, pTab);
|
p = vtabDisconnectAll(db, pTab);
|
||||||
xDestroy = p->pMod->pModule->xDestroy;
|
xDestroy = p->pMod->pModule->xDestroy;
|
||||||
assert( xDestroy!=0 ); /* Checked before the virtual table is created */
|
assert( xDestroy!=0 ); /* Checked before the virtual table is created */
|
||||||
|
pTab->nTabRef++;
|
||||||
rc = xDestroy(p->pVtab);
|
rc = xDestroy(p->pVtab);
|
||||||
/* Remove the sqlite3_vtab* from the aVTrans[] array, if applicable */
|
/* Remove the sqlite3_vtab* from the aVTrans[] array, if applicable */
|
||||||
if( rc==SQLITE_OK ){
|
if( rc==SQLITE_OK ){
|
||||||
@@ -849,6 +850,7 @@ int sqlite3VtabCallDestroy(sqlite3 *db, int iDb, const char *zTab){
|
|||||||
pTab->pVTable = 0;
|
pTab->pVTable = 0;
|
||||||
sqlite3VtabUnlock(p);
|
sqlite3VtabUnlock(p);
|
||||||
}
|
}
|
||||||
|
sqlite3DeleteTable(db, pTab);
|
||||||
}
|
}
|
||||||
|
|
||||||
return rc;
|
return rc;
|
||||||
|
|||||||
44
test/fts4rename.test
Normal file
44
test/fts4rename.test
Normal file
@@ -0,0 +1,44 @@
|
|||||||
|
# 2019 April 30
|
||||||
|
#
|
||||||
|
# The author disclaims copyright to this source code. In place of
|
||||||
|
# a legal notice, here is a blessing:
|
||||||
|
#
|
||||||
|
# May you do good and not evil.
|
||||||
|
# May you find forgiveness for yourself and forgive others.
|
||||||
|
# May you share freely, never taking more than you give.
|
||||||
|
#
|
||||||
|
#*************************************************************************
|
||||||
|
#
|
||||||
|
|
||||||
|
set testdir [file dirname $argv0]
|
||||||
|
source $testdir/tester.tcl
|
||||||
|
source $testdir/fts3_common.tcl
|
||||||
|
set ::testprefix fts4rename
|
||||||
|
|
||||||
|
# If SQLITE_ENABLE_FTS3 is defined, omit this file.
|
||||||
|
ifcapable !fts3 {
|
||||||
|
finish_test
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
do_execsql_test 1.0 {
|
||||||
|
CREATE VIRTUAL TABLE temp.t1 USING fts3(a);
|
||||||
|
BEGIN;
|
||||||
|
CREATE TABLE t2(x);
|
||||||
|
} {}
|
||||||
|
|
||||||
|
do_catchsql_test 1.1 {
|
||||||
|
ALTER TABLE t1_content RENAME c0a TO docid;
|
||||||
|
} {1 {duplicate column name: docid}}
|
||||||
|
|
||||||
|
do_catchsql_test 1.2 {
|
||||||
|
UPDATE t1 SET Col0 = 1 ;
|
||||||
|
} {1 {no such column: Col0}}
|
||||||
|
|
||||||
|
do_catchsql_test 1.3 {
|
||||||
|
ROLLBACK;
|
||||||
|
DROP TABLE t1;
|
||||||
|
} {0 {}}
|
||||||
|
|
||||||
|
finish_test
|
||||||
|
|
||||||
Reference in New Issue
Block a user