database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-08-08 14:02:16 +03:00
Code Activity

Prevent a possible NULL pointer dereference in the OP_Found opcode that

Browse Source 
can follow an OOM error.  Problem found by OSS-Fuzz.

FossilOrigin-Name: c2de178fe7e2e4e0d764e7e6ac637cfc8c053580c43f7246318dafad2974de3c
This commit is contained in:
drh
2017-05-19 22:51:00 +00:00
parent bcbb066534
commit e46515b53f
3 changed files with 11 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
manifest
View File

@@ -1,5 +1,5 @@
C Improved\scomments\son\sone\sroutine\sin\sthe\squery\splanner.\s\sImproved\sdiagnostic\noutput\sfor\s".wheretrace".\s\sNo\sproduction\scode\schanges. C Prevent\sa\spossible\sNULL\spointer\sdereference\sin\sthe\sOP_Found\sopcode\sthat\ncan\sfollow\san\sOOM\serror.\s\sProblem\sfound\sby\sOSS-Fuzz.
D 2017-05-19T20:55:04.375 D 2017-05-19T22:51:00.217
F Makefile.in 1cc758ce3374a32425e4d130c2fe7b026b20de5b8843243de75f087c0a2661fb F Makefile.in 1cc758ce3374a32425e4d130c2fe7b026b20de5b8843243de75f087c0a2661fb
F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434 F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434
F Makefile.msc 8eeb80162074004e906b53d7340a12a14c471a83743aab975947e95ce061efcc F Makefile.msc 8eeb80162074004e906b53d7340a12a14c471a83743aab975947e95ce061efcc
@@ -470,7 +470,7 @@ F src/update.c c443935c652af9365e033f756550b5032d02e1b06eb2cb890ed7511ae0c051dc
F src/utf.c 699001c79f28e48e9bcdf8a463da029ea660540c F src/utf.c 699001c79f28e48e9bcdf8a463da029ea660540c
F src/util.c fc081ec6f63448dcd80d3dfad35baecfa104823254a815b081a4d9fe76e1db23 F src/util.c fc081ec6f63448dcd80d3dfad35baecfa104823254a815b081a4d9fe76e1db23
F src/vacuum.c 1fe4555cd8c9b263afb85b5b4ee3a4a4181ad569 F src/vacuum.c 1fe4555cd8c9b263afb85b5b4ee3a4a4181ad569
F src/vdbe.c 9bac2bc2313ed682e6f48ccff6644d3263341885bfcbb3cdea7b720c722be2d5 F src/vdbe.c b24b9806db72ad02ca82263b4705150fe9a547508948ee9906b7e120d3710211
F src/vdbe.h f7d1456e28875c2dcb964056589b5b7149ab7edf39edeca801596a39bb3d3848 F src/vdbe.h f7d1456e28875c2dcb964056589b5b7149ab7edf39edeca801596a39bb3d3848
F src/vdbeInt.h 1ecdacc1322fdd3241ec30c32a480e328a6f864e532dc53fae8e0ab68121aebf F src/vdbeInt.h 1ecdacc1322fdd3241ec30c32a480e328a6f864e532dc53fae8e0ab68121aebf
F src/vdbeapi.c dc904b3c5e459727993c2421e653e29d63223846d129fae98adc782b0a996481 F src/vdbeapi.c dc904b3c5e459727993c2421e653e29d63223846d129fae98adc782b0a996481
@@ -1580,7 +1580,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
P 68942a4feeb83e6e1a32d9bd724ae1d72669949adcfad07fb05b0ac48daf5151 P 946b87a5282f00d8c532a51f4390e6de781b9a0d6626cb3c077c5622895dc540
R 92a17794ca7b1da2ddd5cbdf94ffe383 R 892c6abfc58a4043f0c864668f2509c6
U drh U drh
Z 37728e9efe7cfb0ff28d1dfb10b5e51e Z fe52b75d8efb4b802f93708f3666bfdc

2
manifest.uuid
View File

@@ -1 +1 @@
946b87a5282f00d8c532a51f4390e6de781b9a0d6626cb3c077c5622895dc540 c2de178fe7e2e4e0d764e7e6ac637cfc8c053580c43f7246318dafad2974de3c

6
src/vdbe.c
View File

@@ -4106,10 +4106,12 @@ case OP_Found: { /* jump, in3 */
pIdxKey = &r; pIdxKey = &r;
pFree = 0; pFree = 0;
}else{ }else{
assert( pIn3->flags & MEM_Blob );
rc = ExpandBlob(pIn3);
assert( rc==SQLITE_OK || rc==SQLITE_NOMEM );
if( rc ) goto no_mem;
pFree = pIdxKey = sqlite3VdbeAllocUnpackedRecord(pC->pKeyInfo); pFree = pIdxKey = sqlite3VdbeAllocUnpackedRecord(pC->pKeyInfo);
if( pIdxKey==0 ) goto no_mem; if( pIdxKey==0 ) goto no_mem;
assert( pIn3->flags & MEM_Blob );
(void)ExpandBlob(pIn3);
sqlite3VdbeRecordUnpack(pC->pKeyInfo, pIn3->n, pIn3->z, pIdxKey); sqlite3VdbeRecordUnpack(pC->pKeyInfo, pIn3->n, pIn3->z, pIdxKey);
} }
pIdxKey->default_rc = 0; pIdxKey->default_rc = 0;