[forum:/info/393708f4a8|Forum post 393708f4a8]. This bug was
introduced by check-in [32befb224b254639] and first appeared in version 3.43.0.
FossilOrigin-Name: 7fca1bc482fc2456d75392eb42f768fda72631c9070de46b8123b1126e78306f
when the value is an array or object. Fix for the bug reported by
[forum:/forumpost/ecb94cd210|forum post ecb94cd210].
FossilOrigin-Name: 1c33c5db2e05019d1a375109f79ad8588a3c17f81e4f4b8d66c880c3c860e87e
[https://sqlite.org/releaselog/3_42_0.html|release 3.42.0] and first reported by
[forum:/forumpost/ee4f6fa5ab|forum post ee4f6fa5ab].
FossilOrigin-Name: 460353dfff8f2fb03f9c8666d0c367ec7be4cfa96dfcb0cea10f144d043223bb
and to help prove that the UAF reported by
[forum:/forumpost/cafbe582e8|forum post cafbe582e8] is a false-positive.
FossilOrigin-Name: 4892440b93306e5a245f18c0d3d295d851e6712260e420016c0d70e12abf8901
then it is not an alias that needs to be resolved, so don't try to. This fixes
a harmless assertion found by dbsqlfuzz. This yet another problem that
orginated at check-in [6e6b3729e0549de0].
FossilOrigin-Name: d4ec2a5d2297cd9ead0a8768dcf003ea76c74d8d68d88c40f62363f484a4a4d3
off by default. Enable by changing a single "#if 0" into "#if 1" and
recompiling. Debugging code only - no changes to release builds.
FossilOrigin-Name: f2b943f97ad7e47848ac6df3a3a1eba134b9e63c4a631f8eaf8bda77cc02ba7b
with an assert(). The conditional was added by [d6fd512f50513ab7] as
a fix for tickets [c36cdb4afd504dc1], [4051a7f931d9ba24], and
[d6fd512f50513ab7] which means now [d4c193f0b49f4950] is the correct fix
for those tickets.
that check-in
FossilOrigin-Name: 44b5524d522e749ad6bf76c94d754ff16c309c32439ec46802924663f64e8b09
Also fix an incorrect comparison used to determine if a buffer needed to
be resized.
FossilOrigin-Name: e3c0c0e686f3b7710f79587cf465b5aac52d8f2f2986a3de885a656f652cbfd3
nested structures after an error is seen. This avoids long loops and wait
times.
FossilOrigin-Name: 97666ec052ebaceab002874d7ca5c5e6883c3d04fb7d3992235a8c4c8d08407a
integer or floating-point node is encountered. Otherwise, if the node occurs
at the very end of the JSONB, the rendering logic might read one byte past
the end of the initialized part of the BLOB byte array. OSSFuzz 66284.
FossilOrigin-Name: b0eb279ea83c1c788c39fb90e178ec99fa4c782195c376a420c661fedf4545a7
ORDER BY clause exceeds 63 terms.
dbsqlfuzz afd1d61fc27d14938a0d78a50970fa1e9fbfee58.
FossilOrigin-Name: d4c193f0b49f4950b20c2f0e6aa037d2ed7d8c0b4687c14923b3a0d0d4a1b3fd
then accept it as valid JSON. This replicates a long-standing bug in the
behavior of JSON routines, and thus avoids breaking legacy apps.
[forum:/forumpost/012136abd5292b8d|Forum thread 012136abd5292b8d].
FossilOrigin-Name: e5dc81d5c7ee97866feb688dfa9b6fc225dabff2b020b9b96b49a8fea5640aec
were JSON. This replicates a long-standing bug in the JSON processing
routines, and thereby avoids breaking legacy.
FossilOrigin-Name: d79a37690ce7ebb91df203170d73511da44546328043c2b3fe1786b2f0087093
inputs to JSON functions that are not JSONB to be processed as if they
where text, immulating historical bugging behavior which some applications
have come to rely upon. See
[forum:/forumpost/012136abd5292b8d|forum thread 012136abd5292b8d] for
discussion.
FossilOrigin-Name: 65572223583d43e1d61ec029641f9d3ff340e68ecfba8342c8d1b0a91a680f2a
