NULL pointer access in sqlite3MemdbInit

(1) By kjarvel on 2021-04-12 14:04:56 [source]

I'm building the sqlite3.c amalgamation version 3.35.4, for an embedded system without an OS, with these defines:


The problem can be reproduced with with Visual C++ in Windows.

The build is OK, but at sqlite3_open(":memory:", &db), there is a NULL pointer access in sqlite3MemdbInit:

SQLITE_PRIVATE int sqlite3MemdbInit(void){
  sqlite3_vfs *pLower = sqlite3_vfs_find(0);
  int sz = pLower->szOsFile;

Since sqlite3_vfs_register has not been called at this point, pLower is NULL, and pLower->szOsFile is not valid. (sqlite3_vfs_register(&memdb_vfs,0) is called a few lines later).

Suggested change, to handle the NULL pointer:

 int sz = pLower ? pLower->szOsFile : 0;

A similar problem is in memdbRandomness:

static int memdbRandomness(sqlite3_vfs *pVfs, int nByte, char *zBufOut){
  return ORIGVFS(pVfs)->xRandomness(ORIGVFS(pVfs), nByte, zBufOut);

ORIGVFS(pVfs) is the pAppData pointer in memdb_vfs, which is 0x0. Suggested change, to handle the NULL pointer:

return ORIGVFS(pVfs) ? ORIGVFS(pVfs)->xRandomness(ORIGVFS(pVfs), nByte, zBufOut) : 0;

After this, it works fine.

Sorry if I misunderstood or mis-used sqlite3.c in some way, maybe there is another/real solution? Thank you!