Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix a possible buffer overwrite in the ".import" command. forum post 0c447f0548. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
0fd958fa9b56a8ef254127e29800ca2a |
| User & Date: | dan 2024-05-27 11:35:05 |
Context
|
2024-05-27
| ||
| 13:24 | For compatibility with PostgreSQL, when right-hand side of the ->> operator is negative, it should index from the right side of the JSON array on the left-hand side. (check-in: 82365a45 user: drh tags: trunk) | |
| 11:38 | Fix a possible buffer overwrite in the ".import" command. (check-in: 55eee9f9 user: drh tags: branch-3.46) | |
| 11:35 | Fix a possible buffer overwrite in the ".import" command. forum post 0c447f0548. (check-in: 0fd958fa user: dan tags: trunk) | |
| 11:31 | Add new assert() statements to help out a static analyzer. Response to forum post 17fe8ac32e0de4f5. (check-in: 857f6d53 user: drh tags: trunk) | |
Changes
Changes to src/shell.c.in.
| ︙ | ︙ | |||
8974 8975 8976 8977 8978 8979 8980 |
}
zSql = sqlite3_mprintf("SELECT count(*) FROM pragma_table_info(%Q,%Q);",
zTable, zSchema);
if( zSql==0 ){
import_cleanup(&sCtx);
shell_out_of_memory();
}
| < > > > > > | | | > | 8974 8975 8976 8977 8978 8979 8980 8981 8982 8983 8984 8985 8986 8987 8988 8989 8990 8991 8992 8993 8994 8995 8996 8997 8998 8999 9000 9001 9002 9003 9004 9005 9006 9007 9008 9009 9010 9011 9012 9013 9014 9015 9016 9017 9018 9019 9020 9021 9022 9023 9024 9025 9026 9027 9028 9029 |
}
zSql = sqlite3_mprintf("SELECT count(*) FROM pragma_table_info(%Q,%Q);",
zTable, zSchema);
if( zSql==0 ){
import_cleanup(&sCtx);
shell_out_of_memory();
}
rc = sqlite3_prepare_v2(p->db, zSql, -1, &pStmt, 0);
sqlite3_free(zSql);
zSql = 0;
if( rc ){
if (pStmt) sqlite3_finalize(pStmt);
eputf("Error: %s\n", sqlite3_errmsg(p->db));
import_cleanup(&sCtx);
rc = 1;
goto meta_command_exit;
}
if( sqlite3_step(pStmt)==SQLITE_ROW ){
nCol = sqlite3_column_int(pStmt, 0);
}else{
nCol = 0;
}
sqlite3_finalize(pStmt);
pStmt = 0;
if( nCol==0 ) return 0; /* no columns, no error */
nByte = 64 /* space for "INSERT INTO", "VALUES(", ")\0" */
+ (zSchema ? strlen(zSchema)*2 + 2: 0) /* Quoted schema name */
+ strlen(zTable)*2 + 2 /* Quoted table name */
+ nCol*2; /* Space for ",?" for each column */
zSql = sqlite3_malloc64( nByte );
if( zSql==0 ){
import_cleanup(&sCtx);
shell_out_of_memory();
}
if( zSchema ){
sqlite3_snprintf(nByte, zSql, "INSERT INTO \"%w\".\"%w\" VALUES(?",
zSchema, zTable);
}else{
sqlite3_snprintf(nByte, zSql, "INSERT INTO \"%w\" VALUES(?", zTable);
}
j = strlen30(zSql);
for(i=1; i<nCol; i++){
zSql[j++] = ',';
zSql[j++] = '?';
}
zSql[j++] = ')';
zSql[j] = 0;
assert( j<nByte );
if( eVerbose>=2 ){
oputf("Insert using: %s\n", zSql);
}
rc = sqlite3_prepare_v2(p->db, zSql, -1, &pStmt, 0);
sqlite3_free(zSql);
zSql = 0;
if( rc ){
|
| ︙ | ︙ |
Changes to test/shell5.test.
| ︙ | ︙ | |||
580 581 582 583 584 585 586 587 588 |
puts $out {aaa|bbb}
close $out
forcedelete test.db
catchcmd :memory: {CREATE TABLE t1(a TEXT, b TEXT, c AS (a||b));
.import shell5.csv t1
SELECT * FROM t1;}
} {0 aaa|bbb|aaabbb}
finish_test
| > > > > > > > > > > > > | 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 |
puts $out {aaa|bbb}
close $out
forcedelete test.db
catchcmd :memory: {CREATE TABLE t1(a TEXT, b TEXT, c AS (a||b));
.import shell5.csv t1
SELECT * FROM t1;}
} {0 aaa|bbb|aaabbb}
#-------------------------------------------------------------------------
do_test shell5-8.1 {
set out [open shell5.csv w]
fconfigure $out -translation lf
puts $out x
close $out
catchcmd :memory: {.import --csv shell5.csv '""""""""""""""""""""""""""""""""""""""""""""""'}
} {0 {}}
finish_test
|