SQLite

Check-in [5e0ed49b]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Do not allocate new Trigger objects in the parser following a syntax error, to avoid violating invariants associated with Expr nodes. See forum thread 2024e94071ef1531 for more information.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 5e0ed49b3d739d292f5df3e498449ae8f4357cbb83394181fb34f98ed8372707
User & Date: drh 2022-03-07 16:22:31
Context
2022-03-07
17:19
In the stay-on-last-page optimization for sqlite3BtreeIndexMoveto() (check-in [0057bbb508e7662b] about 16 hours ago), be sure to clear the BTCF_ValidOvfl flag, since the overflow cache is invalidated by the search on the last page. OSSFuzz issue 45329. (check-in: 0021bebc user: drh tags: trunk)
16:40
Do not allocate new Trigger objects in the parser following a syntax error, to avoid violating invariants associated with Expr nodes. See forum thread 2024e94071ef1531 for more information. (check-in: 369d2404 user: drh tags: branch-3.38)
16:22
Do not allocate new Trigger objects in the parser following a syntax error, to avoid violating invariants associated with Expr nodes. See forum thread 2024e94071ef1531 for more information. (check-in: 5e0ed49b user: drh tags: trunk)
14:51
Fix the code generated for vector IN operator constraints on virtual tables so that they work even if the "omit" field in the sqlite3_index_info object is off. This has apparently never worked correctly before. Presumably, nobody has ever before written a virtual table that can use vector IN operator constraints and that relies on bytecode to double-check the constraints. Test cases in TH3. Problem discovered by dbsqlfuzz cab8e26194a40147627094f3c6849c0a7b1e0310. (check-in: 21b65657 user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/trigger.c.
442
443
444
445
446
447
448

449
450
451
452
453
454
455
  Token *pName,               /* The target name */
  const char *zStart,         /* Start of SQL text */
  const char *zEnd            /* End of SQL text */
){
  sqlite3 *db = pParse->db;
  TriggerStep *pTriggerStep;


  pTriggerStep = sqlite3DbMallocZero(db, sizeof(TriggerStep) + pName->n + 1);
  if( pTriggerStep ){
    char *z = (char*)&pTriggerStep[1];
    memcpy(z, pName->z, pName->n);
    sqlite3Dequote(z);
    pTriggerStep->zTarget = z;
    pTriggerStep->op = op;







>







442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
  Token *pName,               /* The target name */
  const char *zStart,         /* Start of SQL text */
  const char *zEnd            /* End of SQL text */
){
  sqlite3 *db = pParse->db;
  TriggerStep *pTriggerStep;

  if( pParse->nErr ) return 0;
  pTriggerStep = sqlite3DbMallocZero(db, sizeof(TriggerStep) + pName->n + 1);
  if( pTriggerStep ){
    char *z = (char*)&pTriggerStep[1];
    memcpy(z, pName->z, pName->n);
    sqlite3Dequote(z);
    pTriggerStep->zTarget = z;
    pTriggerStep->op = op;
Changes to test/trigger1.test.
822
823
824
825
826
827
828











829
830
       SET b=randomblob(10)
     WHERE b >= 'E'
       AND a < (SELECT a FROM t1 WHERE a<22 GROUP BY b);
  END;
  INSERT INTO t1(b) VALUES('Y'),('X'),('Z');
  SELECT a, CASE WHEN typeof(b)='text' THEN quote(b) ELSE '<blob>' END, '|' FROM t1;
} {1 <blob> | 2 'X' | 3 'Z' |}












finish_test







>
>
>
>
>
>
>
>
>
>
>


822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
       SET b=randomblob(10)
     WHERE b >= 'E'
       AND a < (SELECT a FROM t1 WHERE a<22 GROUP BY b);
  END;
  INSERT INTO t1(b) VALUES('Y'),('X'),('Z');
  SELECT a, CASE WHEN typeof(b)='text' THEN quote(b) ELSE '<blob>' END, '|' FROM t1;
} {1 <blob> | 2 'X' | 3 'Z' |}

# 2022-03-06 https://sqlite.org/forum/forumpost/2024e94071
# Harmless assertion fault following a syntax error.
#
reset_db
do_catchsql_test trigger1-23.1 {
  CREATE TABLE t1(a INT);
  CREATE TRIGGER r1 AFTER INSERT ON t1 BEGIN
    INSERT INTO t1 SELECT e_master LIMIT 1,#1;
  END;
} {1 {near "#1": syntax error}}

finish_test