Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix a possible NULL pointer dereference in following an OOM error in sqlite3ExprIsInteger(). Problem found by OSS-Fuzz. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
5ec655e8e817c1ed3bfb2e576745a7ce |
| User & Date: | drh 2017-03-12 20:28:44 |
Context
|
2017-03-13
| ||
| 13:45 | In the OSSFuzz test module, invoke the progress handler much more frequently so that timeouts are detected punctually even if the test script is running opcodes that individually take a long time (for example, an OP_Function opcode that invokes "randomblob(1.5e6)"). check-in: f3b6959c user: drh tags: trunk | |
|
2017-03-12
| ||
| 20:28 | Fix a possible NULL pointer dereference in following an OOM error in sqlite3ExprIsInteger(). Problem found by OSS-Fuzz. check-in: 5ec655e8 user: drh tags: trunk | |
| 19:39 | Remove an obsolete assert() in the IN operator code generation. check-in: 18bf6aca user: drh tags: trunk | |
Changes
Changes to src/expr.c.
1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 |
** If the expression p codes a constant integer that is small enough
** to fit in a 32-bit integer, return 1 and put the value of the integer
** in *pValue. If the expression is not an integer or if it is too big
** to fit in a signed 32-bit integer, return 0 and leave *pValue unchanged.
*/
int sqlite3ExprIsInteger(Expr *p, int *pValue){
int rc = 0;
/* If an expression is an integer literal that fits in a signed 32-bit
** integer, then the EP_IntValue flag will have already been set */
assert( p->op!=TK_INTEGER || (p->flags & EP_IntValue)!=0
|| sqlite3GetInt32(p->u.zToken, &rc)==0 );
if( p->flags & EP_IntValue ){
|
> |
1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 |
** If the expression p codes a constant integer that is small enough
** to fit in a 32-bit integer, return 1 and put the value of the integer
** in *pValue. If the expression is not an integer or if it is too big
** to fit in a signed 32-bit integer, return 0 and leave *pValue unchanged.
*/
int sqlite3ExprIsInteger(Expr *p, int *pValue){
int rc = 0;
if( p==0 ) return 0; /* Can only happen following on OOM */
/* If an expression is an integer literal that fits in a signed 32-bit
** integer, then the EP_IntValue flag will have already been set */
assert( p->op!=TK_INTEGER || (p->flags & EP_IntValue)!=0
|| sqlite3GetInt32(p->u.zToken, &rc)==0 );
if( p->flags & EP_IntValue ){
|