Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Catch and avoid a 16-bit integer overflow on the number of columns in a common table expression. This fixes a problem found by OSS-Fuzz. The test case is in TH3. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
6ee8cb6ae5fd076ec226bb184b5690ba |
| User & Date: | drh 2017-10-21 14:17:31 |
Context
|
2017-10-22
| ||
| 07:57 | Avoid running tests that use sqlite_dbpage with SQLITE_OMIT_VIRTUAL_TABLE builds. (check-in: 7bd20a20 user: dan tags: trunk) | |
|
2017-10-21
| ||
| 17:17 | Merge all the enhancements and bug fixes from trunk, since none are destablizing. Call this the second beta. (check-in: fb3ee1b7 user: drh tags: branch-3.21) | |
| 14:17 | Catch and avoid a 16-bit integer overflow on the number of columns in a common table expression. This fixes a problem found by OSS-Fuzz. The test case is in TH3. (check-in: 6ee8cb6a user: drh tags: trunk) | |
| 13:29 | Remove unnecessary "#if SQLITE_MAX_COLUMN". SQLITE_MAX_COLUMN is always defined. (check-in: 6ec82acd user: drh tags: trunk) | |
Changes
Changes to src/select.c.
| ︙ | ︙ | |||
1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 |
Hash ht; /* Hash table of column names */
sqlite3HashInit(&ht);
if( pEList ){
nCol = pEList->nExpr;
aCol = sqlite3DbMallocZero(db, sizeof(aCol[0])*nCol);
testcase( aCol==0 );
}else{
nCol = 0;
aCol = 0;
}
assert( nCol==(i16)nCol );
*pnCol = nCol;
*paCol = aCol;
| > | 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 |
Hash ht; /* Hash table of column names */
sqlite3HashInit(&ht);
if( pEList ){
nCol = pEList->nExpr;
aCol = sqlite3DbMallocZero(db, sizeof(aCol[0])*nCol);
testcase( aCol==0 );
if( nCol>32767 ) nCol = 32767;
}else{
nCol = 0;
aCol = 0;
}
assert( nCol==(i16)nCol );
*pnCol = nCol;
*paCol = aCol;
|
| ︙ | ︙ |