Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | When an error occurs while rewriting the parser tree for window functions in the sqlite3WindowRewrite() routine, make sure that pParse->nErr is set, and make sure that this shuts down any subsequent code generation that might depend on the transformations that were implemented. This fixes a problem discovered by the Yongheng and Rui fuzzer. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
e2bddcd4c55ba3cbe0130332679ff4b0 |
| User & Date: | drh 2019-12-19 20:37:32 |
References
|
2019-12-19
| ||
| 22:08 | Continuation of [e2bddcd4c55ba3cb]: Add another spot where it is necessary to abort early due to prior errors in sqlite3WindowRewrite(). (check-in: cba2a2a4 user: drh tags: trunk) | |
Context
|
2019-12-19
| ||
| 21:11 | Fix the regexp extension so that it correctly translates all over-length 3-byte UTF8 sequences into 0xfffd. (check-in: 3d4c0bf8 user: drh tags: trunk) | |
| 20:37 | When an error occurs while rewriting the parser tree for window functions in the sqlite3WindowRewrite() routine, make sure that pParse->nErr is set, and make sure that this shuts down any subsequent code generation that might depend on the transformations that were implemented. This fixes a problem discovered by the Yongheng and Rui fuzzer. (check-in: e2bddcd4 user: drh tags: trunk) | |
| 17:42 | Detect the invalid use of NULLS LAST on an INTEGER PRIMARY KEY definition of a WITHOUT ROWID table. (check-in: 4417c5bf user: drh tags: trunk) | |
Changes
Changes to src/expr.c.
| ︙ | ︙ | |||
372 373 374 375 376 377 378 379 380 381 382 383 384 385 |
int jumpIfNull, /* If true, jump if either operand is NULL */
int isCommuted /* The comparison has been commuted */
){
int p5;
int addr;
CollSeq *p4;
if( isCommuted ){
p4 = sqlite3BinaryCompareCollSeq(pParse, pRight, pLeft);
}else{
p4 = sqlite3BinaryCompareCollSeq(pParse, pLeft, pRight);
}
p5 = binaryCompareP5(pLeft, pRight, jumpIfNull);
addr = sqlite3VdbeAddOp4(pParse->pVdbe, opcode, in2, dest, in1,
| > | 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 |
int jumpIfNull, /* If true, jump if either operand is NULL */
int isCommuted /* The comparison has been commuted */
){
int p5;
int addr;
CollSeq *p4;
if( pParse->nErr ) return 0;
if( isCommuted ){
p4 = sqlite3BinaryCompareCollSeq(pParse, pRight, pLeft);
}else{
p4 = sqlite3BinaryCompareCollSeq(pParse, pLeft, pRight);
}
p5 = binaryCompareP5(pLeft, pRight, jumpIfNull);
addr = sqlite3VdbeAddOp4(pParse->pVdbe, opcode, in2, dest, in1,
|
| ︙ | ︙ |
Changes to src/vdbeaux.c.
| ︙ | ︙ | |||
1299 1300 1301 1302 1303 1304 1305 |
** Change the comment on the most recently coded instruction. Or
** insert a No-op and add the comment to that new instruction. This
** makes the code easier to read during debugging. None of this happens
** in a production build.
*/
static void vdbeVComment(Vdbe *p, const char *zFormat, va_list ap){
assert( p->nOp>0 || p->aOp==0 );
| | > | 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 |
** Change the comment on the most recently coded instruction. Or
** insert a No-op and add the comment to that new instruction. This
** makes the code easier to read during debugging. None of this happens
** in a production build.
*/
static void vdbeVComment(Vdbe *p, const char *zFormat, va_list ap){
assert( p->nOp>0 || p->aOp==0 );
assert( p->aOp==0 || p->aOp[p->nOp-1].zComment==0 || p->db->mallocFailed
|| p->pParse->nErr>0 );
if( p->nOp ){
assert( p->aOp );
sqlite3DbFree(p->db, p->aOp[p->nOp-1].zComment);
p->aOp[p->nOp-1].zComment = sqlite3VMPrintf(p->db, zFormat, ap);
}
}
void sqlite3VdbeComment(Vdbe *p, const char *zFormat, ...){
|
| ︙ | ︙ |
Changes to src/window.c.
| ︙ | ︙ | |||
930 931 932 933 934 935 936 |
ExprList *pSublist = 0; /* Expression list for sub-query */
Window *pMWin = p->pWin; /* Master window object */
Window *pWin; /* Window object iterator */
Table *pTab;
pTab = sqlite3DbMallocZero(db, sizeof(Table));
if( pTab==0 ){
| | | 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 |
ExprList *pSublist = 0; /* Expression list for sub-query */
Window *pMWin = p->pWin; /* Master window object */
Window *pWin; /* Window object iterator */
Table *pTab;
pTab = sqlite3DbMallocZero(db, sizeof(Table));
if( pTab==0 ){
return sqlite3ErrorToParser(db, SQLITE_NOMEM);
}
p->pSrc = 0;
p->pWhere = 0;
p->pGroupBy = 0;
p->pHaving = 0;
p->selFlags &= ~SF_Aggregate;
|
| ︙ | ︙ | |||
1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 |
}else{
sqlite3SelectDelete(db, pSub);
}
if( db->mallocFailed ) rc = SQLITE_NOMEM;
sqlite3DbFree(db, pTab);
}
return rc;
}
/*
** Unlink the Window object from the Select to which it is attached,
** if it is attached.
*/
| > > > > | 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 |
}else{
sqlite3SelectDelete(db, pSub);
}
if( db->mallocFailed ) rc = SQLITE_NOMEM;
sqlite3DbFree(db, pTab);
}
if( rc && pParse->nErr==0 ){
assert( pParse->db->mallocFailed );
return sqlite3ErrorToParser(pParse->db, SQLITE_NOMEM);
}
return rc;
}
/*
** Unlink the Window object from the Select to which it is attached,
** if it is attached.
*/
|
| ︙ | ︙ |