/ Check-in [202f9919]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a segfault that could follow an OOM when querying a table that has one or more columns with default values "true" or "false".
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 202f9919c222ee933924c63c15ad36ec4481457b1e4d9179af14c9f284117c0c
User & Date: dan 2019-01-25 17:26:59
Context
2019-01-25
17:51
Fix harmless compiler warnings in fuzzcheck check-in: a8253966 user: drh tags: trunk
17:26
Fix a segfault that could follow an OOM when querying a table that has one or more columns with default values "true" or "false". check-in: 202f9919 user: dan tags: trunk
16:54
Fix asan warnings in fts5 triggered by corrupt databases - passing NULL to memcmp, out-of-range left-shift values and signed integer overflow. check-in: 93f8ec14 user: dan tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/vdbemem.c.

  1526   1526   #endif
  1527   1527   #ifdef SQLITE_ENABLE_STAT3_OR_STAT4
  1528   1528     else if( op==TK_FUNCTION && pCtx!=0 ){
  1529   1529       rc = valueFromFunction(db, pExpr, enc, affinity, &pVal, pCtx);
  1530   1530     }
  1531   1531   #endif
  1532   1532     else if( op==TK_TRUEFALSE ){
  1533         -     pVal = valueNew(db, pCtx);
  1534         -     pVal->flags = MEM_Int;
  1535         -     pVal->u.i = pExpr->u.zToken[4]==0;
         1533  +    pVal = valueNew(db, pCtx);
         1534  +    if( pVal ){
         1535  +      pVal->flags = MEM_Int;
         1536  +      pVal->u.i = pExpr->u.zToken[4]==0;
         1537  +    }
  1536   1538     }
  1537   1539   
  1538   1540     *ppVal = pVal;
  1539   1541     return rc;
  1540   1542   
  1541   1543   no_mem:
  1542   1544   #ifdef SQLITE_ENABLE_STAT3_OR_STAT4

Added test/insertfault.test.

            1  +# 2019-01-26
            2  +#
            3  +# The author disclaims copyright to this source code.  In place of
            4  +# a legal notice, here is a blessing:
            5  +#
            6  +#    May you do good and not evil.
            7  +#    May you find forgiveness for yourself and forgive others.
            8  +#    May you share freely, never taking more than you give.
            9  +#
           10  +#***********************************************************************
           11  +#
           12  +# Test cases for INSERT
           13  +
           14  +set testdir [file dirname $argv0]
           15  +source $testdir/tester.tcl
           16  +set testprefix insertfault
           17  +
           18  +do_execsql_test 1.0 {
           19  +  CREATE TABLE t1(a INTEGER PRIMARY KEY, b, c, d DEFAULT true);
           20  +  INSERT INTO t1 DEFAULT VALUES;
           21  +  SELECT * FROM t1;
           22  +} {1 {} {} 1}
           23  +faultsim_save_and_close
           24  +
           25  +breakpoint
           26  +do_faultsim_test 1 -faults oom* -prep {
           27  +  faultsim_restore_and_reopen
           28  +  db eval { SELECT * FROM sqlite_master } 
           29  +} -body {
           30  +  execsql { SELECT * FROM t1 }
           31  +} -test {
           32  +  faultsim_test_result {0 {1 {} {} 1}}
           33  +}
           34  +
           35  +
           36  +finish_test