Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix the isLikeOrGlob() routine in the WHERE clause processing logic so that it avoids signed/unsigned character comparisons, as that can lead to an incorrect answer if the ESCAPE clause is an invalid UTF8 string. Problem found by OSSFuzz. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
4195a3f8b5d2c2ec63771890c5aa7b5e |
| User & Date: | drh 2018-08-09 21:45:45 |
Context
|
2018-08-13
| ||
| 11:32 | Fix an incorrect comment on the unix-nolock VFS object. No functional code changes. check-in: 90f7c193 user: drh tags: trunk | |
|
2018-08-10
| ||
| 15:27 | Merge latest trunk changes with this branch. check-in: c355a837 user: dan tags: alter-table-rename-column | |
|
2018-08-09
| ||
| 21:45 | Fix the isLikeOrGlob() routine in the WHERE clause processing logic so that it avoids signed/unsigned character comparisons, as that can lead to an incorrect answer if the ESCAPE clause is an invalid UTF8 string. Problem found by OSSFuzz. check-in: 4195a3f8 user: drh tags: trunk | |
| 18:36 | When a column must be a constant due to WHERE clause and the value of that column is being coded as a constant, make sure the affinity is correct. check-in: 7404ea83 user: drh tags: trunk | |
Changes
Changes to src/whereexpr.c.
190 190 static int isLikeOrGlob( 191 191 Parse *pParse, /* Parsing and code generating context */ 192 192 Expr *pExpr, /* Test this expression */ 193 193 Expr **ppPrefix, /* Pointer to TK_STRING expression with pattern prefix */ 194 194 int *pisComplete, /* True if the only wildcard is % in the last character */ 195 195 int *pnoCase /* True if uppercase is equivalent to lowercase */ 196 196 ){ 197 - const u8 *z = 0; /* String on RHS of LIKE operator */ 197 + const u8 *z = 0; /* String on RHS of LIKE operator */ 198 198 Expr *pRight, *pLeft; /* Right and left size of LIKE operator */ 199 199 ExprList *pList; /* List of operands to the LIKE operator */ 200 - int c; /* One character in z[] */ 200 + u8 c; /* One character in z[] */ 201 201 int cnt; /* Number of non-wildcard prefix characters */ 202 - char wc[4]; /* Wildcard characters */ 202 + u8 wc[4]; /* Wildcard characters */ 203 203 sqlite3 *db = pParse->db; /* Database connection */ 204 204 sqlite3_value *pVal = 0; 205 205 int op; /* Opcode of pRight */ 206 206 int rc; /* Result code to return */ 207 207 208 - if( !sqlite3IsLikeFunction(db, pExpr, pnoCase, wc) ){ 208 + if( !sqlite3IsLikeFunction(db, pExpr, pnoCase, (char*)wc) ){ 209 209 return 0; 210 210 } 211 211 #ifdef SQLITE_EBCDIC 212 212 if( *pnoCase ) return 0; 213 213 #endif 214 214 pList = pExpr->x.pList; 215 215 pLeft = pList->a[1].pExpr;
Changes to test/fuzzdata5.db.
cannot compute difference between binary files