SQLite: Check-in [6f2d43ec]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview

Comment:	Fix the ossfuzz.c test module so that it does not segfault after a "PRAGMA empty_result_callbacks=1;". Add the ossshell.c program for simple command-line testing of ossfuzz.c.
Downloads:	Tarball \| ZIP archive \| SQL archive
Timelines:	family \| ancestors \| descendants \| both \| trunk
Files:	files \| file ages \| folders
SHA1:	6f2d43eca68175ed28abae3afa792095af906af2
User & Date:	drh 2016-11-14 17:25:57

Context

2016-11-14
18:27		Enhance fuzzcheck.c to accept database-specific configuration parameters in the option CONFIG table. Add the fuzzdata5.db fuzz database containing test cases from OSS-FUZZ. check-in: a71fad45 user: drh tags: trunk
17:25		Fix the ossfuzz.c test module so that it does not segfault after a "PRAGMA empty_result_callbacks=1;". Add the ossshell.c program for simple command-line testing of ossfuzz.c. check-in: 6f2d43ec user: drh tags: trunk
15:28		Avoid unnecessary calls to sqlite3ExprCacheAffinityChange() when generating OP_MakeRecord opcodes that do not change any register affinities. check-in: e211c579 user: drh tags: trunk

Changes

Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to main.mk.

   511    511   	  $(FUZZERSHELL_OPT) $(TOP)/tool/fuzzershell.c sqlite3.c \
   512    512   	  $(TLIBS) $(THREADLIB)
   513    513   
   514    514   fuzzcheck$(EXE):	$(TOP)/test/fuzzcheck.c sqlite3.c sqlite3.h $(TOP)/test/ossfuzz.c
   515    515   	$(TCCX) -o fuzzcheck$(EXE) -DSQLITE_THREADSAFE=0 -DSQLITE_OMIT_LOAD_EXTENSION \
   516    516   		-DSQLITE_ENABLE_MEMSYS5 $(FUZZCHECK_OPT) -DSQLITE_OSS_FUZZ \
   517    517   		$(TOP)/test/fuzzcheck.c $(TOP)/test/ossfuzz.c sqlite3.c $(TLIBS) $(THREADLIB)
          518  +
          519  +ossshell$(EXE):	$(TOP)/test/ossfuzz.c $(TOP)/test/ossshell.c sqlite3.c sqlite3.h
          520  +	$(TCCX) -o ossshell$(EXE) -DSQLITE_THREADSAFE=0 -DSQLITE_OMIT_LOAD_EXTENSION \
          521  +		-DSQLITE_ENABLE_MEMSYS5 $(FUZZCHECK_OPT) \
          522  +		$(TOP)/test/ossfuzz.c $(TOP)/test/ossshell.c sqlite3.c $(TLIBS) $(THREADLIB)
   518    523   
   519    524   mptester$(EXE):	sqlite3.c $(TOP)/mptest/mptest.c
   520    525   	$(TCCX) -o $@ -I. $(TOP)/mptest/mptest.c sqlite3.c \
   521    526   		$(TLIBS) $(THREADLIB)
   522    527   
   523    528   MPTEST1=./mptester$(EXE) mptest1.db $(TOP)/mptest/crash01.test --repeat 20
   524    529   MPTEST2=./mptester$(EXE) mptest2.db $(TOP)/mptest/multiwrite01.test --repeat 20

Changes to test/ossfuzz.c.

    14     14   }
    15     15   
    16     16   /*
    17     17   ** Callback for sqlite3_exec().
    18     18   */
    19     19   static int exec_handler(void *pCnt, int argc, char **argv, char **namev){
    20     20     int i;
    21         -  for(i=0; i<argc; i++) sqlite3_free(sqlite3_mprintf("%s", argv[i]));
           21  +  if( argv ){
           22  +    for(i=0; i<argc; i++) sqlite3_free(sqlite3_mprintf("%s", argv[i]));
           23  +  }
    22     24     return ((*(int*)pCnt)--)<=0;
    23     25   }
    24     26   
    25     27   /*
    26     28   ** Main entry point.  The fuzzer invokes this function with each
    27     29   ** fuzzed input.
    28     30   */

Added test/ossshell.c.

class="diffln"> 1 +/* 2 +** This is a test interface for the ossfuzz.c module. The ossfuzz.c module 3 +** is an adaptor for OSS-FUZZ. (https://github.com/google/oss-fuzz) 4 +** 5 +** This program links against ossfuzz.c. It reads files named on the 6 +** command line and passes them one by one into ossfuzz.c. 7 +*/ 8 +#include <stddef.h> 9 +#include <stdint.h> 10 +#include <stdio.h> 11 +#include <stdlib.h> 12 +#include "sqlite3.h" 13 + 14 +/* 15 +** The entry point in ossfuzz.c that this routine will be calling 16 +*/ 17 +int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size); 18 + 19 + 20 +/* 21 +** Read files named on the command-line and invoke the fuzzer for 22 +** each one. 23 +*/ 24 +int main(int argc, char **argv){ 25 + FILE *in; 26 + int i; 27 + int nErr = 0; 28 + uint8_t *zBuf = 0; 29 + size_t sz; 30 + 31 + for(i=1; i<argc; i++){ 32 + const char *zFilename = argv[i]; 33 + in = fopen(zFilename, "rb"); 34 + if( in==0 ){ 35 + fprintf(stderr, "cannot open \"%s\"\n", zFilename); 36 + nErr++; 37 + continue; 38 + } 39 + fseek(in, 0, SEEK_END); 40 + sz = ftell(in); 41 + rewind(in); 42 + zBuf = realloc(zBuf, sz); 43 + if( zBuf==0 ){ 44 + fprintf(stderr, "cannot malloc() for %d bytes\n", (int)sz); 45 + exit(1); 46 + } 47 + if( fread(zBuf, sz, 1, in)!=1 ){ 48 + fprintf(stderr, "cannot read %d bytes from \"%s\"\n", 49 + (int)sz, zFilename); 50 + nErr++; 51 + }else{ 52 + printf("%s... ", zFilename); 53 + fflush(stdout); 54 + (void)LLVMFuzzerTestOneInput(zBuf, sz); 55 + printf("ok\n"); 56 + } 57 + fclose(in); 58 + } 59 + free(zBuf); 60 + return nErr; 61 +}

Changes to tool/fuzzershell.c.

   191    191   /*
   192    192   ** This callback is invoked by sqlite3_exec() to return query results.
   193    193   */
   194    194   static int execCallback(void *NotUsed, int argc, char **argv, char **colv){
   195    195     int i;
   196    196     static unsigned cnt = 0;
   197    197     printf("ROW #%u:\n", ++cnt);
   198         -  for(i=0; i<argc; i++){
   199         -    printf(" %s=", colv[i]);
   200         -    if( argv[i] ){
   201         -      printf("[%s]\n", argv[i]);
   202         -    }else{
   203         -      printf("NULL\n");
          198  +  if( argv ){
          199  +    for(i=0; i<argc; i++){
          200  +      printf(" %s=", colv[i]);
          201  +      if( argv[i] ){
          202  +        printf("[%s]\n", argv[i]);
          203  +      }else{
          204  +        printf("NULL\n");
          205  +      }
   204    206       }
   205    207     }
   206    208     fflush(stdout);
   207    209     return 0;
   208    210   }
   209    211   static int execNoop(void *NotUsed, int argc, char **argv, char **colv){
   210    212     return 0;