/ Check-in [71c03b59]
Login
Home Timeline Branches

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a potential assertion fault discovered by OSS-Fuzz.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 71c03b59b645884ebd6b9e18713cd2eb8c949870
User & Date: drh 2017-01-10 15:08:06
Context
2017-01-10
16:09
Avoid unnecessary calls to the xRoundup() method of the memory allocator when the soft heap limit is not set. (check-in: 4209b89e user: drh tags: trunk)
15:08
Fix a potential assertion fault discovered by OSS-Fuzz. (check-in: 71c03b59 user: drh tags: trunk)
2017-01-09
19:55
Remove a redundant assignment statement. (check-in: a5fa0965 user: drh tags: trunk)
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/whereexpr.c. 

   909    909     Expr *pStr1 = 0;                 /* RHS of LIKE/GLOB operator */
   910    910     int isComplete = 0;              /* RHS of LIKE/GLOB ends with wildcard */
   911    911     int noCase = 0;                  /* uppercase equivalent to lowercase */
   912    912     int op;                          /* Top-level operator.  pExpr->op */
   913    913     Parse *pParse = pWInfo->pParse;  /* Parsing context */
   914    914     sqlite3 *db = pParse->db;        /* Database connection */
   915    915     unsigned char eOp2;              /* op2 value for LIKE/REGEXP/GLOB */
          916  +  int nLeft;                       /* Number of elements on left side vector */
   916    917   
   917    918     if( db->mallocFailed ){
   918    919       return;
   919    920     }
   920    921     pTerm = &pWC->a[idxTerm];
   921    922     pMaskSet = &pWInfo->sMaskSet;
   922    923     pExpr = pTerm->pExpr;
................................................................................
  1180   1181     ** new terms completely replace the original vector comparison, which is
  1181   1182     ** no longer used.
  1182   1183     **
  1183   1184     ** This is only required if at least one side of the comparison operation
  1184   1185     ** is not a sub-select.  */
  1185   1186     if( pWC->op==TK_AND 
  1186   1187     && (pExpr->op==TK_EQ || pExpr->op==TK_IS)
  1187         -  && sqlite3ExprIsVector(pExpr->pLeft)
         1188  +  && (nLeft = sqlite3ExprVectorSize(pExpr->pLeft))>1
         1189  +  && sqlite3ExprVectorSize(pExpr->pRight)==nLeft
  1188   1190     && ( (pExpr->pLeft->flags & EP_xIsSelect)==0 
  1189         -    || (pExpr->pRight->flags & EP_xIsSelect)==0
  1190         -  )){
  1191         -    int nLeft = sqlite3ExprVectorSize(pExpr->pLeft);
         1191  +    || (pExpr->pRight->flags & EP_xIsSelect)==0)
         1192  +  ){
  1192   1193       int i;
  1193         -    assert( nLeft==sqlite3ExprVectorSize(pExpr->pRight) );
  1194   1194       for(i=0; i<nLeft; i++){
  1195   1195         int idxNew;
  1196   1196         Expr *pNew;
  1197   1197         Expr *pLeft = sqlite3ExprForVectorField(pParse, pExpr->pLeft, i);
  1198   1198         Expr *pRight = sqlite3ExprForVectorField(pParse, pExpr->pRight, i);
  1199   1199   
  1200   1200         pNew = sqlite3PExpr(pParse, pExpr->op, pLeft, pRight);

This page was generated in about 0.007s by Fossil 2.12 [4cf3586431] 2020-08-12 14:07:32