SQLite

Check-in [89b0ee3351]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix an almost entirely harmless buffer overread in the sessions module.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | permutations-fix
Files: files | file ages | folders
SHA1: 89b0ee3351381f7bc666cb206f77a56f2e0d4a0e
User & Date: dan 2016-04-29 10:13:22.999
Context
2016-04-29
11:33
Modify the permutations.test script so as to set any permutation specific configuration values before running each individual test script. Fix a mostly harmless buffer overread in the sessions module. (check-in: 4cbd502454 user: dan tags: trunk)
10:13
Fix an almost entirely harmless buffer overread in the sessions module. (Closed-Leaf check-in: 89b0ee3351 user: dan tags: permutations-fix)
2016-04-28
14:59
Merge latest changes from trunk with this branch. (check-in: 45467ee498 user: dan tags: permutations-fix)
Changes
Side-by-Side Diff Ignore Whitespace Patch
Changes to ext/session/sqlite3session.c.
588
589
590
591
592
593
594

595
596


597
598
599
600
601
602









603
604
605
606
607
608
609
588
589
590
591
592
593
594
595


596
597
598





599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614







+
-
-
+
+

-
-
-
-
-
+
+
+
+
+
+
+
+
+







  u8 *aRight                      /* Change record */
){
  u8 *a1 = aLeft;                 /* Cursor to iterate through aLeft */
  u8 *a2 = aRight;                /* Cursor to iterate through aRight */
  int iCol;                       /* Used to iterate through table columns */

  for(iCol=0; iCol<pTab->nCol; iCol++){
    if( pTab->abPK[iCol] ){
    int n1 = sessionSerialLen(a1);
    int n2 = sessionSerialLen(a2);
      int n1 = sessionSerialLen(a1);
      int n2 = sessionSerialLen(a2);

    if( pTab->abPK[iCol] && (n1!=n2 || memcmp(a1, a2, n1)) ){
      return 0;
    }
    if( pTab->abPK[iCol] || bLeftPkOnly==0 ) a1 += n1;
    if( pTab->abPK[iCol] || bRightPkOnly==0 ) a2 += n2;
      if( pTab->abPK[iCol] && (n1!=n2 || memcmp(a1, a2, n1)) ){
        return 0;
      }
      a1 += n1;
      a2 += n2;
    }else{
      if( bLeftPkOnly==0 ) a1 += sessionSerialLen(a1);
      if( bRightPkOnly==0 ) a2 += sessionSerialLen(a2);
    }
  }

  return 1;
}

/*
** Arguments aLeft and aRight both point to buffers containing change