SQLite

Check-in [89b0ee3351]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix an almost entirely harmless buffer overread in the sessions module.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | permutations-fix
Files: files | file ages | folders
SHA1: 89b0ee3351381f7bc666cb206f77a56f2e0d4a0e
User & Date: dan 2016-04-29 10:13:22.999
Context
2016-04-29
11:33
Modify the permutations.test script so as to set any permutation specific configuration values before running each individual test script. Fix a mostly harmless buffer overread in the sessions module. (check-in: 4cbd502454 user: dan tags: trunk)
10:13
Fix an almost entirely harmless buffer overread in the sessions module. (Closed-Leaf check-in: 89b0ee3351 user: dan tags: permutations-fix)
2016-04-28
14:59
Merge latest changes from trunk with this branch. (check-in: 45467ee498 user: dan tags: permutations-fix)
Changes
Unified Diff Show Whitespace Changes Patch
Changes to ext/session/sqlite3session.c. 
588
589
590
591
592
593
594

595
596
597
598
599
600



601
602

603
604
605
606
607
608
609

  u8 *aRight                      /* Change record */
){
  u8 *a1 = aLeft;                 /* Cursor to iterate through aLeft */
  u8 *a2 = aRight;                /* Cursor to iterate through aRight */
  int iCol;                       /* Used to iterate through table columns */

  for(iCol=0; iCol<pTab->nCol; iCol++){

    int n1 = sessionSerialLen(a1);
    int n2 = sessionSerialLen(a2);

    if( pTab->abPK[iCol] && (n1!=n2 || memcmp(a1, a2, n1)) ){
      return 0;
    }



    if( pTab->abPK[iCol] || bLeftPkOnly==0 ) a1 += n1;
    if( pTab->abPK[iCol] || bRightPkOnly==0 ) a2 += n2;

  }

  return 1;
}

/*
** Arguments aLeft and aRight both point to buffers containing change








>






>
>
>
|
|
>








588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614

  u8 *aRight                      /* Change record */
){
  u8 *a1 = aLeft;                 /* Cursor to iterate through aLeft */
  u8 *a2 = aRight;                /* Cursor to iterate through aRight */
  int iCol;                       /* Used to iterate through table columns */

  for(iCol=0; iCol<pTab->nCol; iCol++){
    if( pTab->abPK[iCol] ){
    int n1 = sessionSerialLen(a1);
    int n2 = sessionSerialLen(a2);

    if( pTab->abPK[iCol] && (n1!=n2 || memcmp(a1, a2, n1)) ){
      return 0;
    }
      a1 += n1;
      a2 += n2;
    }else{
      if( bLeftPkOnly==0 ) a1 += sessionSerialLen(a1);
      if( bRightPkOnly==0 ) a2 += sessionSerialLen(a2);
    }
  }

  return 1;
}

/*
** Arguments aLeft and aRight both point to buffers containing change