/ Check-in [a3b02db7]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix an instance where an uninitialized VM register might be accessed. Fix for [093420fc0]. This problem was found by OSSFuzz.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: a3b02db74681a215996c5ed110eb0ece5ed24f71a1b131c10e9f33e666af0256
User & Date: dan 2018-04-05 16:26:39
Context
2018-04-06
16:22
Fix a problem in the sessions module causing sqlite3session_apply_strm() to allocate enough memory for the entire input buffer - which defeats the point of a streaming interface. check-in: 7594e609 user: dan tags: trunk
2018-04-05
16:26
Fix an instance where an uninitialized VM register might be accessed. Fix for [093420fc0]. This problem was found by OSSFuzz. check-in: a3b02db7 user: dan tags: trunk
12:02
Fix the sqlite3WhereTrace mechanism so that it compiles with the --disable-amalgamation and the --enable-debug options to ./configure using clang. check-in: 81322436 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/update.c.

   392    392       assert( pPk!=0 );
   393    393       nPk = pPk->nKeyCol;
   394    394       iPk = pParse->nMem+1;
   395    395       pParse->nMem += nPk;
   396    396       regKey = ++pParse->nMem;
   397    397       iEph = pParse->nTab++;
   398    398   
   399         -    sqlite3VdbeAddOp2(v, OP_Null, 0, iPk);
          399  +    sqlite3VdbeAddOp3(v, OP_Null, 0, iPk, iPk+nPk-1);
   400    400       addrOpen = sqlite3VdbeAddOp2(v, OP_OpenEphemeral, iEph, nPk);
   401    401       sqlite3VdbeSetP4KeyInfo(pParse, pPk);
   402    402     }
   403    403   
   404    404     /* Begin the database scan. 
   405    405     **
   406    406     ** Do not consider a single-pass strategy for a multi-row update if

Changes to test/without_rowid1.test.

   337    337   do_execsql_test 8.1 {
   338    338     CREATE TABLE t1(x INTEGER PRIMARY KEY UNIQUE, b) WITHOUT ROWID;
   339    339     CREATE INDEX t1x ON t1(x);
   340    340     INSERT INTO t1(x,b) VALUES('funny','buffalo');
   341    341     SELECT type, name, '|' FROM sqlite_master;
   342    342   } {table t1 | index t1x |}
   343    343   
          344  +# 2018-04-05: OSSFuzz found that the following was accessing an 
          345  +# unintialized memory cell. Which was not actually causing a 
          346  +# malfunction, but does cause an assert() to fail.
          347  +#
          348  +do_execsql_test 9.0 {
          349  +  CREATE TABLE t2(b, c, PRIMARY KEY(b,c)) WITHOUT ROWID;
          350  +  CREATE UNIQUE INDEX t2b ON t2(b);
          351  +  UPDATE t2 SET b=1 WHERE b='';
          352  +}
          353  +
          354  +do_execsql_test 10.1 {
          355  +  DELETE FROM t2 WHERE b=1
          356  +}
   344    357   
   345    358     
   346    359   finish_test