SQLite

Check-in [b584fd36f7]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a buffer overread that could occur when running fts5 prefix queries inside a transaction.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | branch-3.9
Files: files | file ages | folders
SHA3-256: b584fd36f787e6d7926dd54ce7e2cfcfe6616030e4e05f42a5725173e8a8a680
User & Date: dan 2019-09-03 19:29:38.481
Context
2019-09-03
19:29
Fix a buffer overread that could occur when running fts5 prefix queries inside a transaction. (Leaf check-in: b584fd36f7 user: dan tags: branch-3.9)
17:39
Disable the undocumented rtreenode() SQL function that is only used for testing, except when doing a build that is specifically intended for testing. (check-in: 7b4583f932 user: drh tags: branch-3.9)
2019-03-18
15:49
Fix a buffer overread that could occur when running fts5 prefix queries inside a transaction. (check-in: b3fa58dd74 user: dan tags: trunk)
Changes
Side-by-Side Diff Ignore Whitespace Patch
Changes to ext/fts5/fts5_hash.c. 
379
380
381
382
383
384
385

386


387
388
389
390
391
392
393

379
380
381
382
383
384
385
386

387
388
389
390
391
392
393
394
395








+
-
+
+








  ap = sqlite3_malloc(sizeof(Fts5HashEntry*) * nMergeSlot);
  if( !ap ) return SQLITE_NOMEM;
  memset(ap, 0, sizeof(Fts5HashEntry*) * nMergeSlot);

  for(iSlot=0; iSlot<pHash->nSlot; iSlot++){
    Fts5HashEntry *pIter;
    for(pIter=pHash->aSlot[iSlot]; pIter; pIter=pIter->pHashNext){
      if( pTerm==0
      if( pTerm==0 || 0==memcmp(pIter->zKey, pTerm, nTerm) ){
       || (strlen(pIter->zKey)>=nTerm && 0==memcmp(pIter->zKey, pTerm, nTerm))
      ){
        Fts5HashEntry *pEntry = pIter;
        pEntry->pScanNext = 0;
        for(i=0; ap[i]; i++){
          pEntry = fts5HashEntryMerge(pEntry, ap[i]);
          ap[i] = 0;
        }
        ap[i] = pEntry;
Changes to ext/fts5/test/fts5aa.test. 
529
530
531
532
533
534
535












536
537
538
539
540
541

529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553








+
+
+
+
+
+
+
+
+
+
+
+







]
do_test 20.1 {
  foreach id $::ids {
    execsql { INSERT INTO tmp(rowid, x) VALUES($id, 'x y z') }
  }
  execsql { SELECT rowid FROM tmp WHERE tmp MATCH 'y' }
} $::ids

#-------------------------------------------------------------------------
do_execsql_test 25.0 {
  CREATE VIRTUAL TABLE t13 USING fts5(x);
}
do_execsql_test 25.1 {
  BEGIN;
  INSERT INTO t13 VALUES('AAAA');
  SELECT * FROM t13('BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB*');

  END;
}



finish_test