Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Avoid a left-shift of a negative value (undefined behaviour) when dealing with a corrupt database in fts3. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
b851d12474035328df8354c7da8d81bc |
| User & Date: | dan 2018-12-22 09:39:06 |
References
|
2018-12-26
| ||
| 11:39 | Avoid a left-shift of a negative value (undefined behaviour) when dealing with a corrupt database in fts3. Cherrypick of [b851d12474]. check-in: 2fa63a8b user: dan tags: branch-3.22 | |
Context
|
2018-12-26
| ||
| 11:39 | Avoid a left-shift of a negative value (undefined behaviour) when dealing with a corrupt database in fts3. Cherrypick of [b851d12474]. check-in: 2fa63a8b user: dan tags: branch-3.22 | |
|
2018-12-22
| ||
| 13:34 | Fix a "jump or move depends on uninitialized value" valgrind error that could occur in fts5 when dealing with a corrupt database. check-in: 3518c09b user: dan tags: trunk | |
| 09:39 | Avoid a left-shift of a negative value (undefined behaviour) when dealing with a corrupt database in fts3. check-in: b851d124 user: dan tags: trunk | |
| 07:16 | Fix cut-and-paste error in test file fts4umlaut.test. check-in: cad5da1b user: dan tags: trunk | |
Changes
Changes to ext/fts3/fts3.c.
334 334 }while( vu!=0 ); 335 335 q[-1] &= 0x7f; /* turn off high bit in final byte */ 336 336 assert( q - (unsigned char *)p <= FTS3_VARINT_MAX ); 337 337 return (int) (q - (unsigned char *)p); 338 338 } 339 339 340 340 #define GETVARINT_STEP(v, ptr, shift, mask1, mask2, var, ret) \ 341 - v = (v & mask1) | ( (*ptr++) << shift ); \ 341 + v = (v & mask1) | ( (*(ptr++)) << shift ); \ 342 342 if( (v & mask2)==0 ){ var = v; return ret; } 343 343 #define GETVARINT_INIT(v, ptr, shift, mask1, mask2, var, ret) \ 344 344 v = (*ptr++); \ 345 345 if( (v & mask2)==0 ){ var = v; return ret; } 346 346 347 347 /* 348 348 ** Read a 64-bit variable-length integer from memory starting at p[0]. ................................................................................ 372 372 } 373 373 374 374 /* 375 375 ** Similar to sqlite3Fts3GetVarint(), except that the output is truncated to 376 376 ** a non-negative 32-bit integer before it is returned. 377 377 */ 378 378 int sqlite3Fts3GetVarint32(const char *p, int *pi){ 379 + const unsigned char *ptr = (const unsigned char*)p; 379 380 u32 a; 380 381 381 382 #ifndef fts3GetVarint32 382 - GETVARINT_INIT(a, p, 0, 0x00, 0x80, *pi, 1); 383 + GETVARINT_INIT(a, ptr, 0, 0x00, 0x80, *pi, 1); 383 384 #else 384 - a = (*p++); 385 + a = (*ptr++); 385 386 assert( a & 0x80 ); 386 387 #endif 387 388 388 - GETVARINT_STEP(a, p, 7, 0x7F, 0x4000, *pi, 2); 389 - GETVARINT_STEP(a, p, 14, 0x3FFF, 0x200000, *pi, 3); 390 - GETVARINT_STEP(a, p, 21, 0x1FFFFF, 0x10000000, *pi, 4); 389 + GETVARINT_STEP(a, ptr, 7, 0x7F, 0x4000, *pi, 2); 390 + GETVARINT_STEP(a, ptr, 14, 0x3FFF, 0x200000, *pi, 3); 391 + GETVARINT_STEP(a, ptr, 21, 0x1FFFFF, 0x10000000, *pi, 4); 391 392 a = (a & 0x0FFFFFFF ); 392 - *pi = (int)(a | ((u32)(*p & 0x07) << 28)); 393 + *pi = (int)(a | ((u32)(*ptr & 0x07) << 28)); 393 394 assert( 0==(a & 0x80000000) ); 394 395 assert( *pi>=0 ); 395 396 return 5; 396 397 } 397 398 398 399 /* 399 400 ** Return the number of bytes required to encode v as a varint