/ Check-in [d49afb8f]
Login
Home Timeline Branches Tags Tickets Wiki More...

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a NULL pointer dereference after a syntax error that can occur as a result of check-in [6b2ff26c25bb9da3] yesterday. This problem was discovered by the OSSFuzz.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: d49afb8f9804e96662d1e3cadc4c6643908706d848a53d5ed019919c98f2ccba
User & Date: drh 2017-12-24 18:56:28
Context
2017-12-25
13:43
Fix an assertion fault on a syntax error input caused by check-in [6b2ff26c25bb9da3]. Problem discovered by OSSFuzz. check-in: 90d6e4f1 user: drh tags: trunk
2017-12-24
18:56
Fix a NULL pointer dereference after a syntax error that can occur as a result of check-in [6b2ff26c25bb9da3] yesterday. This problem was discovered by the OSSFuzz. check-in: d49afb8f user: drh tags: trunk
2017-12-23
14:39
Simplification to the error handling logic in the extension loader. check-in: 07c77314 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/build.c. 

  1961   1961         assert(pParse->nTab==1);
  1962   1962         sqlite3MayAbort(pParse);
  1963   1963         sqlite3VdbeAddOp3(v, OP_OpenWrite, 1, pParse->regRoot, iDb);
  1964   1964         sqlite3VdbeChangeP5(v, OPFLAG_P2ISREG);
  1965   1965         pParse->nTab = 2;
  1966   1966         addrTop = sqlite3VdbeCurrentAddr(v) + 1;
  1967   1967         sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, addrTop);
         1968  +      if( pParse->nErr ) return;
  1968   1969         pSelTab = sqlite3ResultSetOfSelect(pParse, pSelect);
  1969   1970         if( pSelTab==0 ) return;
  1970   1971         assert( p->aCol==0 );
  1971   1972         p->nCol = pSelTab->nCol;
  1972   1973         p->aCol = pSelTab->aCol;
  1973   1974         pSelTab->nCol = 0;
  1974   1975         pSelTab->aCol = 0;

Changes to test/colname.test. 

   393    393   do_test colname-9.310 {
   394    394     execsql2 {SELECT BBb FROM (SELECT aaa AS Bbb FROM t1)}
   395    395   } {Bbb 123}
   396    396   do_execsql_test colname-9.320 {
   397    397     CREATE TABLE t2 AS SELECT BBb FROM (SELECT aaa AS Bbb FROM t1);
   398    398     SELECT name FROM pragma_table_info('t2');
   399    399   } {Bbb}
          400  +
          401  +# Issue detected by clusterfuzz on 2017-12-24 (Christmas Eve)
          402  +# caused by check-in https://sqlite.org/src/info/6b2ff26c25
          403  +#
          404  +# Prior to being fixed, the following CREATE TABLE was dereferencing
          405  +# a NULL pointer and segfaulting.
          406  +#
          407  +do_catchsql_test colname-9.400 {
          408  +  CREATE TABLE t4 AS SELECT #0;
          409  +} {1 {near "#0": syntax error}}
   400    410   
   401    411   
   402    412   # Make sure the quotation marks get removed from the column names
   403    413   # when constructing a new table from an aggregate SELECT.
   404    414   # Email from Juergen Palm on 2017-07-11.
   405    415   #
   406    416   do_execsql_test colname-10.100 {

This page was generated in about 0.01s by Fossil 2.10 [b94e15cff7] 2019-09-13 13:54:36