Index: src/update.c
==================================================================
--- src/update.c
+++ src/update.c
@@ -394,11 +394,11 @@
     iPk = pParse->nMem+1;
     pParse->nMem += nPk;
     regKey = ++pParse->nMem;
     iEph = pParse->nTab++;
 
-    sqlite3VdbeAddOp2(v, OP_Null, 0, iPk);
+    sqlite3VdbeAddOp3(v, OP_Null, 0, iPk, iPk+nPk-1);
     addrOpen = sqlite3VdbeAddOp2(v, OP_OpenEphemeral, iEph, nPk);
     sqlite3VdbeSetP4KeyInfo(pParse, pPk);
   }
 
   /* Begin the database scan. 

Index: test/without_rowid1.test
==================================================================
--- test/without_rowid1.test
+++ test/without_rowid1.test
@@ -339,8 +339,21 @@
   CREATE INDEX t1x ON t1(x);
   INSERT INTO t1(x,b) VALUES('funny','buffalo');
   SELECT type, name, '|' FROM sqlite_master;
 } {table t1 | index t1x |}
 
+# 2018-04-05: OSSFuzz found that the following was accessing an 
+# unintialized memory cell. Which was not actually causing a 
+# malfunction, but does cause an assert() to fail.
+#
+do_execsql_test 9.0 {
+  CREATE TABLE t2(b, c, PRIMARY KEY(b,c)) WITHOUT ROWID;
+  CREATE UNIQUE INDEX t2b ON t2(b);
+  UPDATE t2 SET b=1 WHERE b='';
+}
+
+do_execsql_test 10.1 {
+  DELETE FROM t2 WHERE b=1
+}
 
   
 finish_test