Block injection of hyper-oversized SQL inputs into the parser.

FossilOrigin-Name: 42b6dab92464833eeae5fb261ed689e4b632132d7c8e1ea920aeeb5d50091ab7

diff --git a/manifest b/manifest
index eaf51ac0cfe2780669cb0f8459572f15971ffc04..a7e48a0e8b025eae326e364226fadaaa98d13ea0 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C More\stweaks\sto\sthe\sREADME.md\sfile.
-D 2025-11-30T11:12:37.039
+C Block\sinjection\sof\shyper-oversized\sSQL\sinputs\sinto\sthe\sparser.
+D 2025-11-30T17:26:53.167
 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
@@ -730,7 +730,7 @@ F src/pcache.c 588cc3c5ccaaadde689ed35ce5c5c891a1f7b1f4d1f56f6cf0143b74d8ee6484
 F src/pcache.h 1497ce1b823cf00094bb0cf3bac37b345937e6f910890c626b16512316d3abf5
 F src/pcache1.c 131ca0daf4e66b4608d2945ae76d6ed90de3f60539afbd5ef9ec65667a5f2fcd
 F src/pragma.c ecec75795c1821520266e4f93fa8840cce48979af532db06f085e36a7813860f
-F src/prepare.c f6a6e28a281bd1d1da12f47d370a81af46159b40f73bf7fa0b276b664f9c8b7d
+F src/prepare.c 48783efd7440445fcc8f2901868f3cac2c105ede48d4612b6f1f92404e558a8d
 F src/printf.c b1b29b5e58e1530d5daeee5963d3c318d8ab2d7e38437580e28755753e0c1ded
 F src/random.c 606b00941a1d7dd09c381d3279a058d771f406c5213c9932bbd93d5587be4b9c
 F src/resolve.c 5616fbcf3b833c7c705b24371828215ad0925d0c0073216c4f153348d5753f0a
@@ -2180,8 +2180,8 @@ F tool/version-info.c 33d0390ef484b3b1cb685d59362be891ea162123cea181cb8e6d2cf6dd
 F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7
 F tool/warnings.sh d924598cf2f55a4ecbc2aeb055c10bd5f48114793e7ba25f9585435da29e7e98
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P 3cd3256c7c595f54c8c12fafd1fb60349db82f69eb54fd9896b24db46a8b00d0
-R 8d7c07269c661f434eeb9522fe5e44f6
+P 1d79220ac9f6ad783dee48d341ebc9bb58f357b585baf1612b5aebbf8ad0cccb
+R 0065eeeab95a3049a86de91e0495a5f0
 U drh
-Z ded76f57b28c9895e13e364ea6c70858
+Z 6a0cb4a311ee1730d569692b4306cb40
 # Remove this line to create a well-formed Fossil manifest.

diff --git a/manifest.uuid b/manifest.uuid
index af48ddbea6b77350a7b377baf62a5ad30aafebea..0d0b2cced2fc095eecaa0a43de06882fd1a7676a 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-1d79220ac9f6ad783dee48d341ebc9bb58f357b585baf1612b5aebbf8ad0cccb
+42b6dab92464833eeae5fb261ed689e4b632132d7c8e1ea920aeeb5d50091ab7

diff --git a/src/prepare.c b/src/prepare.c
index be9e496f115177dc2ab052915aee687e3549846c..14f57081b7ad600c2deeff42b8b692efb93fa4b3 100644 (file)
--- a/src/prepare.c
+++ b/src/prepare.c
@@ -782,6 +782,10 @@ static int sqlite3Prepare(
     }else{
       sParse.zTail = &zSql[nBytes];
     }
+  }else if( strlen(zSql)>(size_t)db->aLimit[SQLITE_LIMIT_SQL_LENGTH] ){
+    sqlite3ErrorWithMsg(db, SQLITE_TOOBIG, "statement too long");
+    rc = sqlite3ApiExit(db, SQLITE_TOOBIG);
+    goto end_prepare;
   }else{
     sqlite3RunParser(&sParse, zSql);
   }