]> git.ipfire.org Git - thirdparty/sqlite.git/commitdiff
projects / thirdparty / sqlite.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8a03a98)
Fix a buffer overread that might occur in analyze.c if SQLITE_ENABLE_STAT4 was defined.
authordan <dan@noemail.net>
Fri, 5 Dec 2014 20:43:48 +0000 (20:43 +0000)
committerdan <dan@noemail.net>
Fri, 5 Dec 2014 20:43:48 +0000 (20:43 +0000)
FossilOrigin-Name: 194c90db637ad4197a54be83a665feb2a9c96014

manifest patch | blob | blame | history
manifest.uuid patch | blob | blame | history
src/analyze.c patch | blob | blame | history

diff --git a/manifest b/manifest
index b71864db0451b3c11d235bf9bbbff25ed25e2bc0..2762e815f693497fdd4a60a08c814dfeda3bcb02 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C The\sKeyInfo\scache\smust\sbe\scleared\sbefore\sclosing\sthe\sbtree,\snot\safter.\nRevised\sfix\sfor\sticket\s[e4a18565a36884b00edf].
-D 2014-12-05T15:25:49.142
+C Fix\sa\sbuffer\soverread\sthat\smight\soccur\sin\sanalyze.c\sif\sSQLITE_ENABLE_STAT4\swas\sdefined.
+D 2014-12-05T20:43:48.762
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in cf57f673d77606ab0f2d9627ca52a9ba1464146a
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -166,7 +166,7 @@ F sqlite.pc.in 42b7bf0d02e08b9e77734a47798d1a55a9e0716b
 F sqlite3.1 3d8b83c91651f53472ca17599dae3457b8b89494
 F sqlite3.pc.in 48fed132e7cb71ab676105d2a4dc77127d8c1f3a
 F src/alter.c ba266a779bc7ce10e52e59e7d3dc79fa342e8fdb
-F src/analyze.c 8c322e1ecc08909526dbd5ab4421889d05f2263d
+F src/analyze.c 614428e1de74f51f5db918e385f689d4fb3a895a
 F src/attach.c f4e94df2d1826feda65eb0939f7f6f5f923a0ad9
 F src/auth.c d8abcde53426275dab6243b441256fcd8ccbebb2
 F src/backup.c 8cdfeb0c8a6d8bdad3faefae418eb3dc767051b6
@@ -1206,7 +1206,7 @@ F tool/vdbe_profile.tcl 67746953071a9f8f2f668b73fe899074e2c6d8c1
 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4
 F tool/warnings.sh 0abfd78ceb09b7f7c27c688c8e3fe93268a13b32
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P 9f7560bc453f55570eb67e1a03359f0133d66d99
-R c773f0f4ea9c118e2f2d4aca4c769c11
-U drh
-Z 52f033891643ac2d92ef4238fb238551
+P 48529508cfe2f9445a6940222fe5ff7cc92aef78
+R 9c03e40230b03e031df69c10ef418c3a
+U dan
+Z 6fc3046bbfc50216164c29da1582b526
diff --git a/manifest.uuid b/manifest.uuid
index fd74438f996dca235cea9e4f387a91889fcb506e..8545445ac7586e59ca60a4b2b2bac8f687378e15 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-48529508cfe2f9445a6940222fe5ff7cc92aef78
\ No newline at end of file
+194c90db637ad4197a54be83a665feb2a9c96014
\ No newline at end of file
diff --git a/src/analyze.c b/src/analyze.c
index 7d36f013189bfee7b3fb55d78fb88afe629a1918..e655aaa50c7136cfb712f3799bcd3c65f3d050f6 100644 (file)
--- a/src/analyze.c
+++ b/src/analyze.c
@@ -1591,7 +1591,7 @@ static void initAvgEq(Index *pIdx){
       i64 nSum100 = 0;          /* Number of terms contributing to sumEq */
       i64 nDist100;             /* Number of distinct values in index */
 
-      if( pIdx->aiRowEst==0 || pIdx->aiRowEst[iCol+1]==0 ){
+      if( !pIdx->aiRowEst || iCol>=pIdx->nKeyCol || pIdx->aiRowEst[iCol+1]==0 ){
         nRow = pFinal->anLt[iCol];
         nDist100 = (i64)100 * pFinal->anDLt[iCol];
         nSample--;
Mirror of https://github.com/sqlite/sqlite.git