]> git.ipfire.org Git - thirdparty/sqlite.git/commitdiff
Fix a bug in the new WHERE-clause processing that tries to use an
authordrh <drh@noemail.net>
Fri, 11 Feb 2011 06:59:02 +0000 (06:59 +0000)
committerdrh <drh@noemail.net>
Fri, 11 Feb 2011 06:59:02 +0000 (06:59 +0000)
index to resolve IS NOT NULL constraints when SQLITE_ENABLE_STAT2 is
defined.  The bug could cause memory overruns and segfaults.  The bug
was new to the code and has not appeared in an official release.
Found during structural testing.

FossilOrigin-Name: a5c36b9f39ab9629b857ec9c550f3892c0d94fb4

manifest
manifest.uuid
src/where.c

index e16afa35bb917453a1181fcfaf0b25849ac05410..a733d84d376f543751206c44605e03392ed2504b 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,8 +1,8 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
-C Allow\san\sindex\spaired\swith\sa\sNOT\sNULL\sconstraint\sto\sbe\sused\sfor\ssorting\nunder\sthe\scondition\sthat\sthe\sindex\sbe\streated\sas\sa\snon-unique\sindex.
-D 2011-02-11T03:56:11.449
+C Fix\sa\sbug\sin\sthe\snew\sWHERE-clause\sprocessing\sthat\stries\sto\suse\san\nindex\sto\sresolve\sIS\sNOT\sNULL\sconstraints\swhen\sSQLITE_ENABLE_STAT2\sis\ndefined.\s\sThe\sbug\scould\scause\smemory\soverruns\sand\ssegfaults.\s\sThe\sbug\nwas\snew\sto\sthe\scode\sand\shas\snot\sappeared\sin\san\sofficial\srelease.\nFound\sduring\sstructural\stesting.
+D 2011-02-11T06:59:02.077
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in 27701a1653595a1f2187dc61c8117e00a6c1d50f
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -244,7 +244,7 @@ F src/vtab.c b297e8fa656ab5e66244ab15680d68db0adbec30
 F src/wal.c aca10a60655e103fc8630a75345000f43c6d47ca
 F src/wal.h 7a5fbb00114b7f2cd40c7e1003d4c41ce9d26840
 F src/walker.c 3112bb3afe1d85dc52317cb1d752055e9a781f8f
-F src/where.c 96d634b85310cfcfe89f004aa8525b57d8898315
+F src/where.c 9c140acd52f4526983cba7203e6a5bb0ccadb5fb
 F test/aggerror.test a867e273ef9e3d7919f03ef4f0e8c0d2767944f2
 F test/alias.test 4529fbc152f190268a15f9384a5651bbbabc9d87
 F test/all.test 51756962d522e474338e9b2ebb26e7364d4aa125
@@ -909,14 +909,14 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
 F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
 F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e
 F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f
-P 5ecd11788269e78dc26639b2503a10b7e25b2483
-R efe2bc1def692179832d1c52a5f44bf5
+P d78949fc93077e1aa7f05cf9f7e947727939cc96
+R 8bf997eb58840da6ea5fc0460a5915e4
 U drh
-Z 7fabc9263a982330a71ce326ddcb4d5b
+Z ecfd6670d90bd69fb37c6fe27914ad94
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.6 (GNU/Linux)
 
-iD8DBQFNVLNeoxKgR168RlERAnOpAKCHCIoShZYXHuUaFypK9VIeAKx74QCfeuXj
-wxJDR+7h4QKi3fBF3WRZCW4=
-=fdWc
+iD8DBQFNVN45oxKgR168RlERAvEcAKCKMMGQphlQ+Hn4oqkHISuiniFSUwCfWmNB
+RyNIDwf8qVSXpFcCAhKBw4Q=
+=C6OR
 -----END PGP SIGNATURE-----
index 073b551de94b0ae43e877d086dc60db3a0aa8cfc..cdb7341de540dc8ebcd97a2f84c64532ca72567b 100644 (file)
@@ -1 +1 @@
-d78949fc93077e1aa7f05cf9f7e947727939cc96
\ No newline at end of file
+a5c36b9f39ab9629b857ec9c550f3892c0d94fb4
\ No newline at end of file
index c6f0cbe3f5c9424f511e2a7d3776f264bd0f1f61..a57884c4bd2107cd3e4540ee30a4d6160b61afaa 100644 (file)
@@ -1354,16 +1354,18 @@ static void exprAnalyze(
 
     idxNew = whereClauseInsert(pWC, pNewExpr,
                               TERM_VIRTUAL|TERM_DYNAMIC|TERM_VNULL);
-    testcase( idxNew==0 );
-    pNewTerm = &pWC->a[idxNew];
-    pNewTerm->leftCursor = pLeft->iTable;
-    pNewTerm->u.leftColumn = pLeft->iColumn;
-    pNewTerm->eOperator = WO_GT;
-    pNewTerm->iParent = idxTerm;
-    pTerm = &pWC->a[idxTerm];
-    pTerm->nChild = 1;
-    pTerm->wtFlags |= TERM_COPIED;
-    pNewTerm->prereqAll = pTerm->prereqAll;
+    if( idxNew ){
+      pNewTerm = &pWC->a[idxNew];
+      pNewTerm->prereqRight = 0;
+      pNewTerm->leftCursor = pLeft->iTable;
+      pNewTerm->u.leftColumn = pLeft->iColumn;
+      pNewTerm->eOperator = WO_GT;
+      pNewTerm->iParent = idxTerm;
+      pTerm = &pWC->a[idxTerm];
+      pTerm->nChild = 1;
+      pTerm->wtFlags |= TERM_COPIED;
+      pNewTerm->prereqAll = pTerm->prereqAll;
+    }
   }
 #endif /* SQLITE_ENABLE_STAT2 */