New assert() statements to protect the u1 and u2 unions of SrcList.

FossilOrigin-Name: 9b91fbcfcc14048f7d0755d47d9b7f9212fa2eaa6f3c04f417fa16c3a47943bf

diff --git a/manifest b/manifest
index b1297c51f8fba10efe5efa71fa36fc55c91637ad..162e44b1aa64bfce58a7c8bc835372d1ad0f69e1 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Protect\saccess\sto\sthe\sExpr.y\sunion\susing\snearby\sassert()s\sand\sbranches.
-D 2021-10-07T20:46:29.719
+C New\sassert()\sstatements\sto\sprotect\sthe\su1\sand\su2\sunions\sof\sSrcList.
+D 2021-10-07T23:04:50.256
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -493,14 +493,14 @@ F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6
 F src/btree.c 15b8bdbcf4c26ca15ec420e8da440a6d170669ac2f3735deb1668d9f3284129e
 F src/btree.h 74d64b8f28cfa4a894d14d4ed64fa432cd697b98b61708d4351482ae15913e22
 F src/btreeInt.h 7bc15a24a02662409ebcd6aeaa1065522d14b7fda71573a2b0568b458f514ae0
-F src/build.c da127abe7fe2e2095116ec5b253ab5c77e5107bd29bbd63e258935173836e29c
+F src/build.c 46df621d2426fe04494ad83d86d2edb5f79f6a14a4595981e4de2502f172794e
 F src/callback.c 106b585da1edd57d75fa579d823a5218e0bf37f191dbf7417eeb4a8a9a267dbc
 F src/complete.c a3634ab1e687055cd002e11b8f43eb75c17da23e
 F src/ctime.c 8159d5f706551861c18ec6c8f6bdf105e15ea00367f05d9ab65d31a1077facc1
 F src/date.c fa928630fecf1d436cdc7a7a5c950c781709023ca782c21b7a43cc7361a9451e
 F src/dbpage.c 8a01e865bf8bc6d7b1844b4314443a6436c07c3efe1d488ed89e81719047833a
 F src/dbstat.c 861e08690fcb0f2ee1165eff0060ea8d4f3e2ea10f80dab7d32ad70443a6ff2d
-F src/delete.c 3ce6af6b64c8b476de51ccc32da0cb3142d42e65754e1d8118addf65b8bcba15
+F src/delete.c 0c151975fa99560767d7747f9b60543d0093d9f8b89f13d2d6058e9c83ad19e7
 F src/expr.c 529f7eca2821e874a375b1b318e697d62cb28f56069677c93f587f2de5dceb54
 F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007
 F src/fkey.c 187b67af20c5795953a592832c5d985e4313fe503ebd8f95e3e9e9ad5a730bb5
@@ -549,12 +549,12 @@ F src/printf.c 5901672228f305f7d493cbc4e7d76a61a5caecdbc1cd06b1f9ec42ea4265cf8d
 F src/random.c 097dc8b31b8fba5a9aca1697aeb9fd82078ec91be734c16bffda620ced7ab83c
 F src/resolve.c ae65c88f5d0d4bc0052b203773d407efa2387c2bd6b202f87178006c7bb8632c
 F src/rowset.c ba9515a922af32abe1f7d39406b9d35730ed65efab9443dc5702693b60854c92
-F src/select.c 56069fb5fae836179ffb58e8c4a2723a8c4e146abf7892472fbc5534a86e353f
+F src/select.c 2367906fef5bf128e31fc695d365463e2e482fc09a80b651ff2a38ed130a9842
 F src/shell.c.in ac685e63c506fb2e39375c83347c88bff84dc48fa5d6a59f508d7d67951693a0
 F src/sqlite.h.in 4e977a5e2ed1a9e8987ff65a2cab5f99a4298ebf040ea5ff636e1753339ff45a
 F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
 F src/sqlite3ext.h e97f4e9b509408fea4c4e9bef5a41608dfac343b4d3c7a990dedde1e19af9510
-F src/sqliteInt.h 62fad2ae3aaf94a9398d031dc20bd147e2954a93e3d85455f3d999bebed48121
+F src/sqliteInt.h d83718ee235209088e809480a1651123f864f8f6a42793877cd8c2c3ba052b60
 F src/sqliteLimit.h d7323ffea5208c6af2734574bae933ca8ed2ab728083caa117c9738581a31657
 F src/status.c 4b8bc2a6905163a38b739854a35b826c737333fab5b1f8e03fa7eb9a4799c4c1
 F src/table.c 0f141b58a16de7e2fbe81c308379e7279f4c6b50eb08efeec5892794a0ba30d1
@@ -636,7 +636,7 @@ F src/vxworks.h d2988f4e5a61a4dfe82c6524dd3d6e4f2ce3cdb9
 F src/wal.c 2be08331d798237ad5d7ae0b252700ffb2b63189cb18d993496d009a93e2f81c
 F src/wal.h c3aa7825bfa2fe0d85bef2db94655f99870a285778baa36307c0a16da32b226a
 F src/walker.c f890a3298418d7cba3b69b8803594fdc484ea241206a8dfa99db6dd36f8cbb3b
-F src/where.c 56e1902e9b91fb1fe159181a21c34abd59a01e2cb8f5ef4c3e478d32c5d838df
+F src/where.c 85109b6c33b83b9b93139a1eea633cf1dfdc1c43a0b45192cf7e8d85dd209bc8
 F src/whereInt.h 9248161dd004f625ce5d3841ca9b99fed3fc8d61522cf76340fc5217dbe1375b
 F src/wherecode.c 0bb4a2a82fc9ccfce105fb2ff2921de373c62aa60c770029f95bd8b685f3498a
 F src/whereexpr.c 4514a162d878b6523a698fac1d760991b5728be0d7e2b2b0687aa175144dcf15
@@ -1928,7 +1928,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 03cef1c30d96cd42682f57667bb3072c7643ef43fe05eda2d8b82c30789234af
-R 06b773afbf19fb9230871daeb2e22572
+P 87e2f5eb436fc448427b0e24fb70f29688796b513b8c7b12f1a21540dae1e56d
+R 26f96ed7e6bc8d87135a2e1f26f03c7a
 U drh
-Z 58c40dd2d56708967ad96d2415e961d1
+Z 1e388ad2186d49d3ab5f000ad284e609

diff --git a/manifest.uuid b/manifest.uuid
index 8fb5c801f478ddba64b6894fe292537e58a6a041..ef4b83ad5e0d548547c4769a14e3aa45f8741c72 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-87e2f5eb436fc448427b0e24fb70f29688796b513b8c7b12f1a21540dae1e56d
\ No newline at end of file
+9b91fbcfcc14048f7d0755d47d9b7f9212fa2eaa6f3c04f417fa16c3a47943bf
\ No newline at end of file

diff --git a/src/build.c b/src/build.c
index 58762bf370d1eaaa094ad96ede5c80f380db1e21..1bf0827121aea4f1b03321773420156844486514 100644 (file)
--- a/src/build.c
+++ b/src/build.c
@@ -4927,6 +4927,7 @@ void sqlite3SrcListIndexedBy(Parse *pParse, SrcList *p, Token *pIndexedBy){
     }else{
       pItem->u1.zIndexedBy = sqlite3NameFromToken(pParse->db, pIndexedBy);
       pItem->fg.isIndexedBy = 1;
+      assert( pItem->fg.isCte==0 );  /* No collision on union u2 */
     }
   }
 }

diff --git a/src/delete.c b/src/delete.c
index 0debce3cb8cbfeb8ed51fdc54153fd8fd16a4ec8..e2b283ea47244a76c5ab453c6c71d95f054f2668 100644 (file)
--- a/src/delete.c
+++ b/src/delete.c
@@ -210,6 +210,7 @@ Expr *sqlite3LimitWhere(
   pSelectSrc = sqlite3SrcListDup(db, pSrc, 0);
   pSrc->a[0].pTab = pTab;
   if( pSrc->a[0].fg.isIndexedBy ){
+    assert( pSrc->a[0].fg.isCte==0 );
     pSrc->a[0].u2.pIBIndex = 0;
     pSrc->a[0].fg.isIndexedBy = 0;
     sqlite3DbFree(db, pSrc->a[0].u1.zIndexedBy);

diff --git a/src/select.c b/src/select.c
index e846a02201d5a0192fe0a977dd0cd291772b3d5c..13ed20f6c36d31bd7c8a68234d833a334a12e3b6 100644 (file)
--- a/src/select.c
+++ b/src/select.c
@@ -4995,6 +4995,7 @@ int sqlite3IndexedByLookup(Parse *pParse, SrcItem *pFrom){
     pParse->checkSchema = 1;
     return SQLITE_ERROR;
   }
+  assert( pFrom->fg.isCte==0 );
   pFrom->u2.pIBIndex = pIdx;
   return SQLITE_OK;
 }
@@ -5252,6 +5253,7 @@ static int resolveFromTermToCte(
     if( db->mallocFailed ) return 2;
     pFrom->pSelect->selFlags |= SF_CopyCte;
     assert( pFrom->pSelect );
+    assert( pFrom->fg.isIndexedBy==0 ); /* Prevent collision in union u2 */
     pFrom->fg.isCte = 1;
     pFrom->u2.pCteUse = pCteUse;
     pCteUse->nUse++;

diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index 009742c4da52456d7d930f7ae18937458aebf680..f517431681f39cd73b02000233fdf8ad619e4a39 100644 (file)
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -2975,11 +2975,12 @@ struct ExprList {
     unsigned bSorterRef :1; /* Defer evaluation until after sorting */
     unsigned bNulls: 1;     /* True if explicit "NULLS FIRST/LAST" */
     union {
-      struct {
+      struct {             /* Used by any ExprList other than Parse.pConsExpr */
         u16 iOrderByCol;      /* For ORDER BY, column number in result set */
         u16 iAlias;           /* Index into Parse.aAlias[] for zName */
       } x;
-      int iConstExprReg;      /* Register in which Expr value is cached */
+      int iConstExprReg;   /* Register in which Expr value is cached. Used only
+                           ** by Parse.pConstExpr */
     } u;
   } a[1];                  /* One slot for each expression in the list */
 };

diff --git a/src/where.c b/src/where.c
index 7583f056315259990ba9746e4d2ad5295b1218dc..4d1737660098120d21d76717271d56008d889ea2 100644 (file)
--- a/src/where.c
+++ b/src/where.c
@@ -3002,6 +3002,7 @@ static int whereLoopAddBtree(
   assert( !IsVirtual(pSrc->pTab) );
 
   if( pSrc->fg.isIndexedBy ){
+    assert( pSrc->fg.isCte==0 );
     /* An INDEXED BY clause specifies a particular index to use */
     pProbe = pSrc->u2.pIBIndex;
   }else if( !HasRowid(pTab) ){