Fix a memory leak in the processing of nested row values. This problem has

author drh <drh@noemail.net>

Sun, 18 Feb 2018 17:50:03 +0000 (17:50 +0000)

committer drh <drh@noemail.net>

Sun, 18 Feb 2018 17:50:03 +0000 (17:50 +0000)
author drh <drh@noemail.net>
Sun, 18 Feb 2018 17:50:03 +0000 (17:50 +0000)
committer drh <drh@noemail.net>
Sun, 18 Feb 2018 17:50:03 +0000 (17:50 +0000)
diff --git a/manifest b/manifest

index 7d33baf3f33c069b6f52f744857eb5e8e3d686e9..646fefe6c5b0123ea0e8cc3aa54df58cb3a46b48 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Port\smutex\senhancments\sfrom\scheck-in\s[f53b8a573b]\sto\sthe\sWin32\simplementation.
-D 2018-02-18T00:54:06.860
+C Fix\sa\smemory\sleak\sin\sthe\sprocessing\sof\snested\srow\svalues.\s\sThis\sproblem\shas\nexisted\severy\ssince\srow\svalues\ssupport\swas\sadded\s(version\s3.15.0,\s2016-10-14)\nbut\swas\sonly\sjust\snow\sdetected\sby\sOSSFuzz.
+D 2018-02-18T17:50:03.135
  F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
  F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
  F Makefile.in 7a3f714b4fcf793108042b7b0a5c720b0b310ec84314d61ba7f3f49f27e550ea
@@ -574,7 +574,7 @@ F src/walker.c da987a20d40145c0a03c07d8fefcb2ed363becc7680d0500d9c79915591f5b1f
  F src/where.c 7cae47e813393d70c6d327fdf000fcb30f76b1b0b5a5b52ff6402e0c658de32c
  F src/whereInt.h 82c04c5075308abbac59180c8bad5ecb45b07453981f60a53f3c7dee21e1e971
  F src/wherecode.c e1aaadd8fec650037cfbf27d1b3470338fb3b58fec34d11082df16fe9a08fbd7
-F src/whereexpr.c 22dbfd3bf5f6051a61523dd0ebef7a944fb29ee4aa7d2a62feb8aac6ffbbc0eb
+F src/whereexpr.c 53532be687e12f3cd314f1e204cd4fbdac7ad250e918a182b048121e16e828ae
  F test/8_3_names.test ebbb5cd36741350040fd28b432ceadf495be25b2
  F test/affinity2.test a6d901b436328bd67a79b41bb0ac2663918fe3bd
  F test/affinity3.test 6a101af2fc945ce2912f6fe54dd646018551710d
@@ -1166,7 +1166,7 @@ F test/rollbackfault.test 0e646aeab8840c399cfbfa43daab46fd609cf04a
  F test/rowallock.test 3f88ec6819489d0b2341c7a7528ae17c053ab7cc
  F test/rowhash.test 0bc1d31415e4575d10cacf31e1a66b5cc0f8be81
  F test/rowid.test 5b7509f384f4f6fae1af3c8c104c8ca299fea18d
-F test/rowvalue.test 0bc33483f2ef5e69ff4bdd2ae58e36fc598bfd1605fb718c8329bcfc0c10cfd1
+F test/rowvalue.test 32861d6a933ded868035f2ec79aeb993a2a46eb7a6d282ae13415a4c2e369463
  F test/rowvalue2.test 060d238b7e5639a7c5630cb5e63e311b44efef2b
  F test/rowvalue3.test 3068f508753af69884b12125995f023da0dbb256
  F test/rowvalue4.test 4b556d7de161a0dd8cff095c336e913986398bea
@@ -1707,7 +1707,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
  F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
  F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
  F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P f53b8a573bfbb48780243d56ca8372165adb1b979731c43d46cd1f8eb7e593f3
-R 46ee6e1b6f9dc8c46dcea8bb3cc2eb52
-U mistachkin
-Z 55a8fbd8babcd295b13a70346a882792
+P 74bb7225d132c80fd5758bb8c120448e3b3e951d0ca2fa0c57cac0a9c6c27045
+R 31bbf28c288f447f1b599c906d481780
+U drh
+Z 61189c02e04bfbbf029a1ddaa686693e
diff --git a/manifest.uuid b/manifest.uuid

index 28ef8a23c63e3dfb9cb4fdad023da8b3e17b5f62..cc0ffaa4fc78fbc754041289cccde66a2232f738 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-74bb7225d132c80fd5758bb8c120448e3b3e951d0ca2fa0c57cac0a9c6c27045
-\ No newline at end of file
+2df6bbf1b8ca881c8a465d6624de66fde4c5975ccae6b2f2dda392b137f577de
+\ No newline at end of file
diff --git a/src/whereexpr.c b/src/whereexpr.c

index 82cc5196508b0bba2afbcdecfa515fe1277e5989..313c5ee9bc79222490c1b36604b3394869bb5abf 100644 (file)
--- a/src/whereexpr.c
+++ b/src/whereexpr.c
@@ -1291,7 +1291,7 @@ static void exprAnalyze(
        exprAnalyze(pSrc, pWC, idxNew);
      }
      pTerm = &pWC->a[idxTerm];
-    pTerm->wtFlags = TERM_CODED|TERM_VIRTUAL;  /* Disable the original */
+    pTerm->wtFlags |= TERM_CODED|TERM_VIRTUAL;  /* Disable the original */
      pTerm->eOperator = 0;
    }
  
diff --git a/test/rowvalue.test b/test/rowvalue.test

index 58051783015f7bb79eed17ab3f5fa0d022d0c88f..00d939533148aafa1a1677d227e11220c2da062c 100644 (file)
--- a/test/rowvalue.test
+++ b/test/rowvalue.test
@@ -540,4 +540,10 @@ do_execsql_test 19.36 {
    SELECT * FROM t1 WHERE (3,32)>=(a,b) ORDER BY a DESC;
  } {2 22 1 11}
  
+# 2018-02-18: Memory leak nexted row-value.  Detected by OSSFuzz.
+#
+do_catchsql_test 20.1 {
+  SELECT 1 WHERE (2,(2,0)) IS (2,(2,0));
+} {0 1}
+
  finish_test
author	drh <drh@noemail.net>
	Sun, 18 Feb 2018 17:50:03 +0000 (17:50 +0000)
committer	drh <drh@noemail.net>
	Sun, 18 Feb 2018 17:50:03 +0000 (17:50 +0000)
manifest		patch \| blob \| blame \| history
manifest.uuid		patch \| blob \| blame \| history
src/whereexpr.c		patch \| blob \| blame \| history
test/rowvalue.test		patch \| blob \| blame \| history