From: dan Date: Sat, 15 Apr 2023 19:58:58 +0000 (+0000) Subject: Fix a use-after-free that could follow an OOM or IO error in fts5 when using 'secure... X-Git-Tag: version-3.42.0~139 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0e429cf934a981ab9152703568393bb05070dc25;p=thirdparty%2Fsqlite.git Fix a use-after-free that could follow an OOM or IO error in fts5 when using 'secure-delete' mode. FossilOrigin-Name: 904be83d9f3dd4b21a3aa47dde337b5c045b925ffdde4bccd1f8e8fdbef68c18 --- diff --git a/ext/fts5/fts5_index.c b/ext/fts5/fts5_index.c index a8662240d2..2a53514506 100644 --- a/ext/fts5/fts5_index.c +++ b/ext/fts5/fts5_index.c @@ -4994,7 +4994,7 @@ static void fts5FlushOneHash(Fts5Index *p){ ** using fts5FlushSecureDelete(). */ if( bSecureDelete && (pDoclist[iOff] & 0x01) ){ fts5FlushSecureDelete(p, pStruct, zTerm, iRowid); - if( pDoclist[iOff]==0x01 ){ + if( p->rc!=SQLITE_OK || pDoclist[iOff]==0x01 ){ iOff++; continue; } diff --git a/ext/fts5/test/fts5securefault.test b/ext/fts5/test/fts5securefault.test index f6124bd3bf..09e44b0903 100644 --- a/ext/fts5/test/fts5securefault.test +++ b/ext/fts5/test/fts5securefault.test @@ -190,9 +190,7 @@ do_faultsim_test 6.1 -faults oom* -prep { } } -body { execsql { - BEGIN; - UPDATE t1 SET ab='abcdefg' WHERE rowid=2; - COMMIT; + UPDATE t1 SET ab='abcdefg' WHERE rowid=2; } } -test { faultsim_test_result {0 {}} diff --git a/manifest b/manifest index fcdf9706af..22c4bbb0d1 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Avoid\sdropping\sthe\serror\scode\sfollowing\san\sOOM\sin\sfts5\swhen\susing\s'secure-delete'\smode. -D 2023-04-15T19:13:51.887 +C Fix\sa\suse-after-free\sthat\scould\sfollow\san\sOOM\sor\sIO\serror\sin\sfts5\swhen\susing\s'secure-delete'\smode. +D 2023-04-15T19:58:58.601 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -92,7 +92,7 @@ F ext/fts5/fts5_buffer.c 3001fbabb585d6de52947b44b455235072b741038391f830d6b7292 F ext/fts5/fts5_config.c 46af0b3c3c3f00bfc5bdd307434d7c5f0fa0678a034dd48345cd83b20068efbd F ext/fts5/fts5_expr.c 48e8e45261c6030cf5c77f606217a22722b1a4d0b34e2ba6cbfc386581627989 F ext/fts5/fts5_hash.c d4fb70940359f2120ccd1de7ffe64cc3efe65de9e8995b822cd536ff64c96982 -F ext/fts5/fts5_index.c 185d989a3c875771d6a55e20d0f982590d194d79c36d78b90b1e593dc96ea615 +F ext/fts5/fts5_index.c 50c0e72697c310011b1520428655e79602bb92536bd7851d40f03349c21d8863 F ext/fts5/fts5_main.c b4dba04a36aaf9b8e8cef0100b6dbb422cc74753eacc11d6401cac7a87c0f38d F ext/fts5/fts5_storage.c 76c6085239eb44424004c022e9da17a5ecd5aaec859fba90ad47d3b08f4c8082 F ext/fts5/fts5_tcl.c b1445cbe69908c411df8084a10b2485500ac70a9c747cdc8cda175a3da59d8ae @@ -191,7 +191,7 @@ F ext/fts5/test/fts5secure.test 214a561519d1b1817f146efd1057e2a97cc896e75c2accc7 F ext/fts5/test/fts5secure2.test 2e961d7eef939f294c56b5d895cac7f1c3a60b934ee2cfd5e5e620bdf1ba6bbc F ext/fts5/test/fts5secure3.test c7e1080a6912f2a3ac68f2e05b88b72a99de38543509b2bbf427cac5c9c1c610 F ext/fts5/test/fts5secure4.test 17ac602024db3953401c3e51ad8e03de3b972c1770554585f63812ca4083550e -F ext/fts5/test/fts5securefault.test 66d3988ca96bef56d6143a6b40203a78eab4cf50665c93261a7b9021a8d81319 +F ext/fts5/test/fts5securefault.test 7208daed4171de8a54a293ef800411e3cec1ffc6e9d34209b53e56a70ee554da F ext/fts5/test/fts5simple.test a298670508c1458b88ce6030440f26a30673931884eb5f4094ac1773b3ba217b F ext/fts5/test/fts5simple2.test 258a1b0c590409bfa5271e872c79572b319d2a56554d0585f68f146a0da603f0 F ext/fts5/test/fts5simple3.test d5c74a9d3ca71bd5dd5cacb7c55b86ea12cdddfc8b1910e3de2995206898380f @@ -2057,8 +2057,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 414010d2366477285cb238f7af1e3d511ab4cda4bd4493441bd9868387dd5b66 -R db4ac6d716f6b37f938851dbdc9c0836 +P 9ee24a499c7b4a048f269f1c03c7c0b22b2898a3c23ea3e2511c2ba0342afa30 +R 7d4e8ae6ce7108b997bebd6ab3f8177f U dan -Z 1156bf072ee2940913d49643d9c3a7fc +Z 0a97f4e707f53c68d15ac47e51716a58 # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index a2a6beba1d..9a94488d87 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -9ee24a499c7b4a048f269f1c03c7c0b22b2898a3c23ea3e2511c2ba0342afa30 \ No newline at end of file +904be83d9f3dd4b21a3aa47dde337b5c045b925ffdde4bccd1f8e8fdbef68c18 \ No newline at end of file