From: drh <>
Date: Fri, 24 Sep 2021 02:14:35 +0000 (+0000)
Subject: Ensure that the db->init.azInit array is initialized at all times.
X-Git-Tag: version-3.37.0~204
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2a6a72a81cbd0df057be37e4ee514c68c7f64664;p=thirdparty%2Fsqlite.git

Ensure that the db->init.azInit array is initialized at all times.
dbsqlfuzz 0ad6d441f9bf3dfc32626a9900bc1700495b16f9

FossilOrigin-Name: c7560c1329965ab57cd71393c044b110561b83641d08677bc51044df9e377882
---

diff --git a/manifest b/manifest
index f515e7d9c4..cbc9df8132 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\sharmless\scompiler\swarnings.
-D 2021-09-22T14:43:35.940
+C Ensure\sthat\sthe\sdb->init.azInit\sarray\sis\sinitialized\sat\sall\stimes.\ndbsqlfuzz\s0ad6d441f9bf3dfc32626a9900bc1700495b16f9
+D 2021-09-24T02:14:35.733
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -511,7 +511,7 @@ F src/in-operator.md 10cd8f4bcd225a32518407c2fb2484089112fd71
 F src/insert.c 16fa4b66709db6db5bb31475f2321d0a839269765aa2461a520c151c385e8b9d
 F src/legacy.c d7874bc885906868cd51e6c2156698f2754f02d9eee1bae2d687323c3ca8e5aa
 F src/loadext.c 0aa9e7f08e168e3874cb54984408e3976dafdf5616d511952c425b5ac088ea3e
-F src/main.c aab8cefb6bfbdbecc53fd19058fa053c0c5e591b2e5067d883ef999d019dcd29
+F src/main.c 9b99470c8bffc08b3758dca06a6af0961c919db554b58f2ffad51b05147f1186
 F src/malloc.c cbc93cdd429c4594912017d92ab656e2579aca64dbd1c6888551275bed46f25b
 F src/mem0.c 6a55ebe57c46ca1a7d98da93aaa07f99f1059645
 F src/mem1.c c12a42539b1ba105e3707d0e628ad70e611040d8f5e38cf942cee30c867083de
@@ -542,7 +542,7 @@ F src/pcache.h 4f87acd914cef5016fae3030343540d75f5b85a1877eed1a2a19b9f284248586
 F src/pcache1.c 54881292a9a5db202b2c0ac541c5e3ef9a5e8c4f1c1383adb2601d5499a60e65
 F src/pragma.c 4a473feae3646063996ce3bfae78032009fa950765908d97424f7578b202813c
 F src/pragma.h b33c7a542ae7965c471f0d3c0565ce4d340c3f32cc162f44133539b6b0edb927
-F src/prepare.c 0d53d20532aada295c1690792a125adbd6435f5ce703ff0adf1b9b3605238b67
+F src/prepare.c 8f07616db04337057b8498b72d051ee90f73c54615c2e908c05404cef1e060b7
 F src/printf.c 78fabb49b9ac9a12dd1c89d744abdc9b67fd3205e62967e158f78b965a29ec4b
 F src/random.c 097dc8b31b8fba5a9aca1697aeb9fd82078ec91be734c16bffda620ced7ab83c
 F src/resolve.c 42b94d37a54200707a95566eff4f7e8a380e32d080016b699f23bd79a73a5028
@@ -552,7 +552,7 @@ F src/shell.c.in 9df263dc0949698a8728ecc5bb826666ca8ced75201d5440a161b629455cd46
 F src/sqlite.h.in 4e977a5e2ed1a9e8987ff65a2cab5f99a4298ebf040ea5ff636e1753339ff45a
 F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
 F src/sqlite3ext.h e97f4e9b509408fea4c4e9bef5a41608dfac343b4d3c7a990dedde1e19af9510
-F src/sqliteInt.h b62ee1fc9da3634616b969abe8b55fafcb540e4e7e5637ee2a2bb5fa477f4a38
+F src/sqliteInt.h 25af7dcb149966262f0fa485262db638e7058a63f9cfeda6b63a3c8334ca7af3
 F src/sqliteLimit.h d7323ffea5208c6af2734574bae933ca8ed2ab728083caa117c9738581a31657
 F src/status.c 4b8bc2a6905163a38b739854a35b826c737333fab5b1f8e03fa7eb9a4799c4c1
 F src/table.c 0f141b58a16de7e2fbe81c308379e7279f4c6b50eb08efeec5892794a0ba30d1
@@ -1060,7 +1060,7 @@ F test/fuzzdata4.db b502c7d5498261715812dd8b3c2005bad08b3a26e6489414bd13926cd3e4
 F test/fuzzdata5.db e35f64af17ec48926481cfaf3b3855e436bd40d1cfe2d59a9474cb4b748a52a5
 F test/fuzzdata6.db 92a80e4afc172c24f662a10a612d188fb272de4a9bd19e017927c95f737de6d7
 F test/fuzzdata7.db 0166b56fd7a6b9636a1d60ef0a060f86ddaecf99400a666bb6e5bbd7199ad1f2
-F test/fuzzdata8.db 81c9cfdd1c9dad84c1dbefb0a22cf31b685b8255031bc3827a6926412b0dc6f1
+F test/fuzzdata8.db 82a92571f1ce534a7b5edd547ec3dc52ed63ed52343ffbae0c384c9c0a8a83d9
 F test/fuzzer1.test 3d4c4b7e547aba5e5511a2991e3e3d07166cfbb8
 F test/fuzzer2.test a85ef814ce071293bce1ad8dffa217cbbaad4c14
 F test/fuzzerfault.test f64c4aef4c9e9edf1d6dc0d3f1e65dcc81e67c996403c88d14f09b74807a42bc
@@ -1709,6 +1709,7 @@ F test/vtabF.test 1918844c7c902f6a16c8dacf1ec8f84886d6e78b
 F test/vtabH.test 2efb5a24b0bb50796b21eca23032cfb77abfa4b0c03938e38ce5897abac404ca
 F test/vtabI.test 751b07636700dbdea328e4265b6077ccd6811a3f
 F test/vtabJ.test a6aef49d558af90fae10565b29501f82a95781cb4f797f2d13e2d19f9b6bc77b
+F test/vtabK.test b109c112ca23f9fbb4c35395fd5b0aa722cc78edc759a5739fc54a93b4b0385b
 F test/vtab_alter.test 736e66fb5ec7b4fee58229aa3ada2f27ec58bc58c00edae4836890c3784c6783
 F test/vtab_err.test dcc8b7b9cb67522b3fe7a272c73856829dae4ab7fdb30399aea1b6981bda2b65
 F test/vtab_shared.test 5253bff2355a9a3f014c15337da7e177ab0ef8ad
@@ -1925,7 +1926,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 96610cc8251ad4ff8d7f0536f20f4572a996bfa8d24bec8a7925a333e507da1e
-R a3b2cf34f41419b8f768542a1a595879
+P d678ecca02698753d1b33e072566112e94ea36d0d3a8f4a24d2b09d131968d88
+R b533cb60525bfcc9f1f61bf9f8fd7850
 U drh
-Z 540cae9edc2d1282d2484d063df2a30d
+Z 760c440786934b23f1295699ea1847cf
diff --git a/manifest.uuid b/manifest.uuid
index aa790fcd11..2b6c7ee745 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-d678ecca02698753d1b33e072566112e94ea36d0d3a8f4a24d2b09d131968d88
\ No newline at end of file
+c7560c1329965ab57cd71393c044b110561b83641d08677bc51044df9e377882
\ No newline at end of file
diff --git a/src/main.c b/src/main.c
index e0dcf39230..65fe4a6688 100644
--- a/src/main.c
+++ b/src/main.c
@@ -3205,6 +3205,7 @@ static int openDatabase(
   db->nextAutovac = -1;
   db->szMmap = sqlite3GlobalConfig.szMmap;
   db->nextPagesize = 0;
+  db->init.azInit = sqlite3StdType; /* Any array of string ptrs will do */
 #ifdef SQLITE_ENABLE_SORTER_MMAP
   /* Beginning with version 3.37.0, using the VFS xFetch() API to memory-map 
   ** the temporary files used to do external sorts (see code in vdbesort.c)
diff --git a/src/prepare.c b/src/prepare.c
index 6dcb3842ed..62dca01b6b 100644
--- a/src/prepare.c
+++ b/src/prepare.c
@@ -134,7 +134,7 @@ int sqlite3InitCallback(void *pInit, int argc, char **argv, char **NotUsed){
       }
     }
     db->init.orphanTrigger = 0;
-    db->init.azInit = argv;
+    db->init.azInit = (const char**)argv;
     pStmt = 0;
     TESTONLY(rcp = ) sqlite3Prepare(db, argv[4], -1, 0, 0, &pStmt, 0);
     rc = db->errCode;
@@ -153,6 +153,7 @@ int sqlite3InitCallback(void *pInit, int argc, char **argv, char **NotUsed){
         }
       }
     }
+    db->init.azInit = sqlite3StdType; /* Any array of string ptrs will do */
     sqlite3_finalize(pStmt);
   }else if( argv[1]==0 || (argv[4]!=0 && argv[4][0]!=0) ){
     corruptSchema(pData, argv, 0);
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index d10d02f749..dd19131fca 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -1546,7 +1546,7 @@ struct sqlite3 {
     unsigned orphanTrigger : 1; /* Last statement is orphaned TEMP trigger */
     unsigned imposterTable : 1; /* Building an imposter table */
     unsigned reopenMemdb : 1;   /* ATTACH is really a reopen using MemDB */
-    char **azInit;              /* "type", "name", and "tbl_name" columns */
+    const char **azInit;        /* "type", "name", and "tbl_name" columns */
   } init;
   int nVdbeActive;              /* Number of VDBEs currently running */
   int nVdbeRead;                /* Number of active VDBEs that read or write */
diff --git a/test/fuzzdata8.db b/test/fuzzdata8.db
index 311aae543c..641a1128ab 100644
Binary files a/test/fuzzdata8.db and b/test/fuzzdata8.db differ
diff --git a/test/vtabK.test b/test/vtabK.test
new file mode 100644
index 0000000000..3016e4b303
--- /dev/null
+++ b/test/vtabK.test
@@ -0,0 +1,59 @@
+# 2020-09-24
+#
+# The author disclaims copyright to this source code.  In place of
+# a legal notice, here is a blessing:
+#
+#    May you do good and not evil.
+#    May you find forgiveness for yourself and forgive others.
+#    May you share freely, never taking more than you give.
+#
+#***********************************************************************
+# This file implements tests for a strange scenario discovered by
+# dbsqlfuzz (0ad6d441f9bf3dfc32626a9900bc1700495b16f9) in which a
+# virtual table is named "sqlite_stat1".
+#
+
+set testdir [file dirname $argv0]
+source $testdir/tester.tcl
+set testprefix vtabK
+
+ifcapable !vtab||!rtree||!fts5 {
+  finish_test
+  return
+}
+
+do_execsql_test 100 {
+  CREATE TABLE t1(x);
+  INSERT INTO t1 VALUES(123);
+  PRAGMA writable_schema=ON;
+  CREATE VIRTUAL TABLE sqlite_stat1 USING fts5(a);
+  PRAGMA writable_schema=OFF;
+  CREATE VIRTUAL TABLE t3 USING fts5(b);
+  INSERT INTO t3 VALUES('this is a test');
+}
+do_catchsql_test 110 {
+  CREATE VIRTUAL TABLE t2 USING rtree(id,x,y);
+} {1 {no such column: stat}}
+do_execsql_test 120 {
+  SELECT * FROM t1;
+} {123}
+do_execsql_test 130 {
+  INSERT INTO t3(b) VALUES('Four score and seven years ago');
+  SELECT * FROM t3 WHERE t3 MATCH 'this';
+} {{this is a test}}
+do_execsql_test 140 {
+  SELECT * FROM t3 WHERE t3 MATCH 'four seven';
+} {{Four score and seven years ago}}
+do_execsql_test 150 {
+  INSERT INTO sqlite_stat1(a)
+  VALUES('We hold these truths to be self-evident...');
+  SELECT * FROM sqlite_stat1;
+} {{We hold these truths to be self-evident...}}
+do_catchsql_test 160 {
+  ANALYZE;
+} {1 {database disk image is malformed}}
+do_execsql_test 170 {
+  PRAGMA integrity_check;
+} {ok}
+
+finish_test