From: dan Date: Mon, 29 Apr 2019 11:41:46 +0000 (+0000) Subject: Fix a buffer overwrite in shell.c.in (part of the new .recover code). X-Git-Tag: version-3.29.0~174 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=51f5ffa1a429bfdfe177e417482f1fbbf6685e76;p=thirdparty%2Fsqlite.git Fix a buffer overwrite in shell.c.in (part of the new .recover code). FossilOrigin-Name: 92facbc73a940d2844ac88fafd2d2dadb10886fb0b7c53e23f346d18fa6d6327 --- diff --git a/manifest b/manifest index 58229ddb68..cf4308824d 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sa\sstack\soverflow\sthat\scould\soccur\swhen\srenaming\sa\stable\sthat\shas\sa\strigger\scontaining\sa\swindow\sfunction\sinvocation\sthat\sitself\scontains\sa\sspecific\ssyntax\serror. -D 2019-04-29T11:27:58.967 +C Fix\sa\sbuffer\soverwrite\sin\sshell.c.in\s(part\sof\sthe\snew\s.recover\scode). +D 2019-04-29T11:41:46.359 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -520,7 +520,7 @@ F src/random.c 80f5d666f23feb3e6665a6ce04c7197212a88384 F src/resolve.c 408632d9531ca8f1df8591f00530797daaa7bde3fe0d3211de4d431cbb99347e F src/rowset.c d977b011993aaea002cab3e0bb2ce50cf346000dff94e944d547b989f4b1fe93 F src/select.c b7304d2f491c11a03a7fbdf34bc218282ac54052377809d4dc3b4b1e7f4bfc93 -F src/shell.c.in 104bbae904a2b67bc6c0c95337447544d15d0594dc46468608aae769d5f51da9 +F src/shell.c.in 567236da9ee68b1dfa363426858ee5e310976ffe422a7b7ae220c0315d7e8c53 F src/sqlite.h.in 38390767acc1914d58930e03149595ee4710afa4e3c43ab6c3a8aea3f1a6b8cd F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8 F src/sqlite3ext.h 9ecc93b8493bd20c0c07d52e2ac0ed8bab9b549c7f7955b59869597b650dd8b5 @@ -1821,7 +1821,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 50fe48458942fa7a6bcc76316c6321f95b23dc34f2f8e0a483826483b2fb16f6 -R 50f0438c4e5efd5bb6070c75e8184302 +P c621fc668c6538f9f5bdac204f012c64998679a61aa8e224d212503820224c09 +R fab7a84bb2576871c69ae5af2474d189 U dan -Z dfacee40ac6434bcc0aa927bae743b38 +Z 238bfca672a6077522e49009580b426a diff --git a/manifest.uuid b/manifest.uuid index 16446b273a..491b1c92fc 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -c621fc668c6538f9f5bdac204f012c64998679a61aa8e224d212503820224c09 \ No newline at end of file +92facbc73a940d2844ac88fafd2d2dadb10886fb0b7c53e23f346d18fa6d6327 \ No newline at end of file diff --git a/src/shell.c.in b/src/shell.c.in index 2f9a2456a1..e145a1547c 100644 --- a/src/shell.c.in +++ b/src/shell.c.in @@ -4010,7 +4010,7 @@ static void shellEscapeCrnl( if( zNL || zCR ){ int iOut = 0; i64 nMax = (nNL > nCR) ? nNL : nCR; - i64 nAlloc = nMax * nText + (nMax+12)*2; + i64 nAlloc = nMax * nText + (nMax+64)*2; char *zOut = (char*)sqlite3_malloc64(nAlloc); if( zOut==0 ){ sqlite3_result_error_nomem(context);