From: drh Date: Thu, 23 Feb 2012 17:35:28 +0000 (+0000) Subject: Fix an obscure bug that causes a crash when parsing certain invalid SQL X-Git-Tag: version-3.7.11~31 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=63296052a18ec880aab46c1f9a140f9ab0a6b271;p=thirdparty%2Fsqlite.git Fix an obscure bug that causes a crash when parsing certain invalid SQL statements. FossilOrigin-Name: c8c7846fb990199dcc0774a69e8257510bc36f2d --- diff --git a/manifest b/manifest index 7316e3191d..99e12674d4 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sa\stypo\smade\sinside\san\sassert()\sstatement\sin\sthe\sprevious\scommit. -D 2012-02-23T16:45:42.651 +C Fix\san\sobscure\sbug\sthat\scauses\sa\scrash\swhen\sparsing\scertain\sinvalid\sSQL\nstatements. +D 2012-02-23T17:35:28.314 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f F Makefile.in 3f79a373e57c3b92dabf76f40b065e719d31ac34 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23 @@ -180,7 +180,7 @@ F src/printf.c 7ffb4ebb8b341f67e049695ba031da717b3d2699 F src/random.c cd4a67b3953b88019f8cd4ccd81394a8ddfaba50 F src/resolve.c 3d3e80a98f203ac6b9329e9621e29eda85ddfd40 F src/rowset.c 69afa95a97c524ba6faf3805e717b5b7ae85a697 -F src/select.c 232283a2e60d91cbd9a5ddf2f6f7ecf53d590075 +F src/select.c 44ccdcb5d2a1c48622c179b2d72167b716388581 F src/shell.c aa28f117033ba3e44b5eaaf2ad572222bcdfd66e F src/sqlite.h.in f46e368d1a28b09d876e35444785674d170f2d62 F src/sqlite3ext.h 6904f4aadf976f95241311fbffb00823075d9477 @@ -666,7 +666,7 @@ F test/schema2.test 906408621ea881fdb496d878b1822572a34e32c5 F test/schema3.test 1bc1008e1f8cb5654b248c55f27249366eb7ed38 F test/schema4.test e6a66e20cc69f0e306667c08be7fda3d11707dc5 F test/securedel.test 87a2561151af1f1e349071a89fdd77059f50113c -F test/select1.test f67ca2dfc05df41c7b86eb32ca409b427a5f43b0 +F test/select1.test deba017eed9daa5af33de868676c997e7eebb931 F test/select2.test 352480e0e9c66eda9c3044e412abdf5be0215b56 F test/select3.test 2ce595f8fb8e2ac10071d3b4e424cadd4634a054 F test/select4.test 44aa6e7110592e18110b0b9cf5c024d37d23be17 @@ -990,7 +990,7 @@ F tool/tostr.awk e75472c2f98dd76e06b8c9c1367f4ab07e122d06 F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f F tool/warnings-clang.sh 9f406d66e750e8ac031c63a9ef3248aaa347ef2a F tool/warnings.sh fbc018d67fd7395f440c28f33ef0f94420226381 -P 786e24dc56504d1958db0618e645610f2600a087 -R 62ee79e3c7935d38f24dc9d649f992a8 -U dan -Z 453c5f133ed9456db2536b040019e9b7 +P f0640615f25ebe8bf2eed0e1a0f2e309471889fe +R 386c50c5bbaa55f00d88b4b7b8d3f590 +U drh +Z 9c1aa4f559c8a629e9a1fae5ce79c6c5 diff --git a/manifest.uuid b/manifest.uuid index 9847f54855..4299d78489 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -f0640615f25ebe8bf2eed0e1a0f2e309471889fe \ No newline at end of file +c8c7846fb990199dcc0774a69e8257510bc36f2d \ No newline at end of file diff --git a/src/select.c b/src/select.c index bbdc4e3c55..3efe014d8b 100644 --- a/src/select.c +++ b/src/select.c @@ -1258,7 +1258,7 @@ static int selectColumnsFromExprList( char *zName; /* Column name */ int nName; /* Size of name in zName[] */ - *pnCol = nCol = pEList->nExpr; + *pnCol = nCol = pEList ? pEList->nExpr : 0; aCol = *paCol = sqlite3DbMallocZero(db, sizeof(aCol[0])*nCol); if( aCol==0 ) return SQLITE_NOMEM; for(i=0, pCol=aCol; i