From: drh Date: Thu, 8 Apr 2010 14:38:51 +0000 (+0000) Subject: Fix an integer overflow bug in the automatic index logic. The bug was X-Git-Tag: version-3.7.2~486 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=67ae0cb2313b6ab92fc53f8b307f97ceb62dd1b6;p=thirdparty%2Fsqlite.git Fix an integer overflow bug in the automatic index logic. The bug was detected by the testcase() macros added in the previous check-in. Also add some more testcase() macros, since this issue points up their importance. FossilOrigin-Name: af97b4881a8f010055cde672634141d7ed6898fc --- diff --git a/manifest b/manifest index 4c381152eb..2cfccb019f 100644 --- a/manifest +++ b/manifest @@ -1,8 +1,8 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -C Add\stestcase()\smacros\sto\sthe\sautomatic\sindex\slogic\sto\sinsure\sthat\sboundary\ncases\sare\stested. -D 2010-04-08T14:15:56 +C Fix\san\sinteger\soverflow\sbug\sin\sthe\sautomatic\sindex\slogic.\s\sThe\sbug\swas\ndetected\sby\sthe\stestcase()\smacros\sadded\sin\sthe\sprevious\scheck-in.\s\sAlso\nadd\ssome\smore\stestcase()\smacros,\ssince\sthis\sissue\spoints\sup\stheir\simportance. +D 2010-04-08T14:38:52 F Makefile.arm-wince-mingw32ce-gcc fcd5e9cd67fe88836360bb4f9ef4cb7f8e2fb5a0 F Makefile.in 4f2f967b7e58a35bb74fb7ec8ae90e0f4ca7868b F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654 @@ -225,7 +225,7 @@ F src/vdbemem.c 2a82f455f6ca6f78b59fb312f96054c04ae0ead1 F src/vdbetrace.c 864cef96919323482ebd9986f2132435115e9cc2 F src/vtab.c a0f8a40274e4261696ef57aa806de2776ab72cda F src/walker.c 3112bb3afe1d85dc52317cb1d752055e9a781f8f -F src/where.c 3a4a32910f4b283648ca60e099597d784640419d +F src/where.c 15a4eef6bce7cf1bbf482c9e17b108d0b7a92a82 F test/aggerror.test a867e273ef9e3d7919f03ef4f0e8c0d2767944f2 F test/alias.test 4529fbc152f190268a15f9384a5651bbbabc9d87 F test/all.test 14165b3e32715b700b5f0cbf8f6e3833dda0be45 @@ -799,14 +799,14 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224 F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f -P 7c8afc3272fa91e2b5685b009eb674dbc1b5920d -R ce7264333c7e3b80e3480a436a772632 +P 7286547847721b8f5f64bc2e7dc236652b1ae985 +R 96a8069556b5a410b2e431cd978a7df7 U drh -Z 93a751d218d1476c4e95c450f3e4b2fe +Z d04d44898ea5b97de880f4d4839621a4 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) -iD4DBQFLveUfoxKgR168RlERAlK0AJizHi/WZt4pZH5D99H7Lruh8t+CAJ4npcDg -ufDfCArvIerz7SKlqMzbFg== -=6X+r +iD8DBQFLveqAoxKgR168RlERAg5iAJ9bvCC1ncZeGw9njwB9ke6HucmE9gCePKdl +9wmrvenH+dOO2hKdhlCA+O0= +=pW+N -----END PGP SIGNATURE----- diff --git a/manifest.uuid b/manifest.uuid index f3d2c4c9cc..259efecd49 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -7286547847721b8f5f64bc2e7dc236652b1ae985 \ No newline at end of file +af97b4881a8f010055cde672634141d7ed6898fc \ No newline at end of file diff --git a/src/where.c b/src/where.c index 8622ba2594..a90f8c740d 100644 --- a/src/where.c +++ b/src/where.c @@ -1798,7 +1798,7 @@ static void constructAutomaticIndex( testcase( pTable->nCol==BMS-1 ); testcase( pTable->nCol==BMS-2 ); for(i=0; icolUsed & (((Bitmask)1)<<(BMS-1)) ){ nColumn += pTable->nCol - BMS + 1; @@ -1840,7 +1840,7 @@ static void constructAutomaticIndex( /* Add additional columns needed to make the automatic index into ** a covering index */ for(i=0; iaiColumn[n] = i; pIdx->azColl[n] = "BINARY"; n++; @@ -3841,6 +3841,7 @@ WhereInfo *sqlite3WhereBegin( /* The number of tables in the FROM clause is limited by the number of ** bits in a Bitmask */ + testcase( pTabList->nSrc==BMS ); if( pTabList->nSrc>BMS ){ sqlite3ErrorMsg(pParse, "at most %d tables in a join", BMS); return 0; @@ -4168,6 +4169,8 @@ WhereInfo *sqlite3WhereBegin( && (wctrlFlags & WHERE_OMIT_OPEN)==0 ){ int op = pWInfo->okOnePass ? OP_OpenWrite : OP_OpenRead; sqlite3OpenTable(pParse, pTabItem->iCursor, iDb, pTab, op); + testcase( pTab->nCol==BMS-1 ); + testcase( pTab->nCol==BMS ); if( !pWInfo->okOnePass && pTab->nColcolUsed; int n = 0;