From: dan Date: Fri, 5 Mar 2010 17:27:01 +0000 (+0000) Subject: Fix a one byte buffer overread in fts3. X-Git-Tag: version-3.7.2~555 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=89374d23093da23090149ff57d9b5e776973f755;p=thirdparty%2Fsqlite.git Fix a one byte buffer overread in fts3. FossilOrigin-Name: 6e3e014af91601ed1f3a9cbe23f7c4260a4d177f --- diff --git a/ext/fts3/fts3.c b/ext/fts3/fts3.c index 4176d933d1..48a4847f36 100644 --- a/ext/fts3/fts3.c +++ b/ext/fts3/fts3.c @@ -1037,7 +1037,12 @@ static void fts3PutDeltaVarint( /* ** When this function is called, *ppPoslist is assumed to point to the -** start of a position-list. +** start of a position-list. After it returns, *ppPoslist points to the +** first byte after the position-list. +** +** If pp is not NULL, then the contents of the position list are copied +** to *pp. *pp is set to point to the first byte past the last byte copied +** before this function returns. */ static void fts3PoslistCopy(char **pp, char **ppPoslist){ char *pEnd = *ppPoslist; @@ -2181,7 +2186,9 @@ char *sqlite3Fts3FindPositions( while( pCsriCurrentiCurrent); + if( pCsriCurrent); + } pExpr->pCurrent = pCsr; }else{ if( pExpr->iCurrent==iDocid ){ diff --git a/manifest b/manifest index 0d4e7787ab..016332a3ee 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Modify\sthe\svdbe\sso\sthat\sthe\scomparison\soperator\sopcodes\sdo\snot\smodify\sthe\sdata\stype\sof\soperands.\sFix\sfor\s[aa92c76cd4]. -D 2010-03-05T16:32:12 +C Fix\sa\sone\sbyte\sbuffer\soverread\sin\sfts3. +D 2010-03-05T17:27:02 F Makefile.arm-wince-mingw32ce-gcc fcd5e9cd67fe88836360bb4f9ef4cb7f8e2fb5a0 F Makefile.in 4f2f967b7e58a35bb74fb7ec8ae90e0f4ca7868b F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654 @@ -56,7 +56,7 @@ F ext/fts2/mkfts2amal.tcl 974d5d438cb3f7c4a652639262f82418c1e4cff0 F ext/fts3/README.syntax a19711dc5458c20734b8e485e75fb1981ec2427a F ext/fts3/README.tokenizers 998756696647400de63d5ba60e9655036cb966e9 F ext/fts3/README.txt 8c18f41574404623b76917b9da66fcb0ab38328d -F ext/fts3/fts3.c c7a20cf4c2e9fa22c9f304bece60f466b4d92589 +F ext/fts3/fts3.c 15ca4d9baf2ca6efa132bc8afdc62911deb5a83e F ext/fts3/fts3.h 3a10a0af180d502cecc50df77b1b22df142817fe F ext/fts3/fts3Int.h df812ef35f1b47a44ec68a44ec0c2a769c973d85 F ext/fts3/fts3_expr.c f4ff02ebe854e97ac03ff00b38b728a9ab57fd4b @@ -792,7 +792,7 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224 F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f -P 27413fc8dd52b754b4be9344a66bb9e0d752d48e -R f2ab83c256285b8820ce8d6baa7f32be +P 8858042fa1449516a2c7dbb991dca3eb6c5794cb +R 8a9e89b47a06ff6e530c432a233196bb U dan -Z 19b361fab49c5821c8736e06dd81041c +Z 5bdb78b3531af14f46db30fbad40b790 diff --git a/manifest.uuid b/manifest.uuid index 54fbd9da25..479e58f524 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -8858042fa1449516a2c7dbb991dca3eb6c5794cb \ No newline at end of file +6e3e014af91601ed1f3a9cbe23f7c4260a4d177f \ No newline at end of file