From: drh <>
Date: Wed, 8 Mar 2023 23:05:18 +0000 (+0000)
Subject: Fix a possible NULL pointer dereference due to the sqlite3_interrupt()
X-Git-Tag: version-3.42.0~271
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8c26e6fa168da6c2bdd5c0f74e4014cb2b165dfe;p=thirdparty%2Fsqlite.git

Fix a possible NULL pointer dereference due to the sqlite3_interrupt()
enhancement at [bd8fa10e59f58886].  Reported by
[forum:/forumpost/f5a2b1db87|forum post f5a2b1db87].

FossilOrigin-Name: 84417bbd144b2197c9930a520feb94b59053957c190be79f8deaaaebca68ecf1
---

diff --git a/manifest b/manifest
index dad39608e9..7548c98b51 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Backout\sthe\sOP_MakeRecord\soptimization\sas\sit\sdoes\snot\swork.
-D 2023-03-08T22:48:03.746
+C Fix\sa\spossible\sNULL\spointer\sdereference\sdue\sto\sthe\ssqlite3_interrupt()\nenhancement\sat\s[bd8fa10e59f58886].\s\sReported\sby\n[forum:/forumpost/f5a2b1db87|forum\spost\sf5a2b1db87].
+D 2023-03-08T23:05:18.525
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -688,7 +688,7 @@ F src/test_wsd.c 41cadfd9d97fe8e3e4e44f61a4a8ccd6f7ca8fe9
 F src/threads.c 4ae07fa022a3dc7c5beb373cf744a85d3c5c6c3c
 F src/tokenize.c 1305797eab3542a0896b552c6e7669c972c1468e11e92b370533c1f37a37082b
 F src/treeview.c fccf3b8c517c1f55cb380c1522febe6921fcb2bd800c16c78cab571d0eb0ccbd
-F src/trigger.c 5e68b790f022b8dafbfb0eb244786512a95c9575fc198719d2557d73e5795858
+F src/trigger.c 6072c531d9bcc3980528150a1b03fda2e85a08c10023fafb42f93ffd68607ffe
 F src/update.c f118e51768d2c1309e3c81e9f91141b22b8a1339cbc5969b1b2d810feaa25b22
 F src/upsert.c 5303dc6c518fa7d4b280ec65170f465c7a70b7ac2b22491598f6d0b4875b3145
 F src/utf.c ee39565f0843775cc2c81135751ddd93eceb91a673ea2c57f61c76f288b041a0
@@ -1407,7 +1407,7 @@ F test/reindex.test cd9d6021729910ece82267b4f5e1b5ac2911a7566c43b43c176a6a4732e2
 F test/releasetest_data.tcl b550dd1b122a9c969df794d05ea272df535f10ff1a245062e7ba080822378016
 F test/resetdb.test 54c06f18bc832ac6d6319e5ab23d5c8dd49fdbeec7c696d791682a8006bd5fc3
 F test/resolver01.test f4022acafda7f4d40eca94dbf16bc5fc4ac30ceb
-F test/returning1.test 3ef7b264598b3292be0cdb028e4acb7524c5fd409b33b78449f894dfd68db334
+F test/returning1.test ee72bece38ea39ef82a219d8f6619e5c1c15835ea127cd7e6e30012cde462dfe
 F test/returningfault.test ae4c4b5e8745813287a359d9ccdb9d5c883c2e68afb18fb0767937d5de5692a4
 F test/rollback.test 06680159bc6746d0f26276e339e3ae2f951c64812468308838e0a3362d911eaa
 F test/rollback2.test 3f3a4e20401825017df7e7671e9f31b6de5fae5620c2b9b49917f52f8c160a8f
@@ -2049,9 +2049,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P ac7359b2633ead74a53b2796fe038ca285aacad45b45980db2a76a87154e66e3
-Q -ca89daef0fcf6cb04aa6fa90dd333d6f2474bf3f458c833d9cd5bd8e59f2a04a
-R 5b614ce6b236c8311c427bbe81e4374c
+P 25017312d0d476d9cd5a39835748ee26c2ea482e163264ce2f9843ac627276d6
+R 04992e5ef08ba70fad9283f737a9de1e
 U drh
-Z 739ce1ec9014df3e668a3263b66c8258
+Z f2ca12f92c53ce29bf6ab3953a4fa6eb
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index 752eaba01f..ac3cc4a4f2 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-25017312d0d476d9cd5a39835748ee26c2ea482e163264ce2f9843ac627276d6
\ No newline at end of file
+84417bbd144b2197c9930a520feb94b59053957c190be79f8deaaaebca68ecf1
\ No newline at end of file
diff --git a/src/trigger.c b/src/trigger.c
index 02d8540237..f83c719a33 100644
--- a/src/trigger.c
+++ b/src/trigger.c
@@ -983,7 +983,7 @@ static void codeReturningTrigger(
   }
   sqlite3ExprListDelete(db, sSelect.pEList);
   pNew = sqlite3ExpandReturning(pParse, pReturning->pReturnEL, pTab);
-  if( !db->mallocFailed ){
+  if( pParse->nErr==0 ){
     NameContext sNC;
     memset(&sNC, 0, sizeof(sNC));
     if( pReturning->nRetCol==0 ){
diff --git a/test/returning1.test b/test/returning1.test
index 326af800e1..0d97b70201 100644
--- a/test/returning1.test
+++ b/test/returning1.test
@@ -212,13 +212,13 @@ do_execsql_test 10.2 {
   END;
 }
 
-do_catchsql_test 10.3 {
+do_catchsql_test 10.3a {
   INSERT INTO t1(a, b) VALUES(1234, 5678) RETURNING rowid;
-} {1 {no such column: rowid}}
+} {1 {no such column: new.rowid}}
 
-do_catchsql_test 10.3 {
+do_catchsql_test 10.3b {
   UPDATE t1 SET a='z' WHERE b='y' RETURNING rowid;
-} {1 {no such column: rowid}}
+} {1 {no such column: new.rowid}}
 
 do_execsql_test 10.4 {
   SELECT * FROM log;
@@ -408,4 +408,15 @@ do_execsql_test 17.0 {
   UPDATE bug SET x=NULL WHERE id = 20 RETURNING quote(x), x IS NULL;
 } {NULL 1}
 
+# 2023-03-08 https://sqlite.org/forum/forumpost/f5a2b1db87
+# NULL pointer dereference following an error.
+#
+do_execsql_test 18.0 {
+  CREATE TABLE v0(c1 INT);
+  CREATE VIEW view_2(c1) AS SELECT CASE WHEN c1 COLLATE TRUE THEN TRUE ELSE TRUE END FROM v0;
+}
+do_catchsql_test 18.1 {
+  INSERT INTO view_2 DEFAULT VALUES RETURNING *;
+} {1 {no such collation sequence: TRUE}}
+
 finish_test