From: dan <dan@noemail.net>
Date: Fri, 21 Mar 2014 19:27:54 +0000 (+0000)
Subject: Avoid leaking memory in an obscure case where the flattener adds an ORDER BY clause... 
X-Git-Tag: version-3.8.5~111
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9afccba269eb1910404fc003fc8e96ca6fbd742e;p=thirdparty%2Fsqlite.git

Avoid leaking memory in an obscure case where the flattener adds an ORDER BY clause to the recursive part of a recursive query.

FossilOrigin-Name: 1f413aca00015100224273480e1ce39a76bf93ab
---

diff --git a/manifest b/manifest
index 68306cb2c1..9a15563c3f 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\sthe\sOFFSET\sclause\sso\sthat\sit\sworks\scorrectly\son\squeries\sthat\slack\na\sFROM\sclause.\s\sTicket\s[07d6a0453d4ed8].
-D 2014-03-21T18:16:23.398
+C Avoid\sleaking\smemory\sin\san\sobscure\scase\swhere\sthe\sflattener\sadds\san\sORDER\sBY\sclause\sto\sthe\srecursive\spart\sof\sa\srecursive\squery.
+D 2014-03-21T19:27:54.828
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in 2ef13430cd359f7b361bb863504e227b25cc7f81
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -217,12 +217,12 @@ F src/printf.c e5a0005f8b3de21f85da6a709d2fbee76775bf4b
 F src/random.c d10c1f85b6709ca97278428fd5db5bbb9c74eece
 F src/resolve.c 273d5f47c4e2c05b2d3d2bffeda939551ab59e66
 F src/rowset.c 64655f1a627c9c212d9ab497899e7424a34222e0
-F src/select.c bea5181682a75940f4f555bfd1020169cc8f1657
+F src/select.c 0f7542b85f92d8b0c59a21d7ddcf5c0228e60fdc
 F src/shell.c cee9f46f2688a261601b1fd3d7f4b3cddf9b5cdf
 F src/sqlite.h.in a2ef671f92747a5a1c8a47bad5c585a8dd9eca80
 F src/sqlite3.rc 11094cc6a157a028b301a9f06b3d03089ea37c3e
 F src/sqlite3ext.h 886f5a34de171002ad46fae8c36a7d8051c190fc
-F src/sqliteInt.h 42acfa3d3b793822915ceb7e83c0cbc774d37d66
+F src/sqliteInt.h 828f61d3c58608ad2e871369950f3cf70428e917
 F src/sqliteLimit.h 164b0e6749d31e0daa1a4589a169d31c0dec7b3d
 F src/status.c 7ac05a5c7017d0b9f0b4bcd701228b784f987158
 F src/table.c 2cd62736f845d82200acfa1287e33feb3c15d62e
@@ -1096,7 +1096,7 @@ F test/win32heap.test ea19770974795cff26e11575e12d422dbd16893c
 F test/win32lock.test 7a6bd73a5dcdee39b5bb93e92395e1773a194361
 F test/win32longpath.test 169c75a3b2e43481f4a62122510210c67b08f26d
 F test/with1.test 268081a6b14817a262ced4d0ee34d4d2a1dd2068
-F test/with2.test 2fe78fcd8deef2a0f9cfc49bfc755911d0b3fd64
+F test/with2.test ee227a663586aa09771cafd4fa269c5217eaf775
 F test/withM.test e97f2a8c506ab3ea9eab94e6f6072f6cc924c991
 F test/without_rowid1.test e00a0a9dc9f0be651f011d61e8a32b7add5afb30
 F test/without_rowid2.test af260339f79d13cb220288b67cd287fbcf81ad99
@@ -1156,7 +1156,7 @@ F tool/vdbe_profile.tcl 67746953071a9f8f2f668b73fe899074e2c6d8c1
 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4
 F tool/warnings.sh d1a6de74685f360ab718efda6265994b99bbea01
 F tool/win/sqlite.vsix 030f3eeaf2cb811a3692ab9c14d021a75ce41fff
-P d5a1530bdc7ace053d05d1a037551110021d3758
-R e96408bb9b93596f5e755db9dbf77630
-U drh
-Z f1228f80df0ab7ad7b6a23acd634c66b
+P 179ef81648b0ad557df78b7712f216b876b6fb65
+R d6ea5c2b32ee3608a1c16a03630c7806
+U dan
+Z 37d6162a1c996286e576ee6c912ca01b
diff --git a/manifest.uuid b/manifest.uuid
index 0c9a994b80..e3acb3d652 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-179ef81648b0ad557df78b7712f216b876b6fb65
\ No newline at end of file
+1f413aca00015100224273480e1ce39a76bf93ab
\ No newline at end of file
diff --git a/src/select.c b/src/select.c
index 65e4ae7d67..93cf15f79b 100644
--- a/src/select.c
+++ b/src/select.c
@@ -1939,6 +1939,7 @@ static void generateWithRecursiveQuery(
   sqlite3VdbeResolveLabel(v, addrBreak);
 
 end_of_recursive_query:
+  sqlite3ExprListDelete(pParse->db, p->pOrderBy);
   p->pOrderBy = pOrderBy;
   p->pLimit = pLimit;
   p->pOffset = pOffset;
@@ -4487,9 +4488,14 @@ int sqlite3Select(
   if( sqlite3AuthCheck(pParse, SQLITE_SELECT, 0, 0, 0) ) return 1;
   memset(&sAggInfo, 0, sizeof(sAggInfo));
 
+  assert( p->pOrderBy==0 || pDest->eDest!=SRT_DistTable );
+  assert( p->pOrderBy==0 || pDest->eDest!=SRT_DistQueue );
+  assert( p->pOrderBy==0 || pDest->eDest!=SRT_Queue );
   if( IgnorableOrderby(pDest) ){
     assert(pDest->eDest==SRT_Exists || pDest->eDest==SRT_Union || 
-           pDest->eDest==SRT_Except || pDest->eDest==SRT_Discard);
+           pDest->eDest==SRT_Except || pDest->eDest==SRT_Discard ||
+           pDest->eDest==SRT_Queue  || pDest->eDest==SRT_DistTable ||
+           pDest->eDest==SRT_DistQueue);
     /* If ORDER BY makes no difference in the output then neither does
     ** DISTINCT so it can be removed too. */
     sqlite3ExprListDelete(db, p->pOrderBy);
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index 55b7e080ae..b31686c3ff 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -2283,7 +2283,7 @@ struct Select {
 #define SRT_Discard      4  /* Do not save the results anywhere */
 
 /* The ORDER BY clause is ignored for all of the above */
-#define IgnorableOrderby(X) ((X->eDest)<=SRT_Discard)
+#define IgnorableOrderby(X) ((X->eDest)<=SRT_Discard || (X->eDest)>SRT_Table)
 
 #define SRT_Output       5  /* Output each row of result */
 #define SRT_Mem          6  /* Store result in a memory cell */
diff --git a/test/with2.test b/test/with2.test
index d702f8c962..eb0614729b 100644
--- a/test/with2.test
+++ b/test/with2.test
@@ -385,6 +385,33 @@ do_execsql_test 7.5 {
   )
 } {14 28 42}
 
+#-------------------------------------------------------------------------
+# At one point the following was causing an assertion failure and a 
+# memory leak.
+#
+do_execsql_test 8.1 {
+  CREATE TABLE t7(y);
+  INSERT INTO t7 VALUES(NULL);
+  CREATE VIEW v AS SELECT * FROM t7 ORDER BY y;
+}
+
+do_execsql_test 8.2 {
+  WITH q(a) AS (
+    SELECT 1
+    UNION 
+    SELECT a+1 FROM q, v WHERE a<5
+  )
+  SELECT * FROM q;
+} {1 2 3 4 5}
+
+do_execsql_test 8.3 {
+  WITH q(a) AS (
+    SELECT 1
+    UNION ALL
+    SELECT a+1 FROM q, v WHERE a<5
+  )
+  SELECT * FROM q;
+} {1 2 3 4 5}
 
 
 finish_test