From: drh Date: Tue, 24 Dec 2019 18:53:13 +0000 (+0000) Subject: Make the zipfile() extension function more robust against zero-length filenames. X-Git-Tag: version-3.31.0~155 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a194d3152c9d78090524290aef5a014b66abb7b4;p=thirdparty%2Fsqlite.git Make the zipfile() extension function more robust against zero-length filenames. FossilOrigin-Name: b9c2005f0291d58d7f3bfd4a2286eb6563e9c9433519c3329035f325fc723445 --- diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c index ec820038e2..e24865020c 100644 --- a/ext/misc/zipfile.c +++ b/ext/misc/zipfile.c @@ -2025,13 +2025,13 @@ void zipfileStep(sqlite3_context *pCtx, int nVal, sqlite3_value **apVal){ ** at the end of the path. Or, if this is not a directory and the path ** ends in '/' it is an error. */ if( bIsDir==0 ){ - if( zName[nName-1]=='/' ){ + if( nName>0 && zName[nName-1]=='/' ){ zErr = sqlite3_mprintf("non-directory name must not end with /"); rc = SQLITE_ERROR; goto zipfile_step_out; } }else{ - if( zName[nName-1]!='/' ){ + if( nName==0 || zName[nName-1]!='/' ){ zName = zFree = sqlite3_mprintf("%s/", zName); if( zName==0 ){ rc = SQLITE_NOMEM; diff --git a/manifest b/manifest index 01406c6bb6..7980796dd8 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sanother\scase\swhere\smalformed\sutf-8\swas\sbeing\smishandled\sin\sfts5.\sFix\sfor\s[df46a6f3]. -D 2019-12-24T16:20:05.755 +C Make\sthe\szipfile()\sextension\sfunction\smore\srobust\sagainst\szero-length\sfilenames. +D 2019-12-24T18:53:13.812 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -324,7 +324,7 @@ F ext/misc/vfsstat.c 77b5b4235c9f7f11eddf82487c0a422944ac2f132dafd5af3be7a68a057 F ext/misc/vtablog.c 5538acd0c8ddaae372331bee11608d76973436b77d6a91e8635cfc9432fba5ae F ext/misc/vtshim.c 1976e6dd68dd0d64508c91a6dfab8e75f8aaf6cd F ext/misc/wholenumber.c 784b12543d60702ebdd47da936e278aa03076212 -F ext/misc/zipfile.c 46b8022d5c4f118995c3e7228542215204dacc9c1c4e9872710900ec276d6db3 +F ext/misc/zipfile.c 010d67eeca123e3a89ab4144221bc4da66455fc964053602af5bb63584110bc7 F ext/misc/zorder.c b0ff58fa643afa1d846786d51ea8d5c4b6b35aa0254ab5a82617db92f3adda64 F ext/rbu/rbu.c 8681f6157db6adc82c34af24b14ea8a3be0146ad2a3b6c1d5da6cb8a5796c8ce F ext/rbu/rbu1.test 221d9c18a5e600ac9ac6b1810d99d9f99163a7909ba61597876ab6e4d4beb3d6 @@ -1852,7 +1852,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 4630c1ec013a4c2e54a34c9a64b2c803ac3912450de660497eb34ee21c91f426 -R 1a8908752b44d0f45dd43aab7ad0fcac -U dan -Z 13978aa5759e244af756578de8231027 +P 1c0a05b09a97e6e2e9b11c31ed6ec7e6484686614b587ebfd0cfe27d973ba461 +R 933ae05740077a8424843ac050f8609d +U drh +Z 953d680bd67e02f4ea8af1d20d201007 diff --git a/manifest.uuid b/manifest.uuid index caf9d30c2d..789a9a1b82 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -1c0a05b09a97e6e2e9b11c31ed6ec7e6484686614b587ebfd0cfe27d973ba461 \ No newline at end of file +b9c2005f0291d58d7f3bfd4a2286eb6563e9c9433519c3329035f325fc723445 \ No newline at end of file