From: drh <> Date: Wed, 25 Jan 2023 16:56:24 +0000 (+0000) Subject: Enhance the sqlite3_vtab_in_first() and sqlite3_vtab_in_next() interfaces so X-Git-Tag: version-3.41.0~94 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b604f1456e4116b6a60d0d24a0ed1e678617dcf3;p=thirdparty%2Fsqlite.git Enhance the sqlite3_vtab_in_first() and sqlite3_vtab_in_next() interfaces so that they reliably return SQLITE_ERROR (and not SQLITE_MISUSE) if they are invoked on a parameter that did not have multi-value IN processing enabled via a prior call to sqlite3_vtab_in(). See [forum:/forumpost/a823d4a3d5f73def|forum thread a823d4a3d5f73def]. FossilOrigin-Name: 144326dc171025dc8b5a77bebd8de3c19d5244ab807f5aa41f95313a25b880bc --- diff --git a/manifest b/manifest index 917c5a29eb..5dcb473049 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sa\sproblem\swith\sfts3\sauxiliary\sfunctions\sand\sone\sor\smore\sNEAR\sexpressions\sORed\stogether. -D 2023-01-25T15:45:45.110 +C Enhance\sthe\ssqlite3_vtab_in_first()\sand\ssqlite3_vtab_in_next()\sinterfaces\sso\nthat\sthey\sreliably\sreturn\sSQLITE_ERROR\s(and\snot\sSQLITE_MISUSE)\sif\sthey\sare\ninvoked\son\sa\sparameter\sthat\sdid\snot\shave\smulti-value\sIN\sprocessing\senabled\nvia\sa\sprior\scall\sto\ssqlite3_vtab_in().\s\sSee\n[forum:/forumpost/a823d4a3d5f73def|forum\sthread\sa823d4a3d5f73def]. +D 2023-01-25T16:56:24.362 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -622,7 +622,7 @@ F src/resolve.c 5a98a7bf277aa60584b6bb4c5dd6a9ef2b19537910612c34f596e2901e88596d F src/rowset.c ba9515a922af32abe1f7d39406b9d35730ed65efab9443dc5702693b60854c92 F src/select.c d389ccdb96855dbfaadc22d936889e1f0652ffca17e31a6b6522b45d99daa8ce F src/shell.c.in f7fd28e68269a58690c665e8a5e96ba242201267925fbd335f08695c79fc6db7 -F src/sqlite.h.in 814923254ec52b541eeb7787a09a25e416b9a46333dfbfec324014b9919fd77f +F src/sqlite.h.in d2a5fc1f6740bd02b571d33d2eb308fa7d1b0fac5b86f6f1fe8310cd49bca97d F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8 F src/sqlite3ext.h da473ce2b3d0ae407a6300c4a164589b9a6bfdbec9462688a8593ff16f3bb6e4 F src/sqliteInt.h 43eeee1ea80543a0e40444bf53643ca259a2b1158ccfe859a6a6435b7358ecdd @@ -692,10 +692,10 @@ F src/upsert.c 5303dc6c518fa7d4b280ec65170f465c7a70b7ac2b22491598f6d0b4875b3145 F src/utf.c ee39565f0843775cc2c81135751ddd93eceb91a673ea2c57f61c76f288b041a0 F src/util.c 3ff7bc2b48dd425b1448304bb86273b05da1621f136d51dbb9789f8803559a1f F src/vacuum.c 84ce7f01f8a7a08748e107a441db83bcec13970190ddcb0c9ff522adbc1c23fd -F src/vdbe.c da2963a170cea17d88e140c1ab00ce702d27b90e2e27831274a2ae9e9b704897 +F src/vdbe.c 47d3b78e75e239e1909933f0d77612b4111ebe760f01fdd0085e4e30b59b4cc6 F src/vdbe.h 73b904a6b3bb27f308c6cc287a5751ebc7f1f89456be0ed068a12b92844c6e8c -F src/vdbeInt.h fc15815b7bdafbb27e7f027faba2b0112e87d382c0d72241672528806ebc0db5 -F src/vdbeapi.c 4ee67890913c1d2469c68e3ad2e7ddeab57ac5924a64bbfd0906a8ea0d542c7f +F src/vdbeInt.h a4147a4ddf613cb1bcb555ace9e9e74a9c099d65facd88155f191b1fb4d74cfb +F src/vdbeapi.c 784e90b69884ee2eed1bb191afe130e7f5acbed0465487907027406721111701 F src/vdbeaux.c 3f9e3b6585e7434aa11300169dd66ddf0fc963a0c6f7940bdc058335dadeb353 F src/vdbeblob.c 5e61ce31aca17db8fb60395407457a8c1c7fb471dde405e0cd675974611dcfcd F src/vdbemem.c 316d518115f3720b4097f0231e2a3d6eefd06c787eccf44972f8d8f462153421 @@ -2044,8 +2044,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P a8c91c132f6157b7e3649f57a799984b1d7f8a18fd434515c875617d4195db29 -R 73fe2e4893136a6f2210fe51205c8c54 -U dan -Z 9784b836281b1acdf9581aedf7823d6d +P de4690a10ad4631e7452ccbb05b177a821d9dda387a854d216a6c54c7a189ead +R f1869180bf1d0c0e3b1e12c888e3b381 +U drh +Z bb6166040462f6ec1fa86f2c8c8a540d # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index 7a9a9e5eee..6dab339060 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -de4690a10ad4631e7452ccbb05b177a821d9dda387a854d216a6c54c7a189ead \ No newline at end of file +144326dc171025dc8b5a77bebd8de3c19d5244ab807f5aa41f95313a25b880bc \ No newline at end of file diff --git a/src/sqlite.h.in b/src/sqlite.h.in index af482ff0b1..0ae65aa75d 100644 --- a/src/sqlite.h.in +++ b/src/sqlite.h.in @@ -9806,14 +9806,13 @@ int sqlite3_vtab_in(sqlite3_index_info*, int iCons, int bHandle); ** is undefined and probably harmful. ** ** The X parameter in a call to sqlite3_vtab_in_first(X,P) or -** sqlite3_vtab_in_next(X,P) must be one of the parameters to the +** sqlite3_vtab_in_next(X,P) should be one of the parameters to the ** xFilter method which invokes these routines, and specifically ** a parameter that was previously selected for all-at-once IN constraint ** processing use the [sqlite3_vtab_in()] interface in the ** [xBestIndex|xBestIndex method]. ^(If the X parameter is not ** an xFilter argument that was selected for all-at-once IN constraint -** processing, then these routines return [SQLITE_MISUSE])^ or perhaps -** exhibit some other undefined or harmful behavior. +** processing, then these routines return [SQLITE_ERROR].)^ ** ** ^(Use these routines to access all values on the right-hand side ** of the IN constraint using code like the following: diff --git a/src/vdbe.c b/src/vdbe.c index db60862333..fb5e04a812 100644 --- a/src/vdbe.c +++ b/src/vdbe.c @@ -8031,7 +8031,7 @@ case OP_VInitIn: { /* out2, ncycle */ pRhs->pOut = &aMem[pOp->p3]; pOut = out2Prerelease(p, pOp); pOut->flags = MEM_Null; - sqlite3VdbeMemSetPointer(pOut, pRhs, "ValueList", sqlite3_free); + sqlite3VdbeMemSetPointer(pOut, pRhs, "ValueList", sqlite3VdbeValueListFree); break; } #endif /* SQLITE_OMIT_VIRTUALTABLE */ diff --git a/src/vdbeInt.h b/src/vdbeInt.h index 03f4ec5429..b901a01801 100644 --- a/src/vdbeInt.h +++ b/src/vdbeInt.h @@ -657,6 +657,8 @@ int sqlite3VdbeSorterRewind(const VdbeCursor *, int *); int sqlite3VdbeSorterWrite(const VdbeCursor *, Mem *); int sqlite3VdbeSorterCompare(const VdbeCursor *, Mem *, int, int *); +void sqlite3VdbeValueListFree(void*); + #ifdef SQLITE_DEBUG void sqlite3VdbeIncrWriteCounter(Vdbe*, VdbeCursor*); void sqlite3VdbeAssertAbortable(Vdbe*); diff --git a/src/vdbeapi.c b/src/vdbeapi.c index e080449c5e..647976b5f6 100644 --- a/src/vdbeapi.c +++ b/src/vdbeapi.c @@ -882,6 +882,17 @@ int sqlite3_vtab_nochange(sqlite3_context *p){ return sqlite3_value_nochange(p->pOut); } +/* +** The destructor function for a ValueList object. This needs to be +** a separate function, unknowable to the application, to ensure that +** calls to sqlite3_vtab_in_first()/sqlite3_vtab_in_next() that are not +** preceeded by activation of IN processing via sqlite3_vtab_int() do not +** try to access a fake ValueList object inserted by a hostile extension. +*/ +void sqlite3VdbeValueListFree(void *pToDelete){ + sqlite3_free(pToDelete); +} + /* ** Implementation of sqlite3_vtab_in_first() (if bNext==0) and ** sqlite3_vtab_in_next() (if bNext!=0). @@ -896,8 +907,15 @@ static int valueFromValueList( *ppOut = 0; if( pVal==0 ) return SQLITE_MISUSE; - pRhs = (ValueList*)sqlite3_value_pointer(pVal, "ValueList"); - if( pRhs==0 ) return SQLITE_MISUSE; + if( pVal->xDel!=sqlite3VdbeValueListFree ){ + return SQLITE_ERROR; + }else{ + assert( (pVal->flags&(MEM_TypeMask|MEM_Term|MEM_Subtype)) == + (MEM_Null|MEM_Term|MEM_Subtype) ); + assert( pVal->eSubtype=='p' ); + assert( pVal->u.zPType!=0 && strcmp(pVal->u.zPType,"ValueList")==0 ); + pRhs = (ValueList*)pVal->z; + } if( bNext ){ rc = sqlite3BtreeNext(pRhs->pCsr, 0); }else{