From: drh <> Date: Sat, 22 Apr 2023 11:29:36 +0000 (+0000) Subject: Early out from sqlite3Prepare() following an OOM to avoid possible X-Git-Tag: version-3.42.0~110 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d9eb39e6257aba89b84de00069baeb0bd85afca1;p=thirdparty%2Fsqlite.git Early out from sqlite3Prepare() following an OOM to avoid possible problems further along in the parse. Fix for the NULL pointer dereference reported by [forum:/info/2e5131839365682a|forum post 2e5131839365682a]. FossilOrigin-Name: f35ce7c122017009496b777f33e641d0be086abee6ea8e25aab4c3e0fb45731a --- diff --git a/manifest b/manifest index e2a4842d8c..3f95a28d87 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C CLI\sto\shandle\sabsurd\sstring\slength\slimit\sbetter.\s[forum:5180af725f1cc375|forum\spost\s5180af725f1cc375] -D 2023-04-22T11:24:52.124 +C Early\sout\sfrom\ssqlite3Prepare()\sfollowing\san\sOOM\sto\savoid\spossible\nproblems\sfurther\salong\sin\sthe\sparse.\s\sFix\sfor\sthe\sNULL\spointer\sdereference\nreported\sby\s[forum:/info/2e5131839365682a|forum\spost\s2e5131839365682a]. +D 2023-04-22T11:29:36.514 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -621,13 +621,13 @@ F src/os_win.c 295fe45f18bd86f2477f4cd79f3377c6f883ceb941b1f46808665c73747f2345 F src/os_win.h 7b073010f1451abe501be30d12f6bc599824944a F src/pager.c 9d36ddedc842e993c88c222ed914822dbd6f8ece3c648fde04468637012a034a F src/pager.h f82e9844166e1585f5786837ddc7709966138ced17f568c16af7ccf946c2baa3 -F src/parse.y e8b5c753e3194e03d69e108753c1dbceb01fa4c158b2c6b726a048023ea0fdc1 +F src/parse.y 146f9a1db7db5ef4299c6897d335e5abed348c2626190d2877d45ffa210fd4ca F src/pcache.c 8ee13acccfd9accbf0af94910b7323dd7f7d55300d92ddafcf40e34fcc8e21be F src/pcache.h 1497ce1b823cf00094bb0cf3bac37b345937e6f910890c626b16512316d3abf5 F src/pcache1.c dee95e3cd2b61e6512dc814c5ab76d5eb36f0bfc9441dbb4260fccc0d12bbddc F src/pragma.c 26ed2cfdc5c12aa1c707178635709684960288cacc9cff9d491a38ff10e395f1 F src/pragma.h e690a356c18e98414d2e870ea791c1be1545a714ba623719deb63f7f226d8bb7 -F src/prepare.c 06ecbb25db151a009be99471757c73272cd61306903dc3eeb7250bdcf54896dd +F src/prepare.c 6350675966bd0e7ac3a464af9dbfe26db6f0d4237f4e1f1acdb17b12ad371e6e F src/printf.c 7eac1a9896a80697e03e08963e210830532ae2ff610e16c193e95af007ca5623 F src/random.c 606b00941a1d7dd09c381d3279a058d771f406c5213c9932bbd93d5587be4b9c F src/resolve.c 3e53e02ce87c9582bd7e7d22f13f4094a271678d9dc72820fa257a2abb5e4032 @@ -2059,8 +2059,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P c88550ef6711b03a81e2e6d121e2eb99ccff6e925c025dd6e85dd81088508400 -R c1d466045065a44b94ee36b4a1ca6613 -U larrybr -Z f005e7b2e85ae20e6a18880efb30cee5 +P 1489e7f53a4863b316af6dee10d9c66491d1bed6cf52a3538ac118c03b1d7ef9 +R 462d4d9e4d63b37d965c734364dc27f6 +U drh +Z 62d7b2c15834aaaa388f530f49fabdda # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index 7b1e17a7e8..96b92f2556 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -1489e7f53a4863b316af6dee10d9c66491d1bed6cf52a3538ac118c03b1d7ef9 \ No newline at end of file +f35ce7c122017009496b777f33e641d0be086abee6ea8e25aab4c3e0fb45731a \ No newline at end of file diff --git a/src/parse.y b/src/parse.y index 42876feebb..541b9ffe58 100644 --- a/src/parse.y +++ b/src/parse.y @@ -715,7 +715,7 @@ seltablist(A) ::= stl_prefix(A) nm(Y) dbnm(D) LP exprlist(E) RP as(Z) on_using(N seltablist(A) ::= stl_prefix(A) LP seltablist(F) RP as(Z) on_using(N). { if( A==0 && Z.n==0 && N.pOn==0 && N.pUsing==0 ){ A = F; - }else if( F->nSrc==1 ){ + }else if( ALWAYS(F!=0) && F->nSrc==1 ){ A = sqlite3SrcListAppendFromTerm(pParse,A,0,0,&Z,0,&N); if( A ){ SrcItem *pNew = &A->a[A->nSrc-1]; diff --git a/src/prepare.c b/src/prepare.c index 3f87a37199..ff48265023 100644 --- a/src/prepare.c +++ b/src/prepare.c @@ -702,7 +702,11 @@ static int sqlite3Prepare( sParse.db = db; sParse.pReprepare = pReprepare; assert( ppStmt && *ppStmt==0 ); - if( db->mallocFailed ) sqlite3ErrorMsg(&sParse, "out of memory"); + if( db->mallocFailed ){ + sqlite3ErrorMsg(&sParse, "out of memory"); + db->errCode = rc = SQLITE_NOMEM; + goto end_prepare; + } assert( sqlite3_mutex_held(db->mutex) ); /* For a long-term use prepared statement avoid the use of