From: drh Date: Fri, 11 Feb 2011 06:59:02 +0000 (+0000) Subject: Fix a bug in the new WHERE-clause processing that tries to use an X-Git-Tag: version-3.7.6~147 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=da91e71308f8d4057dc9b40f7099623370183d12;p=thirdparty%2Fsqlite.git Fix a bug in the new WHERE-clause processing that tries to use an index to resolve IS NOT NULL constraints when SQLITE_ENABLE_STAT2 is defined. The bug could cause memory overruns and segfaults. The bug was new to the code and has not appeared in an official release. Found during structural testing. FossilOrigin-Name: a5c36b9f39ab9629b857ec9c550f3892c0d94fb4 --- diff --git a/manifest b/manifest index e16afa35bb..a733d84d37 100644 --- a/manifest +++ b/manifest @@ -1,8 +1,8 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -C Allow\san\sindex\spaired\swith\sa\sNOT\sNULL\sconstraint\sto\sbe\sused\sfor\ssorting\nunder\sthe\scondition\sthat\sthe\sindex\sbe\streated\sas\sa\snon-unique\sindex. -D 2011-02-11T03:56:11.449 +C Fix\sa\sbug\sin\sthe\snew\sWHERE-clause\sprocessing\sthat\stries\sto\suse\san\nindex\sto\sresolve\sIS\sNOT\sNULL\sconstraints\swhen\sSQLITE_ENABLE_STAT2\sis\ndefined.\s\sThe\sbug\scould\scause\smemory\soverruns\sand\ssegfaults.\s\sThe\sbug\nwas\snew\sto\sthe\scode\sand\shas\snot\sappeared\sin\san\sofficial\srelease.\nFound\sduring\sstructural\stesting. +D 2011-02-11T06:59:02.077 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f F Makefile.in 27701a1653595a1f2187dc61c8117e00a6c1d50f F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23 @@ -244,7 +244,7 @@ F src/vtab.c b297e8fa656ab5e66244ab15680d68db0adbec30 F src/wal.c aca10a60655e103fc8630a75345000f43c6d47ca F src/wal.h 7a5fbb00114b7f2cd40c7e1003d4c41ce9d26840 F src/walker.c 3112bb3afe1d85dc52317cb1d752055e9a781f8f -F src/where.c 96d634b85310cfcfe89f004aa8525b57d8898315 +F src/where.c 9c140acd52f4526983cba7203e6a5bb0ccadb5fb F test/aggerror.test a867e273ef9e3d7919f03ef4f0e8c0d2767944f2 F test/alias.test 4529fbc152f190268a15f9384a5651bbbabc9d87 F test/all.test 51756962d522e474338e9b2ebb26e7364d4aa125 @@ -909,14 +909,14 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224 F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f -P 5ecd11788269e78dc26639b2503a10b7e25b2483 -R efe2bc1def692179832d1c52a5f44bf5 +P d78949fc93077e1aa7f05cf9f7e947727939cc96 +R 8bf997eb58840da6ea5fc0460a5915e4 U drh -Z 7fabc9263a982330a71ce326ddcb4d5b +Z ecfd6670d90bd69fb37c6fe27914ad94 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) -iD8DBQFNVLNeoxKgR168RlERAnOpAKCHCIoShZYXHuUaFypK9VIeAKx74QCfeuXj -wxJDR+7h4QKi3fBF3WRZCW4= -=fdWc +iD8DBQFNVN45oxKgR168RlERAvEcAKCKMMGQphlQ+Hn4oqkHISuiniFSUwCfWmNB +RyNIDwf8qVSXpFcCAhKBw4Q= +=C6OR -----END PGP SIGNATURE----- diff --git a/manifest.uuid b/manifest.uuid index 073b551de9..cdb7341de5 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -d78949fc93077e1aa7f05cf9f7e947727939cc96 \ No newline at end of file +a5c36b9f39ab9629b857ec9c550f3892c0d94fb4 \ No newline at end of file diff --git a/src/where.c b/src/where.c index c6f0cbe3f5..a57884c4bd 100644 --- a/src/where.c +++ b/src/where.c @@ -1354,16 +1354,18 @@ static void exprAnalyze( idxNew = whereClauseInsert(pWC, pNewExpr, TERM_VIRTUAL|TERM_DYNAMIC|TERM_VNULL); - testcase( idxNew==0 ); - pNewTerm = &pWC->a[idxNew]; - pNewTerm->leftCursor = pLeft->iTable; - pNewTerm->u.leftColumn = pLeft->iColumn; - pNewTerm->eOperator = WO_GT; - pNewTerm->iParent = idxTerm; - pTerm = &pWC->a[idxTerm]; - pTerm->nChild = 1; - pTerm->wtFlags |= TERM_COPIED; - pNewTerm->prereqAll = pTerm->prereqAll; + if( idxNew ){ + pNewTerm = &pWC->a[idxNew]; + pNewTerm->prereqRight = 0; + pNewTerm->leftCursor = pLeft->iTable; + pNewTerm->u.leftColumn = pLeft->iColumn; + pNewTerm->eOperator = WO_GT; + pNewTerm->iParent = idxTerm; + pTerm = &pWC->a[idxTerm]; + pTerm->nChild = 1; + pTerm->wtFlags |= TERM_COPIED; + pNewTerm->prereqAll = pTerm->prereqAll; + } } #endif /* SQLITE_ENABLE_STAT2 */