From: dan <dan@noemail.net>
Date: Thu, 24 Oct 2019 20:35:27 +0000 (+0000)
Subject: In fts5, fix a case of overreading a buffer by 1 byte when counting characters in... 
X-Git-Tag: version-3.31.0~385
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ef2df8f3435edb6ad260ab6ebbf0f151bf0a2a48;p=thirdparty%2Fsqlite.git

In fts5, fix a case of overreading a buffer by 1 byte when counting characters in malformed utf-8. Fix for [dd1f67bf].

FossilOrigin-Name: 8d964e1c21d4cea699023e02b0616a75c5859dd083c9365cdcbc0676ebbdaae4
---

diff --git a/ext/fts5/fts5_index.c b/ext/fts5/fts5_index.c
index 816274df49..015696f7b6 100644
--- a/ext/fts5/fts5_index.c
+++ b/ext/fts5/fts5_index.c
@@ -5318,6 +5318,7 @@ int sqlite3Fts5IndexCharlenToBytelen(
   for(i=0; i<nChar; i++){
     if( n>=nByte ) return 0;      /* Input contains fewer than nChar chars */
     if( (unsigned char)p[n++]>=0xc0 ){
+      if( n>=nByte ) break;
       while( (p[n] & 0xc0)==0x80 ){
         n++;
         if( n>=nByte ) break;
diff --git a/ext/fts5/test/fts5misc.test b/ext/fts5/test/fts5misc.test
index 9be73aeb3b..e58ae90547 100644
--- a/ext/fts5/test/fts5misc.test
+++ b/ext/fts5/test/fts5misc.test
@@ -218,6 +218,19 @@ do_execsql_test 7.2 {
   SELECT rowid FROM t1 WHERE rowid=2 AND t1 = 'hello';
 }
 
+#-------------------------------------------------------------------------
+#
+reset_db
+do_execsql_test 8.0 {
+  CREATE VIRTUAL TABLE vt0 USING fts5(c0, tokenize = "ascii", prefix = 1);
+  INSERT INTO vt0(c0) VALUES (x'd1');
+}
+
+breakpoint
+do_execsql_test 8.1 {
+  INSERT INTO vt0(vt0) VALUES('integrity-check');
+}
+
 
 finish_test
 
diff --git a/manifest b/manifest
index 9d3af284e6..f9593b107f 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Correction\sto\scheck-in\s[bec5b6d4d083556d]\sso\sthat\sit\sdetects\s*all*\ntriggers\sthat\smight\sperturb\sthe\sinsertion\scursor.\nTicket\s[50c09fc2cf0d91ce].
-D 2019-10-24T19:35:26.195
+C In\sfts5,\sfix\sa\scase\sof\soverreading\sa\sbuffer\sby\s1\sbyte\swhen\scounting\scharacters\sin\smalformed\sutf-8.\sFix\sfor\s[dd1f67bf].
+D 2019-10-24T20:35:27.749
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -116,7 +116,7 @@ F ext/fts5/fts5_buffer.c 5a5fe0159752c0fb0a5a93c722e9db2662822709490769d482b76a6
 F ext/fts5/fts5_config.c aab6117f8f85933e051c66f227414fdcaf7f2313688e16276b895f9d42d28e5c
 F ext/fts5/fts5_expr.c 5661fe64f4f5a499710df9561075de84b743f01e808af46df4130a9ec343a0fd
 F ext/fts5/fts5_hash.c 1cc0095646f5f3b46721aa112fb4f9bf29ae175cb5338f89dcec66ed97acfe75
-F ext/fts5/fts5_index.c d1bfebebe873905fe5d450e275b45af2d635b3e276452086f681c6d3d750398d
+F ext/fts5/fts5_index.c 99b77ae1f503978ca76985bcfff7345c822aed8bbaa8edb3747f804f614685b5
 F ext/fts5/fts5_main.c 1b2d41fd7cc2e8277f60e4156826f41fe5d6b1ccc2e54d70450883ab2ca697d2
 F ext/fts5/fts5_storage.c 167e3d8f8052a71032d498e32a2f2ed5ffe489e5d4d47e298adfa02ed55c7882
 F ext/fts5/fts5_tcl.c 39bcbae507f594aad778172fa914cad0f585bf92fd3b078c686e249282db0d95
@@ -189,7 +189,7 @@ F ext/fts5/test/fts5leftjoin.test c0b4cafb9661379e576dc4405c0891d8fcc27826807405
 F ext/fts5/test/fts5matchinfo.test 50d86da66ec5b27603dcd90ba0227f5d9deb10351cbc52974a88e24f6fc9b076
 F ext/fts5/test/fts5merge.test e92a8db28b45931e7a9c7b1bbd36101692759d00274df74d83fd29d25d53b3a6
 F ext/fts5/test/fts5merge2.test 3ebad1a59d6ad3fb66eff6523a09e95dc6367cbefb3cd73196801dea0425c8e2
-F ext/fts5/test/fts5misc.test adfccd3f065df52e306778c815f873ab779b9db34e9817b1d4b819132f914701
+F ext/fts5/test/fts5misc.test 1aefd6607106659a87dbce9f4766616c91e790ea84b9fa42e65096b7c99a132e
 F ext/fts5/test/fts5multi.test a15bc91cdb717492e6e1b66fec1c356cb57386b980c7ba5af1915f97fe878581
 F ext/fts5/test/fts5multiclient.test 5ff811c028d6108045ffef737f1e9f05028af2458e456c0937c1d1b8dea56d45
 F ext/fts5/test/fts5near.test 211477940142d733ac04fad97cb24095513ab2507073a99c2765c3ddd2ef58bd
@@ -1848,7 +1848,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 1a6e009372cf9571e540812c8607e95a86740112a1091f03e3f632339eccb629
-R 261f5a821821bff58698ad94c5756d8a
-U drh
-Z 32a0c838e11db7d7d6e97512ba7b2d3c
+P 521f1d36282549488a47a434484a24924ee970d29f05a8ae499b7d536bcd692b
+R 0e068e9d9a1f90654b1d1392ec7133b9
+U dan
+Z de4cd0a7404bbb9013415658a762354d
diff --git a/manifest.uuid b/manifest.uuid
index 0f8ad72971..05a16eff55 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-521f1d36282549488a47a434484a24924ee970d29f05a8ae499b7d536bcd692b
\ No newline at end of file
+8d964e1c21d4cea699023e02b0616a75c5859dd083c9365cdcbc0676ebbdaae4
\ No newline at end of file