From 65a0ce16aa2eb4153816ef19836b8ae18906fe3f Mon Sep 17 00:00:00 2001
From: drh <drh@noemail.net>
Date: Tue, 4 Jan 2011 20:06:33 +0000
Subject: [PATCH] Fix a null-pointer dereference that can occur on an OOM error
 while running ANALYZE with SQLITE_ENABLE_STAT2.

FossilOrigin-Name: 73128d4ef5d7703bf7af0553c307b55dc1b783f6
---
 manifest      | 18 +++++++++---------
 manifest.uuid |  2 +-
 src/analyze.c |  7 +++++--
 3 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/manifest b/manifest
index 30ce694c15..494390ee4d 100644
--- a/manifest
+++ b/manifest
@@ -1,8 +1,8 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
-C Fix\sthe\sANALYZE\scommand\sso\sthat\sit\stakes\scollating\ssequences\sinto\saccount\nwhen\sgathering\sindex\sstatistics.
-D 2011-01-04T19:01:27
+C Fix\sa\snull-pointer\sdereference\sthat\scan\soccur\son\san\sOOM\serror\swhile\srunning\nANALYZE\swith\sSQLITE_ENABLE_STAT2.
+D 2011-01-04T20:06:33
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in de6498556d536ae60bb8bb10e8c1ba011448658c
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -116,7 +116,7 @@ F sqlite.pc.in 42b7bf0d02e08b9e77734a47798d1a55a9e0716b
 F sqlite3.1 6be1ad09113570e1fc8dcaff84c9b0b337db5ffc
 F sqlite3.pc.in ae6f59a76e862f5c561eb32a380228a02afc3cad
 F src/alter.c 6a0c176e64a34929a4436048066a84ef4f1445b3
-F src/analyze.c a2257126f629615fee6381526d928487b44d628f
+F src/analyze.c 3af3fdb5edea9e69496b078935a3e6a2a1118b30
 F src/attach.c 252c4f7e36cc219349451ed63e278c60e80b26f3
 F src/auth.c 523da7fb4979469955d822ff9298352d6b31de34
 F src/backup.c d5b0137bc20327af08c14772227cc35134839c30
@@ -898,14 +898,14 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
 F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
 F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e
 F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f
-P 824c8dd3015bbd5c8a1dd661cfe09fe5bf7a80d3
-R d21b60403fa8454869264e5a7d85a460
+P a5867cfc4c9b9155fa345247dec29e38fffa8002
+R 33920abd29ec7da3a05c7b6407d444e4
 U drh
-Z 85dcf9c1c5d1988281920e678e21e010
+Z fee44c23be46975276d6ff90647b1cd8
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.6 (GNU/Linux)
 
-iD8DBQFNI26OoxKgR168RlERAjyZAJ0cxp7jjQMaSBHHPEQ/Ng2xxCrQ6QCeJqqw
-pD4g20IkcXJp5ot9VEJNDSI=
-=6TbT
+iD8DBQFNI348oxKgR168RlERArxzAJ48mvtLODhvrcwzodfd2cfkKQoKAgCfTW4G
+KYtbHKKaTCI2uRFS5jBRYsE=
+=uWmE
 -----END PGP SIGNATURE-----
diff --git a/manifest.uuid b/manifest.uuid
index e1fc8b066b..23399c4ad7 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-a5867cfc4c9b9155fa345247dec29e38fffa8002
\ No newline at end of file
+73128d4ef5d7703bf7af0553c307b55dc1b783f6
\ No newline at end of file
diff --git a/src/analyze.c b/src/analyze.c
index 51fd92500c..3693aad833 100644
--- a/src/analyze.c
+++ b/src/analyze.c
@@ -636,8 +636,11 @@ int sqlite3AnalysisLoad(sqlite3 *db, int iDb){
 
     if( rc==SQLITE_OK ){
       while( sqlite3_step(pStmt)==SQLITE_ROW ){
-        char *zIndex = (char *)sqlite3_column_text(pStmt, 0);
-        Index *pIdx = sqlite3FindIndex(db, zIndex, sInfo.zDatabase);
+        char *zIndex;   /* Index name */
+        Index *pIdx;    /* Pointer to the index object */
+
+        zIndex = (char *)sqlite3_column_text(pStmt, 0);
+        pIdx = zIndex ? sqlite3FindIndex(db, zIndex, sInfo.zDatabase) : 0;
         if( pIdx ){
           int iSample = sqlite3_column_int(pStmt, 1);
           if( iSample<SQLITE_INDEX_SAMPLES && iSample>=0 ){
-- 
2.47.2