From: shaneh <shaneh@noemail.net>
Date: Fri, 26 Mar 2010 01:54:33 +0000 (+0000)
Subject: Fix OOM error on ANALYZE with STAT2 enabled with zero-length data. Ticket [cbd054fa6b].
X-Git-Tag: version-3.7.2~516
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1141ae2463872abe40e90014974c5b332111f47c;p=thirdparty%2Fsqlite.git

Fix OOM error on ANALYZE with STAT2 enabled with zero-length data. Ticket [cbd054fa6b].

FossilOrigin-Name: c33b38b59f733494ca0bce3f59a669fe7ed76b9f
---

diff --git a/configure b/configure
old mode 100755
new mode 100644
diff --git a/install-sh b/install-sh
old mode 100755
new mode 100644
diff --git a/manifest b/manifest
index 12cd2d5b17..d55c804f68 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\sfor\s[9861b74ab9].\sCorrectly\shandle\sstrings\swith\szero\stokens\sin\sthe\sfts3\soffsets()\sfunction.
-D 2010-03-24T15:57:33
+C Fix\sOOM\serror\son\sANALYZE\swith\sSTAT2\senabled\swith\szero-length\sdata.\sTicket\s[cbd054fa6b].
+D 2010-03-26T01:54:33
 F Makefile.arm-wince-mingw32ce-gcc fcd5e9cd67fe88836360bb4f9ef4cb7f8e2fb5a0
 F Makefile.in 4f2f967b7e58a35bb74fb7ec8ae90e0f4ca7868b
 F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654
@@ -19,7 +19,7 @@ F art/src_logo.gif 9341ef09f0e53cd44c0c9b6fc3c16f7f3d6c2ad9
 F config.guess 226d9a188c6196f3033ffc651cbc9dcee1a42977
 F config.h.in 868fdb48c028421a203470e15c69ada15b9ba673
 F config.sub 9ebe4c3b3dab6431ece34f16828b594fb420da55
-F configure 72c0ad7c8cfabbffeaf8ca61e1d24143cf857eb2 x
+F configure 72c0ad7c8cfabbffeaf8ca61e1d24143cf857eb2
 F configure.ac 14740970ddb674d92a9f5da89083dff1179014ff
 F contrib/sqlitecon.tcl 210a913ad63f9f991070821e599d600bd913e0ad
 F doc/lemon.html f0f682f50210928c07e562621c3b7e8ab912a538
@@ -87,7 +87,7 @@ F ext/rtree/rtree_perf.tcl 6c18c1f23cd48e0f948930c98dfdd37dfccb5195
 F ext/rtree/rtree_util.tcl 06aab2ed5b826545bf215fff90ecb9255a8647ea
 F ext/rtree/tkt3363.test 2bf324f7908084a5f463de3109db9c6e607feb1b
 F ext/rtree/viewrtree.tcl eea6224b3553599ae665b239bd827e182b466024
-F install-sh 9d4de14ab9fb0facae2f48780b874848cbf2f895 x
+F install-sh 9d4de14ab9fb0facae2f48780b874848cbf2f895
 F ltmain.sh 3ff0879076df340d2e23ae905484d8c15d5fdea8
 F main.mk a36a05a481afcc00388c4d6d4db0e12cacb546e3
 F mkdll.sh 7d09b23c05d56532e9d44a50868eb4b12ff4f74a
@@ -103,7 +103,7 @@ F sqlite.pc.in 42b7bf0d02e08b9e77734a47798d1a55a9e0716b
 F sqlite3.1 6be1ad09113570e1fc8dcaff84c9b0b337db5ffc
 F sqlite3.pc.in ae6f59a76e862f5c561eb32a380228a02afc3cad
 F src/alter.c e6f4d11b1c0b23642fc46bac9abe0753c4294e05
-F src/analyze.c 92a65a5a402898a52b03695c7f0cd383724d711f
+F src/analyze.c 8dfd781ac326496746ecdfc3e099250ed5d79be5
 F src/attach.c 7abe1607c2054585377cdba3c219e8572f84ca5e
 F src/auth.c 523da7fb4979469955d822ff9298352d6b31de34
 F src/backup.c b293534bc2df23c57668a585b17ee7faaaef0939
@@ -616,6 +616,7 @@ F test/tkt-4a03edc4c8.test 2865e4edbc075b954daa82f8da7cc973033ec76e
 F test/tkt-5ee23731f.test 3581260f2a71e51db94e1506ba6b0f7311d002a9
 F test/tkt-78e04e52ea.test fb5430c675e708f5cbafdf3e7e5593da5145a527
 F test/tkt-94c04eaadb.test be5ea61cb04dfdc047d19b5c5a9e75fa3da67a7f
+F test/tkt-cbd054fa6b.test f14f97ea43662e6f70c9e63287081e8be5d9d589
 F test/tkt-d82e3f3721.test 731359dfdcdb36fea0559cd33fec39dd0ceae8e6
 F test/tkt-f777251dc7a.test 6f24c053bc5cdb7e1e19be9a72c8887cf41d5e87
 F test/tkt1435.test f8c52c41de6e5ca02f1845f3a46e18e25cadac00
@@ -793,7 +794,7 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
 F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
 F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e
 F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f
-P be278979917336e7186d7830876180154b5280ba
-R 6bbbd4e14a2d996a1a670e3cf1c5912f
-U dan
-Z 53e87a02495e18ae66f9c4a591836541
+P d37034f7fc46b83be681247fde97823736c994cc
+R f632179d00144c3248d5550420baa55a
+U shaneh
+Z 000ac439cfaa4b57f906b494905bfe51
diff --git a/manifest.uuid b/manifest.uuid
index 43ee895406..6a94a709b4 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-d37034f7fc46b83be681247fde97823736c994cc
\ No newline at end of file
+c33b38b59f733494ca0bce3f59a669fe7ed76b9f
\ No newline at end of file
diff --git a/src/analyze.c b/src/analyze.c
index 283a0e9d1e..72983412d3 100644
--- a/src/analyze.c
+++ b/src/analyze.c
@@ -618,12 +618,16 @@ int sqlite3AnalysisLoad(sqlite3 *db, int iDb){
                   n = 24;
                 }
                 pSample->nByte = (u8)n;
-                pSample->u.z = sqlite3DbMallocRaw(dbMem, n);
-                if( pSample->u.z ){
-                  memcpy(pSample->u.z, z, n);
+                if( n < 1){
+                  pSample->u.z = 0;
                 }else{
-                  db->mallocFailed = 1;
-                  break;
+                  pSample->u.z = sqlite3DbMallocRaw(dbMem, n);
+                  if( pSample->u.z ){
+                    memcpy(pSample->u.z, z, n);
+                  }else{
+                    db->mallocFailed = 1;
+                    break;
+                  }
                 }
               }
             }
diff --git a/test/tkt-cbd054fa6b.test b/test/tkt-cbd054fa6b.test
new file mode 100644
index 0000000000..6e7455b3a3
--- /dev/null
+++ b/test/tkt-cbd054fa6b.test
@@ -0,0 +1,87 @@
+# 2010 March 25
+#
+# The author disclaims copyright to this source code.  In place of
+# a legal notice, here is a blessing:
+#
+#    May you do good and not evil.
+#    May you find forgiveness for yourself and forgive others.
+#    May you share freely, never taking more than you give.
+#
+#***********************************************************************
+#
+# This file implements tests to verify that ticket [cbd054fa6b] has been
+# fixed.  
+#
+
+set testdir [file dirname $argv0]
+source $testdir/tester.tcl
+
+ifcapable !stat2 {
+  finish_test
+  return
+}
+
+do_test tkt-cbd05-1.1 {
+  db eval {
+    CREATE TABLE t1(a INTEGER PRIMARY KEY, b TEXT UNIQUE NOT NULL);
+    CREATE INDEX t1_x ON t1(b);
+    INSERT INTO t1 VALUES (NULL, '');
+    INSERT INTO t1 VALUES (NULL, 'A');
+    INSERT INTO t1 VALUES (NULL, 'B');
+    INSERT INTO t1 VALUES (NULL, 'C');
+    INSERT INTO t1 VALUES (NULL, 'D');
+    INSERT INTO t1 VALUES (NULL, 'E');
+    INSERT INTO t1 VALUES (NULL, 'F');
+    INSERT INTO t1 VALUES (NULL, 'G');
+    INSERT INTO t1 VALUES (NULL, 'H');
+    INSERT INTO t1 VALUES (NULL, 'I');
+    SELECT count(*) FROM t1;
+  }
+} {10}
+do_test tkt-cbd05-1.2 {
+  db eval {
+    ANALYZE;
+  }
+} {}
+do_test tkt-cbd05-1.3 {
+  execsql { 
+    SELECT tbl,idx,group_concat(sample,' ') 
+    FROM sqlite_stat2 
+    WHERE idx = 't1_x' 
+    GROUP BY tbl,idx
+  }
+} {t1 t1_x { A B C D E F G H I}}
+
+do_test tkt-cbd05-2.1 {
+  db eval {
+    DROP TABLE t1;
+    CREATE TABLE t1(a INTEGER PRIMARY KEY, b BLOB UNIQUE NOT NULL);
+    CREATE INDEX t1_x ON t1(b);
+    INSERT INTO t1 VALUES(NULL, X'');
+    INSERT INTO t1 VALUES(NULL, X'41');
+    INSERT INTO t1 VALUES(NULL, X'42');
+    INSERT INTO t1 VALUES(NULL, X'43');
+    INSERT INTO t1 VALUES(NULL, X'44');
+    INSERT INTO t1 VALUES(NULL, X'45');
+    INSERT INTO t1 VALUES(NULL, X'46');
+    INSERT INTO t1 VALUES(NULL, X'47');
+    INSERT INTO t1 VALUES(NULL, X'48');
+    INSERT INTO t1 VALUES(NULL, X'49');
+    SELECT count(*) FROM t1;
+  }
+} {10}
+do_test tkt-cbd05-2.2 {
+  db eval {
+    ANALYZE;
+  }
+} {}
+do_test tkt-cbd05-2.3 {
+  execsql { 
+    SELECT tbl,idx,group_concat(sample,' ') 
+    FROM sqlite_stat2 
+    WHERE idx = 't1_x' 
+    GROUP BY tbl,idx
+  }
+} {t1 t1_x { A B C D E F G H I}}
+
+finish_test