From: drh <> Date: Tue, 16 Dec 2025 13:13:21 +0000 (+0000) Subject: Stricter enforcement of the LIKE_PATTERN_LENGTH for the regexp extension. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=28ec7be6070a1c19ba67e031cc6f97da19bf7b07;p=thirdparty%2Fsqlite.git Stricter enforcement of the LIKE_PATTERN_LENGTH for the regexp extension. FossilOrigin-Name: c94b1e9c5674f7d0ad75d91085262f38cba6036979e8a0f9d39edc7db841915f --- diff --git a/ext/misc/regexp.c b/ext/misc/regexp.c index f1babf4ab7..038cebc5eb 100644 --- a/ext/misc/regexp.c +++ b/ext/misc/regexp.c @@ -740,11 +740,18 @@ static const char *re_compile( } /* -** Compute a reasonable limit on the length of the REGEXP NFA. +** The value of LIMIT_MAX_PATTERN_LENGTH. */ static int re_maxlen(sqlite3_context *context){ sqlite3 *db = sqlite3_context_db_handle(context); - return 75 + sqlite3_limit(db, SQLITE_LIMIT_LIKE_PATTERN_LENGTH,-1)/2; + return sqlite3_limit(db, SQLITE_LIMIT_LIKE_PATTERN_LENGTH,-1); +} + +/* +** Maximum NFA size given a maximum pattern length. +*/ +static int re_maxnfa(int mxlen){ + return 75+mxlen/2; } /* @@ -770,10 +777,17 @@ static void re_sql_func( (void)argc; /* Unused */ pRe = sqlite3_get_auxdata(context, 0); if( pRe==0 ){ + int mxLen = re_maxlen(context); + int nPattern; zPattern = (const char*)sqlite3_value_text(argv[0]); if( zPattern==0 ) return; - zErr = re_compile(&pRe, zPattern, re_maxlen(context), - sqlite3_user_data(context)!=0); + nPattern = sqlite3_value_bytes(argv[0]); + if( nPattern>mxLen ){ + zErr = "REGEXP pattern too big"; + }else{ + zErr = re_compile(&pRe, zPattern, re_maxnfa(mxLen), + sqlite3_user_data(context)!=0); + } if( zErr ){ re_free(pRe); sqlite3_result_error(context, zErr, -1); @@ -839,7 +853,7 @@ static void re_bytecode_func( zPattern = (const char*)sqlite3_value_text(argv[0]); if( zPattern==0 ) return; - zErr = re_compile(&pRe, zPattern, re_maxlen(context), + zErr = re_compile(&pRe, zPattern, re_maxnfa(re_maxlen(context)), sqlite3_user_data(context)!=0); if( zErr ){ re_free(pRe); diff --git a/manifest b/manifest index c87275a261..233e1e30a6 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sfor\soptimizing\s"SELECT\sDISTINCT\s...cols...\sFROM\svtab"\sin\scases\swhere\sthe\svirtual\stable\simplementation\sis\sable\sto\sdeliver\sresults\ssorted\sby\s"...cols...". -D 2025-12-15T18:45:22.198 +C Stricter\senforcement\sof\sthe\sLIKE_PATTERN_LENGTH\sfor\sthe\sregexp\sextension. +D 2025-12-16T13:13:21.715 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea @@ -387,7 +387,7 @@ F ext/misc/percentile.c 72e05a21db20a2fa85264b99515941f00ae698824c9db82d7edfbb16 F ext/misc/prefixes.c 82645f79229877afab08c8b08ca1e7fa31921280906b90a61c294e4f540cd2a6 F ext/misc/qpvtab.c fc189e127f68f791af90a487f4460ec91539a716daf45a0c357e963fd47cc06c F ext/misc/randomjson.c ef835fc64289e76ac4873b85fe12f9463a036168d7683cf2b773e36e6262c4ed -F ext/misc/regexp.c f1f7cfe90fc027b33d2b5ae7d6235eecce69c3aca71c9afce56fec62342c8b44 +F ext/misc/regexp.c 84691212927260db6bc66e86c791f0c813f5f2cd756c525e47a93f0de1af083b F ext/misc/remember.c add730f0f7e7436cd15ea3fd6a90fd83c3f706ab44169f7f048438b7d6baa69c F ext/misc/rot13.c 51ac5f51e9d5fd811db58a9c23c628ad5f333c173f1fc53c8491a3603d38556c F ext/misc/scrub.c 2a44b0d44c69584c0580ad2553f6290a307a49df4668941d2812135bfb96a946 @@ -1531,6 +1531,7 @@ F test/rbu.test 168573d353cd0fd10196b87b0caa322c144ef736 F test/rdonly.test 64e2696c322e3538df0b1ed624e21f9a23ed9ff8 F test/readonly.test 0d307c335b3421898cfe64a783a376138aa003849b6bff61ee2d21e805bc0051 F test/recover.test 643139b911ac880a1e881d7621f02cfb546b608b8f2494d7d26fd5ed103b1ceb +F test/regexp1.sql 2d1ab671e03daff2f4c4dbd9b196697ace0fbd095bbca8a2b842a47f272ea2b3 F test/regexp1.test 8f2a8bc1569666e29a4cee6c1a666cd224eb6d50e2470d1dc1df995170f3e0f1 F test/regexp2.test 64f9726b2ddc71aea06725fcad53231833d038d58b936d49083ace658b370a13 F test/reindex.test cd9d6021729910ece82267b4f5e1b5ac2911a7566c43b43c176a6a4732e2118d @@ -1621,7 +1622,7 @@ F test/shell7.test 43fd8e511c533bab5232e95c7b4be93b243451709e89582600d4b6e67693d F test/shell8.test 641cf21a99c59404c24e3062923734951c4099a6b6b6520de00cf7a1249ee871 F test/shell9.test 8742a5b390cdcef6369f5aa223e415aa4255a4129ef249b177887dc635a87209 F test/shellA.test 05cdaafa1f79913654487ce3aefa038d4106245d58f52e02faf506140a76d480 -F test/shellB.test 83950926667acf60b07f5d7a808e524ec725432633c005aa3ced5cb48388cf73 +F test/shellB.test 16de54cd7fefc91beebec3216ed874ce53954378a0a2a84bf0838daaef0bc49d F test/shmlock.test 9f1f729a7fe2c46c88b156af819ac9b72c0714ac6f7246638a73c5752b5fd13c F test/shortread1.test bb591ef20f0fd9ed26d0d12e80eee6d7ac8897a3 F test/show_speedtest1_rtree.tcl 32e6c5f073d7426148a6936a0408f4b5b169aba5 @@ -2185,8 +2186,8 @@ F tool/version-info.c 33d0390ef484b3b1cb685d59362be891ea162123cea181cb8e6d2cf6dd F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7 F tool/warnings.sh d924598cf2f55a4ecbc2aeb055c10bd5f48114793e7ba25f9585435da29e7e98 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f -P b158fe929929ae209f2603b11a2c4f44ad9147f6b2ce09a10ec1f92429402631 -R 87e950431c946f719f368f65df2a4ac5 -U dan -Z 4fe9c24f00a542c21fce94ac75a3f7f8 +P 80c0d922937615422e813593ac4eb83c3040a417fad97dba18a549de50a91b72 +R bef9b6b791509558835588637279fc72 +U drh +Z df65cf1ca598c3ab9c9a83d34629e6c5 # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index 8e660a57b0..4aa5424bf9 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -80c0d922937615422e813593ac4eb83c3040a417fad97dba18a549de50a91b72 +c94b1e9c5674f7d0ad75d91085262f38cba6036979e8a0f9d39edc7db841915f diff --git a/test/regexp1.sql b/test/regexp1.sql new file mode 100644 index 0000000000..f1a16a695a --- /dev/null +++ b/test/regexp1.sql @@ -0,0 +1,32 @@ +#!sqlite3 +# +# 2025-12-16 +# +# The author disclaims copyright to this source code. In place of +# a legal notice, here is a blessing: +# +# May you do good and not evil. +# May you find forgiveness for yourself and forgive others. +# May you share freely, never taking more than you give. +# +#*********************************************************************** +# +# Test cases for the oversized patterns in the REGEXP extension found +# at ext/misc/regexp.c. +# +.mode list +.testcase 100 +-- 0 1 2 3 4 +-- 123456789 123456789 123456789 123456789 123 +SELECT 'abcdefg' REGEXP '((((((((((((((((((abcdefg))))))))))))))))))'; +.check "1\n" + +.limit like_pattern_length 42 +.testcase 110 +SELECT 'abcdefg' REGEXP '((((((((((((((((((abcdefg))))))))))))))))))'; +.check -glob "Error near line #: REGEXP pattern too big*" + +.limit like_pattern_length 43 +.testcase 120 +SELECT 'abcdefg' REGEXP '((((((((((((((((((abcdefg))))))))))))))))))'; +.check "1\n" diff --git a/test/shellB.test b/test/shellB.test index 7446cd9aeb..2b3fd94734 100644 --- a/test/shellB.test +++ b/test/shellB.test @@ -42,5 +42,6 @@ proc do_clitest {name} { do_clitest modeA.sql do_clitest dblwidth-a.sql do_clitest vt100-a.sql +do_clitest regexp1.sql finish_test