From: drh <>
Date: Fri, 19 Jun 2026 22:17:09 +0000 (+0000)
Subject: Put the sqlite3OomStr singleton in "const" space to ensure that it is
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=fa8e52021fa8fded59844ae8fed967346d44dc7a;p=thirdparty%2Fsqlite.git

Put the sqlite3OomStr singleton in "const" space to ensure that it is
never modified.  Doing so identified a long-standing bug.

FossilOrigin-Name: 2fe53e6d68c3f9f1c4b064fa40fe8efe12025179a973182f0bb256acb9b5d58d
---

diff --git a/manifest b/manifest
index 88cfdebb75..8d5ad117c5 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Additional\schanges\sbased\son\sClaude\sanalysis.
-D 2026-06-19T21:43:04.776
+C Put\sthe\ssqlite3OomStr\ssingleton\sin\s"const"\sspace\sto\sensure\sthat\sit\sis\nnever\smodified.\s\sDoing\sso\sidentified\sa\slong-standing\sbug.
+D 2026-06-19T22:17:09.719
 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
@@ -692,7 +692,7 @@ F src/expr.c e97dd9f6ada4c448764e225d8963091bf630b3efb2c92e4d0762571cca2a14e5
 F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007
 F src/fkey.c 931f74cec1dc8038a0217ef340c91ce147dd1bbed08dc40c47ee0ec6edfffb08
 F src/func.c 7e049176003271095ba560bca90995c8cb7c1e944aee539513daba015b172a18
-F src/global.c 2ea9484d8735e8d8077d4e9ed00b76563a851e7de86d7c65c08d6dd00de71ff2
+F src/global.c 7eea537ac0c113ac55cb2dd4d8fc2a6a91ae478be34231b4efaffc46817fee85
 F src/hash.c 03c8c0f4be9e8bcb6de65aa26d34a61d48a9430747084a69f9469fbb00ea52ca
 F src/hash.h 46b92795a95bfefb210f52f0c316e9d7cdbcdd7e7fcfb0d8be796d3a5767cddf
 F src/hwtime.h 5cb15147c8583d0fc4748e1c12ea6f38c9deaeefa147a4d8d379fd9bc81fee9a
@@ -733,7 +733,7 @@ F src/pcache.h 092b758d2c5e4dabb30eae46d8dfad77c0f70b16bf3ff1943f7a232b0fe0d4ba
 F src/pcache1.c d7ee0f95992501a65379f620b3de1430b64e52e397769938668a9fd9dd1c8145
 F src/pragma.c 789ef67117b74b5be0a2db6681f7f0c55e6913791b9da309aefd280de2c8a74d
 F src/prepare.c d055c59c23b917367ed199a52888132316aa9cb9f7653ca71f0c45bd267206fd
-F src/printf.c 54e6dc74d81dc40dd142aef2a778ef6b867539cce9694063ccd5bc3fbbe06735
+F src/printf.c 6916d50913c3271aefe96d3483701ceca8644331ec4c7b23a5aa54a9ba36230f
 F src/random.c 606b00941a1d7dd09c381d3279a058d771f406c5213c9932bbd93d5587be4b9c
 F src/resolve.c d0724113da9f5c0430d2052808ce59519f51ae7c4fbb1f5ef21fe3a832956086
 F src/rowset.c 8432130e6c344b3401a8874c3cb49fefe6873fec593294de077afea2dce5ec97
@@ -742,7 +742,7 @@ F src/shell.c.in a4e83895cfa336065ad7f7a7dea8fc2a19d050f7ce7466621c67208acaac9e4
 F src/sqlite.h.in 8c70db561507478176b942a3f88cac396e00993eafb827ed31d48c191f327408
 F src/sqlite3.rc 015537e6ac1eec6c7050e17b616c2ffe6f70fca241835a84a4f0d5937383c479
 F src/sqlite3ext.h 0efd4723bad9124ea1f581d9f1ea0254ac1c6f3e5fb29e4f3dcf36c72485a456
-F src/sqliteInt.h fc70987022ecc7537473b5fa49881f3b0c7b555ad2a3ae0d2f8aaf368bab1080
+F src/sqliteInt.h 92563b8edc673513b82d87bf6a8d7aeb554b2c7b7d5e30992fbca04010db79ac
 F src/sqliteLimit.h c70656b67ab5b96741a8f1c812bdd80c81f2b1c1e443d0cc3ea8c33bb1f1a092
 F src/status.c 7565d63a79aa2f326339a24a0461a60096d0bd2bce711fefb50b5c89335f3592
 F src/table.c 0f141b58a16de7e2fbe81c308379e7279f4c6b50eb08efeec5892794a0ba30d1
@@ -807,7 +807,7 @@ F src/vacuum.c d3d35d8ae893d419ade5fa196d761a83bddcbb62137a1a157ae751ef38b26e82
 F src/vdbe.c 39658ee12b9d6bf5fc546e1ede20b307d86d9e988ae709c9b461249a8312513d
 F src/vdbe.h 70e862ac8a11b590f8c1eaac17a0078429d42bc4ea3f757a9af0f451dd966a71
 F src/vdbeInt.h c31ba4dc8d280c2b1dc89c6fcee68f2555e3813ab34279552c20b964c0e338b1
-F src/vdbeapi.c 099eebc9d40d939b95aff89599f4eb7c7bf72374ec14db3efc8a61c2b73c8df7
+F src/vdbeapi.c 15c55a4be8edc06055502e15f60f444c8fc5cb6134e38b8486742e89670d5e8f
 F src/vdbeaux.c a052c43fcf342651f655e6771003c175d49b237a9473c3c4d79d44725f494dae
 F src/vdbeblob.c b3f0640db9642fbdc88bd6ebcc83d6009514cafc98f062f675f2c8d505d82692
 F src/vdbemem.c 6e7ad67507c9a8e625b46256a9c003929331d6a27b99bbe139b8f0dab636e1f2
@@ -2208,8 +2208,8 @@ F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee
 F tool/warnings.sh a554d13f6e5cf3760f041b87939e3d616ec6961859c3245e8ef701d1eafc2ca2
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
 F tool/winmain.c 00c8fb88e365c9017db14c73d3c78af62194d9644feaf60e220ab0f411f3604c
-P 974253a6058a7120354261b2134ed4803373031996957c7334161370b80bf428
-R d4284c01ee44237e94afe9a4eed3b649
+P d4691a0db1e96b646d3094f183b1fc330411a2d2472b09f9b5fe0fb268b5ca09
+R 145cd6d2b4e7e0d75fa1a0ce2f39b485
 U drh
-Z 5b79ac2945f5d69359867642a74e7c86
+Z d46f3685c2145cc293e91b653e420b9b
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index 1a0421b149..e1d6a3e2eb 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-d4691a0db1e96b646d3094f183b1fc330411a2d2472b09f9b5fe0fb268b5ca09
+2fe53e6d68c3f9f1c4b064fa40fe8efe12025179a973182f0bb256acb9b5d58d
diff --git a/src/global.c b/src/global.c
index 3fac6b194d..020eb2c02b 100644
--- a/src/global.c
+++ b/src/global.c
@@ -314,7 +314,7 @@ FuncDefHash sqlite3BuiltinFunctions;
 ** sqlite3_str object accepts no new text and always returns
 ** an SQLITE_NOMEM error.
 */
-sqlite3_str sqlite3OomStr = {
+const sqlite3_str sqlite3OomStr = {
    0, 0, 0, 0, 0, SQLITE_NOMEM, 0
 };
 
diff --git a/src/printf.c b/src/printf.c
index 527bf68cbe..38c8979db1 100644
--- a/src/printf.c
+++ b/src/printf.c
@@ -1326,7 +1326,7 @@ char *sqlite3StrAccumFinish(StrAccum *p){
 */
 char *sqlite3_str_finish(sqlite3_str *p){
   char *z;
-  if( p!=0 && p!=&sqlite3OomStr ){
+  if( p!=0 && p!=(sqlite3_str*)&sqlite3OomStr ){
     z = sqlite3StrAccumFinish(p);
     sqlite3_free(p);
   }else{
@@ -1367,6 +1367,8 @@ void sqlite3_str_reset(StrAccum *p){
   if( isMalloced(p) ){
     sqlite3DbFree(p->db, p->zText);
     p->printfFlags &= ~SQLITE_PRINTF_MALLOCED;
+  }else if( p==(sqlite3_str*)&sqlite3OomStr ){
+    return;
   }
   p->nAlloc = 0;
   p->nChar = 0;
@@ -1378,7 +1380,7 @@ void sqlite3_str_reset(StrAccum *p){
 ** of its content, all in one call.
 */
 void sqlite3_str_free(sqlite3_str *p){
-  if( p!=0 && p!=&sqlite3OomStr ){
+  if( p!=0 && p!=(sqlite3_str*)&sqlite3OomStr ){
     sqlite3_str_reset(p);
     sqlite3_free(p);
   }
@@ -1415,7 +1417,7 @@ sqlite3_str *sqlite3_str_new(sqlite3 *db){
     sqlite3StrAccumInit(p, 0, 0, 0,
             db ? db->aLimit[SQLITE_LIMIT_LENGTH] : SQLITE_MAX_LENGTH);
   }else{
-    p = &sqlite3OomStr;
+    p = (sqlite3_str*)&sqlite3OomStr;
   }
   return p;
 }
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index b6c6a8f31c..0c48f8707e 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -5504,7 +5504,7 @@ extern const unsigned char *sqlite3aGTb;
 extern const unsigned char sqlite3CtypeMap[];
 extern SQLITE_WSD struct Sqlite3Config sqlite3Config;
 extern FuncDefHash sqlite3BuiltinFunctions;
-extern sqlite3_str sqlite3OomStr;
+extern const sqlite3_str sqlite3OomStr;
 #ifndef SQLITE_OMIT_WSD
 extern int sqlite3PendingByte;
 #endif
diff --git a/src/vdbeapi.c b/src/vdbeapi.c
index a9dc456278..d523836db9 100644
--- a/src/vdbeapi.c
+++ b/src/vdbeapi.c
@@ -772,7 +772,7 @@ void sqlite3_result_str(sqlite3_context *pCtx, sqlite3_str *pStr, int eOwn){
     sqlite3_result_error_toobig(pCtx);
   }
   if( eOwn ){
-    testcase( pStr==&sqlite3OomStr );
+    testcase( pStr==(sqlite3_str*)&sqlite3OomStr );
     if( pStr->accError==0 ){
       sqlite3StrAccumInit(pStr, pStr->db, 0, 0, pStr->mxAlloc);
     }