dan [Fri, 12 Jun 2026 18:35:24 +0000 (18:35 +0000)]
When reading a super-journal name from a journal file, allocate a new buffer rather than using Pager.pTmpSpace. This prevents a buffer overrun that could occur when using a VFS with a large sqlite3_vfs.mxPathname value with a database with a small page size.
drh [Fri, 12 Jun 2026 16:26:39 +0000 (16:26 +0000)]
Do not use shared locks on SHM files when the filename is a long DOS-device
path. Only used shared locks for UNC paths. Do not confuse the
long-DOS-device syntax with UNC paths.
dan [Fri, 12 Jun 2026 15:36:26 +0000 (15:36 +0000)]
Fix a buffer overwrite in fts3 that could occur while processing NEAR queries against corrupt records. Bug [bugs:/info/2026-06-11T23:11:26Z | 2026-06-11T23:11:26Z].
dan [Fri, 12 Jun 2026 11:24:30 +0000 (11:24 +0000)]
Fix a signed integer overflow that could occur in fts3 when processing corrupt database records. Bug [bugs:/info/2026-06-11T23:12:25Z | 2026-06-11T23:12:25Z].
dan [Wed, 10 Jun 2026 20:10:19 +0000 (20:10 +0000)]
When reading a super-journal name from a journal file, allocate a new buffer rather than using Pager.pTmpSpace. This prevents a buffer overrun that could occur when using a VFS with a large sqlite3_vfs.mxPathname value with a database with a small page size.
dan [Wed, 10 Jun 2026 16:51:20 +0000 (16:51 +0000)]
Fix a signed-integer overflow in fts5 that might occur when dealing with strategicly corrupted records. Bug [bugs:/info/2026-06-10T03:56:42Z | 2026-06-10T03:56:42Z].
drh [Wed, 10 Jun 2026 10:40:29 +0000 (10:40 +0000)]
Detect an OOM condition in the realpath() function of the fileio.c extension
and cause that function to return NULL. To Do: we should go back in and
fix realpath() to raise an SQLITE_NOMEM error on OOM rather than returning
NULL. But we will delay that, in as much as OOMs are all but impossible
on modern OSes.
[bug:/info/2026-06-10T07:46:32Z|Bug 2026-06-10T07:46:32Z].
drh [Wed, 10 Jun 2026 10:13:11 +0000 (10:13 +0000)]
Fix a possible signed integer overflow in the RBU extension given a
maliciously crafted delta.
[bugs:/info/2026-06-10T06:41:54Z|Bug 2026-06-10T06:41:54Z].
drh [Wed, 10 Jun 2026 09:51:33 +0000 (09:51 +0000)]
Harden code that processes Fossil Deltas against OOM and maliciously
malformed delta blobs.
[bugs:/info/2026-06-10T07:01:00Z|Bug 2026-06-10T07:01:00Z] and
[bugs:/info/2026-06-10T07:06:43Z|Bug 2026-06-10T07:06:43Z].
dan [Tue, 9 Jun 2026 10:43:37 +0000 (10:43 +0000)]
Avoid a possible integer overflow when fts5 tokenizes a very large document. Only possible with non-standard builds that use large values of SQLITE_MAX_LENGTH. Bug [bugs:/info/2026-06-09T05:27:16Z | 2026-06-09T05:27:16Z].
drh [Tue, 9 Jun 2026 10:16:40 +0000 (10:16 +0000)]
Change loop counter variables from int to i64 to avoid a potential
integer overflow inside an assert() statement when SQLite is compiled
with SQLITE_DEBUG and an extra-large SQLITE_MAX_LENGTH. Does not
affect production builds.
[bugs:/info/2026-06-09T08:53:14Z|Bug 2026-06-09T08:53:14Z].
dan [Mon, 8 Jun 2026 11:24:05 +0000 (11:24 +0000)]
Clamp the nToken parameter to the fts5 snippet() function between 0 and 64. It has always been documented this way, but not previously implemented. Report [bugs:/info/2026-06-08T08:29:00Z | 2026-06-08T08:29:00Z].
drh [Thu, 4 Jun 2026 16:56:11 +0000 (16:56 +0000)]
Disable the vector-IN-SELECT optimization if the number of columns is so
large that it would cause the WhereTerm.nChild column to wrap.
[bugs:/info/2026-06-04T10:00:49Z|Bug 2026-06-04T10:00:49Z].
dan [Thu, 4 Jun 2026 11:48:18 +0000 (11:48 +0000)]
Fix a crash that could be caused by configuring the pager-cache with a bulk allocation too small to fit even one page. Bug [bugs:/info/2026-06-04T07:03:12Z | 2026-06-04T07:03:12Z].
dan [Thu, 4 Jun 2026 11:19:43 +0000 (11:19 +0000)]
Fix problems with expressions like "(?,?,?) IN (SELECT c,b,a FROM ...)" when there is an index on columns "c", "b" and "a", but not in that order. Bug [bugs:/info/2026-06-04T07:02:53Z | 2026-06-04T07:02:53Z].
drh [Thu, 4 Jun 2026 11:18:11 +0000 (11:18 +0000)]
Clearly mark the ext/misc/wholenumber.c extension as "testing and
debugging use only". Fix a potential integer overflow that can occur
if the above warning is ignored.
[bugs:/info/2026-06-04T09:40:28Z|Bug 2026-06-04T09:40:28Z].
dan [Wed, 3 Jun 2026 17:21:12 +0000 (17:21 +0000)]
Update the utf-8 decoder in the ICU extension to treat invalid sequences as codepoint 0xFFFD, matching the core. Report [bugs:/info/2026-06-03T04:04:46Z | 2026-06-03T04:04:46Z].
dan [Wed, 3 Jun 2026 16:46:15 +0000 (16:46 +0000)]
Fix a faulty assert() in rtree that could fire when processing an unusually large record. Bug [bugs:/info/2026-06-03T14:44:46Z | 2026-06-03T14:44:46Z].
drh [Wed, 3 Jun 2026 16:21:17 +0000 (16:21 +0000)]
Use tail recursion on the larger of the two partitions when doing a
quicksort as part of the implementation of the median() function,
to avoid excess stack usage on pathological inputs.
[bugs:/info/2026-06-03T07:26:42Z|Bug 2026-06-03T07:26:42Z].
dan [Wed, 3 Jun 2026 15:29:59 +0000 (15:29 +0000)]
Fix an integer overflow problem in fts3 that could lead to a buffer overwrite on platforms where size_t is 32-bits. Bug [bugs:/info/2026-06-03T04:28:51Z | 2026-06-03T04:28:51Z].
drh [Wed, 3 Jun 2026 10:55:08 +0000 (10:55 +0000)]
Make the (unused, untested, and unsupported) ext/misc/compress.c routines
responsive to OOM conditions.
[bugs:/info/2026-06-03T08:28:36Z|Bug 2026-06-03T08:28:36Z].
drh [Tue, 2 Jun 2026 10:08:30 +0000 (10:08 +0000)]
Fix the CLI so that it works when compiled using STDCALL on
Microsoft x86. Change should not affect other platforms.
[forum:/info/2026-06-02T09:44:12Z|Forum 2026-06-02T09:44:12Z].
dan [Mon, 1 Jun 2026 16:20:40 +0000 (16:20 +0000)]
For expressions of the form "(x, y...) IN (SELECT a, b ...)" where the result is not true, consider the collation sequences of columns "a" and "b" when determinining if the result should be false or NULL. Bug report [bugs:/info/0785f45e67 | 2026-05-31T02:10:44Z].
stephan [Mon, 1 Jun 2026 13:14:48 +0000 (13:14 +0000)]
Remove the data type ANY added to the shell's CSV exports in [aff74e71ea734e1a], as discussed in [forum:2ea4c50f69fc9829|forum post 2026-06-01T12:01:59Z].
drh [Mon, 1 Jun 2026 12:36:28 +0000 (12:36 +0000)]
Do not allow the argument to a table-valued function to reference a table
to its right, even if the SELECT is inside a common table expression.
This is a replacement for the fix at [3c0a277e6741c722]. Fix
for multiple dbsqlfuzz reports and probably also a fix
for [bugs:/info/b6c6fad96c|Bug 2026-06-01T07:23:11Z].
drh [Mon, 1 Jun 2026 10:53:28 +0000 (10:53 +0000)]
Extra defenses against integer overflows in the untested, unused, and
unsupported transliterate() SQL extension function found in the
ext/misc/spellfix.c extension.
[bugs:/info/2026-06-01T10:34:57Z|Bug 2026-06-01T10:34:57Z].
drh [Sun, 31 May 2026 15:49:57 +0000 (15:49 +0000)]
Fix the zipfile extension so that ZIP archives containing files whose names
contain embedded \000 bytes do not cause problems.
[bugs:/info/2026-05-31T11:43:05Z|Bug 2026-05-31T11:43:05Z].
drh [Sun, 31 May 2026 09:18:31 +0000 (09:18 +0000)]
Fix the format() SQL function so that it reports TOOBIG and NOMEM errors.
Fix a possible integer overflow on %#Q formatting.
[bugs:/info/2026-05-31T02:00:07Z|Bug 2026-05-31T02:00:07Z].
drh [Sat, 30 May 2026 13:23:25 +0000 (13:23 +0000)]
Add a test to ensure an application does not try to create a geopoly
virtual table with too many columns.
[bugs:/info/2026-05-30T12:47:27Z|Bug 2026-05-30T12:47:27Z].
drh [Sat, 30 May 2026 10:24:03 +0000 (10:24 +0000)]
Harden the diskused.c extension against NULL pointer deferences that
might have previously occurred when given a corrupt database file.
[bug:/info/2026-05-30T07:08:55Z|Bug 2026-05-30T07:08:55Z].
drh [Fri, 29 May 2026 14:57:38 +0000 (14:57 +0000)]
Rename the ext/misc/analyze.c extension to ext/misc/diskused.c, to avoid
confusion with the src/analyze.c file. The function is now called
"diskused(X)" instead of "analyze(X)". The CLI command is renamed
from ".dbstat" to ".diskused".
drh [Fri, 29 May 2026 12:23:38 +0000 (12:23 +0000)]
The -csv option to the CLI also sets "-limits off", for legacy
compatibility, and because that seems to make sense.
[forum:/info/2026-05-28T16:23:36Z|Forum thread 2026-05-28T16:23:36Z].
drh [Thu, 28 May 2026 11:16:55 +0000 (11:16 +0000)]
Fix an infinite loop that can occur in the unused, untested, and
unsupported ext/misc/btreeinfo.c extension if it is presented with
a corrupt database file.
[bugs:/forumpost/b43c44cc1c|Bug 2026-05-28T05:41:01Z].
dan [Fri, 22 May 2026 14:29:33 +0000 (14:29 +0000)]
Update the session module so that it can apply changesets containing two or more UPDATE changes that form a dependency loop - so that no single UPDATE can be applied independently without violating a constraint.
dan [Fri, 22 May 2026 14:22:14 +0000 (14:22 +0000)]
Add the SQLITE_CHANGESETAPPLY_NOUPDATELOOP option to the sqlite3_changeset_apply_v2/3() method. To disable the extra processing to commit changesets that swap two or more values subject to a UNIQUE constraint between rows.
projects / thirdparty / sqlite.git / log
