Take care to avoid a buffer over-read when adding a KEYINFO structure
to the P4 parameter of an opcode. FossilOrigin-Name: 937b931a7cdad6874638158ed6a9ab6356b0bd0c
This commit is contained in:
drh
parent
c2a4bab462
commit
a378c566d2
18
manifest
18
manifest
@ -1,8 +1,8 @@
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA1
|
||||
|
||||
C If\sthe\ssize\sof\sthe\sdatabase\saccording\sto\sthe\sheader\sis\slarger\sthan\sthe\s\nactual\sdatabase\sfile\ssize,\sreport\sthat\sthe\sdatabase\sis\scorrupt.
|
||||
D 2010-04-02T12:46:46
|
||||
C Take\scare\sto\savoid\sa\sbuffer\sover-read\swhen\sadding\sa\sKEYINFO\sstructure\s\nto\sthe\sP4\sparameter\sof\san\sopcode.
|
||||
D 2010-04-02T12:55:39
|
||||
F Makefile.arm-wince-mingw32ce-gcc fcd5e9cd67fe88836360bb4f9ef4cb7f8e2fb5a0
|
||||
F Makefile.in 4f2f967b7e58a35bb74fb7ec8ae90e0f4ca7868b
|
||||
F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654
|
||||
@ -218,7 +218,7 @@ F src/vdbe.c 760a0857cdcc000759bd3a5b8e2907dd351072bc
|
||||
F src/vdbe.h 471f6a3dcec4817ca33596fe7f6654d56c0e75f3
|
||||
F src/vdbeInt.h ae1e6ba0dd3fb4a886898d2829d748be701b01f8
|
||||
F src/vdbeapi.c 74c25680046a116b24b95393914d3669c23305dc
|
||||
F src/vdbeaux.c 863cd854d343e3e71622f20e5066d3007f9216c5
|
||||
F src/vdbeaux.c 3028b2d50df39697e21263685349b5ff1333a29b
|
||||
F src/vdbeblob.c 5327132a42a91e8b7acfb60b9d2c3b1c5c863e0e
|
||||
F src/vdbemem.c 2a82f455f6ca6f78b59fb312f96054c04ae0ead1
|
||||
F src/vdbetrace.c 864cef96919323482ebd9986f2132435115e9cc2
|
||||
@ -797,14 +797,14 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
|
||||
F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
|
||||
F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e
|
||||
F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f
|
||||
P b04a45ea9714e7a35372b5d6a58868b307d10502
|
||||
R 06ecba5df1d5408ada18a2d2a32d9a06
|
||||
P 8eb1f2443f2712920452b7ed3fb835c7f3221191
|
||||
R 7b23fa04681509f7f03c180e2cb207ef
|
||||
U drh
|
||||
Z 62a18eff5162d3c5f6dbbcc5b8811101
|
||||
Z be5a4dabda99980b85561772989aa01d
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1.4.6 (GNU/Linux)
|
||||
|
||||
iD8DBQFLtec5oxKgR168RlERAtopAKCCfpIK0uzxHa5hP0afNalmHZOLEACeI23I
|
||||
DZeffigSN9kUTWYrQA9NS9w=
|
||||
=ul9b
|
||||
iD8DBQFLtelOoxKgR168RlERAgU6AJ0QBxber/Z+M94ECEzPsGlPVSdrvwCeNxOo
|
||||
XLX0wypT7RatZGUdGUJO7Dk=
|
||||
=S/qb
|
||||
-----END PGP SIGNATURE-----
|
||||
|
||||
@ -1 +1 @@
|
||||
8eb1f2443f2712920452b7ed3fb835c7f3221191
|
||||
937b931a7cdad6874638158ed6a9ab6356b0bd0c
|
||||
@ -743,7 +743,7 @@ void sqlite3VdbeChangeP4(Vdbe *p, int addr, const char *zP4, int n){
|
||||
pOp->p4.pKeyInfo = pKeyInfo;
|
||||
if( pKeyInfo ){
|
||||
u8 *aSortOrder;
|
||||
memcpy((char*)pKeyInfo, zP4, nByte);
|
||||
memcpy((char*)pKeyInfo, zP4, nByte - nField);
|
||||
aSortOrder = pKeyInfo->aSortOrder;
|
||||
if( aSortOrder ){
|
||||
pKeyInfo->aSortOrder = (unsigned char*)&pKeyInfo->aColl[nField];
|
||||
|
||||
Loading…
Reference in New Issue
Block a user