Limit the length of the patterns on LIKE and GLOB to avoid problems with
deep recursion and N^2 behavior. (CVS 3950) FossilOrigin-Name: 42e6c826998e69462462b0787d3650246d36f3b5
This commit is contained in:
drh
parent
a0206bc81c
commit
beb818d1fd
14
manifest
14
manifest
@ -1,5 +1,5 @@
|
||||
C Introduce\sthe\s(experimental)\ssqlite3_result_error_toobig()\sAPI\sthat\nfunction\simplementations\scan\suse\sto\ssignal\sSQLite\sthat\sthe\sfunction\nresult\sis\stoo\sbig\sto\srepresent.\s(CVS\s3949)
|
||||
D 2007-05-08T15:15:02
|
||||
C Limit\sthe\slength\sof\sthe\spatterns\son\sLIKE\sand\sGLOB\sto\savoid\sproblems\swith\ndeep\srecursion\sand\sN^2\sbehavior.\s(CVS\s3950)
|
||||
D 2007-05-08T15:34:48
|
||||
F Makefile.in 87b200ad9970907f76df734d29dff3d294c10935
|
||||
F Makefile.linux-gcc 2d8574d1ba75f129aba2019f0b959db380a90935
|
||||
F README 9c4e2d6706bdcc3efdd773ce752a8cdab4f90028
|
||||
@ -71,12 +71,12 @@ F src/date.c 263ef5b81b4ffdd80e8a830645798967bbbcfd05
|
||||
F src/delete.c 5c0d89b3ef7d48fe1f5124bfe8341f982747fe29
|
||||
F src/experimental.c 1b2d1a6cd62ecc39610e97670332ca073c50792b
|
||||
F src/expr.c 2f0f9f89efe9170e5e6ca5d5e93a9d5896fff5ac
|
||||
F src/func.c f06e14b427725c1e07f59018cefc6178df0eb09d
|
||||
F src/func.c 21a7e73009510e90f09759b5097481c68ca8dcd3
|
||||
F src/hash.c 67b23e14f0257b69a3e8aa663e4eeadc1a2b6fd5
|
||||
F src/hash.h 1b3f7e2609141fd571f62199fc38687d262e9564
|
||||
F src/insert.c e595ca26805dfb3a9ebaabc28e7947c479f3b14d
|
||||
F src/legacy.c 388c71ad7fbcd898ba1bcbfc98a3ac954bfa5d01
|
||||
F src/limits.h a912a42c164f4e3dca1fbb2f062d503f523390be
|
||||
F src/limits.h 6226e6157ee798b3f19c3fc969a0ae4832393476
|
||||
F src/loadext.c afe4f4755dc49c36ef505748bbdddecb9f1d02a2
|
||||
F src/main.c 35b340716319e88817493172aa63abe8be13b543
|
||||
F src/malloc.c b89e31258a85158d15795bf87ae3ba007e56329b
|
||||
@ -485,7 +485,7 @@ F www/tclsqlite.tcl bb0d1357328a42b1993d78573e587c6dcbc964b9
|
||||
F www/vdbe.tcl 87a31ace769f20d3627a64fa1fade7fed47b90d0
|
||||
F www/version3.tcl 890248cf7b70e60c383b0e84d77d5132b3ead42b
|
||||
F www/whentouse.tcl fc46eae081251c3c181bd79c5faef8195d7991a5
|
||||
P b1b74f06688fd90fcaf54cf95e2e7beeb5fc1040
|
||||
R 40ca2b4e3466e1b036e5014d465b679f
|
||||
P 17c4235c492f746867c1d2b8621043b93f8aa10e
|
||||
R 0a41035fc5149b0f6c2804cac4e2cff2
|
||||
U drh
|
||||
Z 55ff99acd1ae44d56a185a619d6a1cda
|
||||
Z a17f2a395ca2369e7d20c7284dc12ad3
|
||||
|
||||
@ -1 +1 @@
|
||||
17c4235c492f746867c1d2b8621043b93f8aa10e
|
||||
42e6c826998e69462462b0787d3650246d36f3b5
|
||||
18
src/func.c
18
src/func.c
@ -16,7 +16,7 @@
|
||||
** sqliteRegisterBuildinFunctions() found at the bottom of the file.
|
||||
** All other code has file scope.
|
||||
**
|
||||
** $Id: func.c,v 1.149 2007/05/08 15:15:02 drh Exp $
|
||||
** $Id: func.c,v 1.150 2007/05/08 15:34:48 drh Exp $
|
||||
*/
|
||||
#include "sqliteInt.h"
|
||||
#include <ctype.h>
|
||||
@ -535,8 +535,19 @@ static void likeFunc(
|
||||
int argc,
|
||||
sqlite3_value **argv
|
||||
){
|
||||
const unsigned char *zA = sqlite3_value_text(argv[0]);
|
||||
const unsigned char *zB = sqlite3_value_text(argv[1]);
|
||||
const unsigned char *zA, *zB;
|
||||
|
||||
/* Limit the length of the LIKE or GLOB pattern to avoid problems
|
||||
** of deep recursion and N*N behavior in patternCompare().
|
||||
*/
|
||||
if( sqlite3_value_bytes(argv[1])>SQLITE_MAX_LIKE_PATTERN_LENGTH ){
|
||||
sqlite3_result_error(context, "LIKE or GLOB pattern too complex", -1);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
zA = sqlite3_value_text(argv[0]);
|
||||
zB = sqlite3_value_text(argv[1]);
|
||||
int escape = 0;
|
||||
if( argc==3 ){
|
||||
/* The escape character string must consist of a single UTF-8 character.
|
||||
@ -556,6 +567,7 @@ static void likeFunc(
|
||||
#ifdef SQLITE_TEST
|
||||
sqlite3_like_count++;
|
||||
#endif
|
||||
|
||||
sqlite3_result_int(context, patternCompare(zA, zB, pInfo, escape));
|
||||
}
|
||||
}
|
||||
|
||||
10
src/limits.h
10
src/limits.h
@ -12,7 +12,7 @@
|
||||
**
|
||||
** This file defines various limits of what SQLite can process.
|
||||
**
|
||||
** @(#) $Id: limits.h,v 1.4 2007/05/08 15:15:02 drh Exp $
|
||||
** @(#) $Id: limits.h,v 1.5 2007/05/08 15:34:48 drh Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -134,3 +134,11 @@
|
||||
#ifndef SQLITE_MAX_PAGE_COUNT
|
||||
# define SQLITE_MAX_PAGE_COUNT 1073741823
|
||||
#endif
|
||||
|
||||
/*
|
||||
** Maximum length (in bytes) of the pattern in a LIKE or GLOB
|
||||
** operator.
|
||||
*/
|
||||
#ifndef SQLITE_MAX_LIKE_PATTERN_LENGTH
|
||||
# define SQLITE_MAX_LIKE_PATTERN_LENGTH 50000
|
||||
#endif
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user