Commit Graph

20089 Commits

Author SHA1 Message Date
drh
0ad7aa8182 Limit the size of SrcList objects to 200 entries (compile-time configurable
using -DSQLITE_MAX_SRCLIST=n).  The maximum number of tables in a join has
always been 64, so this is not a real constraint on capability.  Limiting the
size of a SrcList prevents DOS attacks (discovered by OSSFuzz) using crazy
nexted CTE joins.

FossilOrigin-Name: 7cac614d5df55eb092b863163483b6782b942b21bd15fd787576fef5619fa849
2019-01-17 14:34:46 +00:00
drh
04fcef00ee Fix a corner-case for the logic that cause an insert of a NULL into an
INTEGER PRIMARY KEY column to be converted into a valid integer key,
when the NULL results from a CASE expression that lacks an ELSE clause.

FossilOrigin-Name: 9a425051e7ba59e797636f5cf32b5f6efafdb21c8d5300e099b8008b829c1439
2019-01-17 04:40:04 +00:00
drh
30fdb45da0 Ensure that the variable-length integer decoder in FTS3 never tries to
left-shift a negative number.

FossilOrigin-Name: 10ffc1fe006a1766ff2f1ffc6129786afb86b6b1f8d3a17334e8ecb838d37b9c
2019-01-17 03:43:38 +00:00
drh
f20bbc5f69 Fix a failure in sqlite3ExprCompare()
FossilOrigin-Name: 835e2cc55feea2f2426c99816c27f9c35d2fd4cdd9bf1c7f46f889ecfd222778
2019-01-17 01:06:00 +00:00
dan
8b20e4a3eb Fix a problem with fix [b4b57413].
FossilOrigin-Name: ca7b7aaed010ec67bec5355a9ac1d7f229d6d5f2ba2d796b76f5e908b1267688
2019-01-16 20:48:13 +00:00
dan
e011ee2830 Fix a problem in the fts3 matchinfo() function with corrupt database handling.
FossilOrigin-Name: 24ed5fb6aea30b098d2faf3cf9d638933e518657217e903239ffaa1e25d34f66
2019-01-16 19:44:09 +00:00
drh
375afb8bda Fix a problem in the code generator for sorting results with SRT_EphemTab
and a LIMIT clause.

FossilOrigin-Name: 49fcde2f1f981ac0c75728bed3444e7c1d3167311db282d3375c96ce090b2210
2019-01-16 19:26:31 +00:00
dan
5e970a8f40 Fix a problem with renaming a column that is used as part of an ORDER BY on a
compound SELECT within a database view or trigger.

FossilOrigin-Name: b4b5741366578b25ec6e4c415ab8239215e53b1c900be613575f40a826cfccc9
2019-01-16 14:58:37 +00:00
dan
fb8ac325d7 Avoid a dangling pointer comparison when renaming a table that has a trigger
that itself contains a window function with an (illegal) column reference in a
FOLLOWING expression.

FossilOrigin-Name: d45bee36f2c1091a2d32c16ca8921bf4e7c9e40c46d0a36fbcb179ecfafcfbf0
2019-01-16 12:05:22 +00:00
dan
4ccb41fc99 Fix a memory leak that could occur in fts3 when handling a corrupt database.
FossilOrigin-Name: 65cebb06a0afcbcb4157c3d518a62ed188b1e90d9e9b69d88fece484bcb6e380
2019-01-16 11:38:06 +00:00
dan
dfb5c963a0 Fix a problem with ALTER TABLE and vector assignments in UPDATE statements
within triggers.

FossilOrigin-Name: cc6cd7531fee39b4c2a9f522f1089c1d79254a9e25acae59468322031f94c25a
2019-01-15 20:51:35 +00:00
dan
1a39d2bb5c Handle SQL NULL values without crashing in the fts5 snippet() and highlight()
functions.

FossilOrigin-Name: a5e9cc794f17566160c4b2b5791601a744a21ace987b19ff8a5816fd78dce56a
2019-01-15 18:14:27 +00:00
dan
a783931794 Fix a buffer overread in fts3 caused by a corrupt record.
FossilOrigin-Name: e54efd60c20bbfc5d70ddb9e1dd6ffb68cbbcfa57b4f07cb104767ef08c1a559
2019-01-15 16:14:31 +00:00
dan
2d4e720579 Have fts5 reject attempts to insert a non-integer, non-null value into a rowid
column with SQLITE_MISMATCH.

FossilOrigin-Name: 4a9483f81e9ca1aa41d6ca33cb3171370418ccc71fdee9741bbf6f694bf4fbaa
2019-01-15 15:18:58 +00:00
drh
e2dcc42e1f Fix a harmless memory leak in the Lemon parser generator utility program.
FossilOrigin-Name: 1caff0fb0b2051e205e7a8cfd5dadf92680c52a88a441ded95b1ea6542db5f83
2019-01-15 14:44:23 +00:00
dan
58ed374370 Fix a problem triggered by DELETE statements with WHERE clauses that use the
OR-optimization on some virtual tables.

FossilOrigin-Name: ecf5caa7e9825a8b03d15ee525ec68be78c55926ddfaca27a040a7614caf0e85
2019-01-15 14:31:01 +00:00
dan
9c039d9f2e Add scalar function "prefix_length()" to ext/misc/prefixes.c.
FossilOrigin-Name: 0bf1550507d9d3c8a41f8a50db3a59bf808f0a4e24637dc0905d35579305eca7
2019-01-14 20:44:00 +00:00
dan
9274ad898f Fix a problem causing some Tcl test cases to fail with errors like "expected: [<multiline-whitespace>], got: []".
FossilOrigin-Name: 11b8a4cba747ca214fe3506caa3b711c87be4d55412754e673cc0603afefb086
2019-01-14 19:13:30 +00:00
drh
4ead96348e Add the "prefixes" table-valued function in the ext/misc folder.
FossilOrigin-Name: f0fd2163fc23a555ef03af43294a14fcabae6921f52e64c979286c745b4f6218
2019-01-14 16:16:30 +00:00
dan
f8a488bb6b Fix a problem causing a crash if an fts5vocab table was created to query an
fts3/4 FTS index.

FossilOrigin-Name: 9cd64ce453e4435d80117b8610c22a0a4b53cd6e84b39815e70e684f6b0295c8
2019-01-14 15:35:15 +00:00
dan
94ec92a1f7 Fix a problem with querying a corrupt fts3 database.
FossilOrigin-Name: 65e50706a017751d72d0f9c7f575955194977decd0acf13aaca90c3cb925f20e
2019-01-14 15:09:00 +00:00
drh
4067ce7d54 When parsing a corrupt record using sqlite3VdbeRecordUnpack(), make sure
that the resulting UnpackedRecord object is completely initialized, to avoid
(harmless) MSAN warnings.

FossilOrigin-Name: ddc3697efd61830fad55c6bf7f9115f4a7f53e08838eba5a82e1406c7a721665
2019-01-14 13:32:15 +00:00
dan
68c1f9ce9a Have fts3 ignore empty sets of parenthesis if built with
SQLITE_ENABLE_FTS3_PARENTHESIS.

FossilOrigin-Name: c93c6b45a317c40eb5c0abb6620d21f5821a601632c791e11e5ce62e039eccda
2019-01-14 11:56:13 +00:00
drh
d12db3dabb Avoid reading off the front of a page buffer when balancing a corrupt
btree page.

FossilOrigin-Name: cb50509020d952fa9efed8df7fa08b07b71ae9bdbdefea216b6e660863291039
2019-01-14 05:48:10 +00:00
drh
b10a50e7f8 In dbfuzz2, avoid using a malloc in the LLVMFuzzerInitialize() initializer
routine, so that no memory leaks are reported.  Also, show the version of
SQLite being used when the -v option is on.

FossilOrigin-Name: 824f93246988ffa213bbd41a7de08886999b1a8ae00fdf6b9767acb6e3ec6a1f
2019-01-13 20:23:34 +00:00
drh
f202c6cdcf Relax the minimum size database file constraint on the dbtotxt utility program.
FossilOrigin-Name: 97e723d746eeb2159f5bf1701532271ac6a4620879c82d496f4499c178b64479
2019-01-13 20:17:52 +00:00
drh
0f1bf4c1ac Improved detection of database corruption while balancing pages from an
auto_vacuum database with overflow pages.  Test cases in TH3.

FossilOrigin-Name: 35f04235c477501390acea126d07a730d81d03cdf7abcd82d861e397b3f75b0f
2019-01-13 20:17:21 +00:00
drh
a1bd5c6aae Move a local variable declaration into the outermost scope in which it
is used. This fixes an ASAN warning.

FossilOrigin-Name: ac3b6021d9437ab1c027850d321f0a3e575b008763d8d515e2347f7d4e7c294b
2019-01-13 00:58:57 +00:00
drh
a79bcf358b Prevent unsigned 32-bit integer overflow from leading to a buffer overread
inside of an assert().  The problem fixed here is no reachable in production
code.

FossilOrigin-Name: 0f850a25d67a752fe1e9059c0c3f78e00c222113e556a7605fd3c50817b573cb
2019-01-12 21:30:26 +00:00
dan
951d165125 Fix another problem with handling corrupt records in fts5_decode().
FossilOrigin-Name: 726e398b9ddc15ea1b67c40e2a12ddf5d04428a866699588c5fa1af75af846e1
2019-01-12 20:55:36 +00:00
drh
6214d93993 Fix an off-by-one error on a Goto in the code generator, that only
causes problems for a REPLACE on an INTEGER PRIMARY KEY in non-debug
builds.  Test case in TH3.

FossilOrigin-Name: e35eb8776ed539afe1d5db099470ab1124d8dd2db73ee5db7c811f8df9a9576e
2019-01-12 16:19:23 +00:00
dan
b4439eef10 Fix a problem with corrupt database handling in the fts3 matchinfo() function.
FossilOrigin-Name: 703646b1b5c84d550fe0d74e399c0eeb729da1d263e4693320f69e6509678985
2019-01-12 14:58:35 +00:00
drh
5d4589014a Improved detection of shadow table corruption in the fts5_decode() SQL function.
FossilOrigin-Name: b74e5f3f3057ee7a98ebcb14ca0751048eacbec8fca3e11e241883029a57ecdf
2019-01-12 00:45:20 +00:00
drh
3e534eac19 Improved shadow table corruption detection in the matchinfo() function of FTS3.
FossilOrigin-Name: 567be3bb1e8b6477f3bf1c7b4cd6ec066fba69d0dcf8785632e244ce25db639f
2019-01-12 00:12:33 +00:00
drh
a2dc7494ef Indicate that the database may be corrupt in the fts3corrupt4.test test script.
FossilOrigin-Name: 473626d5579dd19023abccaf7c1822ac0c883a0b98904837ea096fa16e4f41c4
2019-01-12 00:07:48 +00:00
drh
73bce66701 Use 64-bit APIs in the fileio.c extension.
FossilOrigin-Name: b49d56a0faf012978c50fb8662125ea21bdf5054fddf5975644cbc941c153e70
2019-01-11 23:08:56 +00:00
dan
90294961da Fix a segfault in fts3 prompted by a corrupted database.
FossilOrigin-Name: 2d7b1d1d41ff69d5465fcb861420816ecb066c25a9015eefdab5fae15a2e1c9f
2019-01-11 21:34:25 +00:00
dan
0ad63e5e0c Fix another problem with corrupt databases in fts5.
FossilOrigin-Name: 9bf811ea89a133d481a86407683a7518e909eccb7aa3aa02f7932bdb33387572
2019-01-11 19:27:55 +00:00
dan
e6370e9c29 Fix a problem handling a negative value in the "number-of-pages" database
header field. Also a problem with running "REINDEX tbl" against a virtual
table for which the SQL passed to sqlite3_declare_vtab() contains PRIMARY KEY
or UNIQUE constraints.

FossilOrigin-Name: 556dd8922f65af93084ee725c638b8dc696b611dd508c212a3b507d6ca474031
2019-01-11 17:41:23 +00:00
drh
1735f91df4 Improved detection and reporting of errors in the readfile() extension SQL
function.

FossilOrigin-Name: d2f0b5a483869d39f5c5814c9d6df3d3b8a46d582b4dcf0cf11e23b707c4213e
2019-01-11 17:20:25 +00:00
drh
2bd207ff6d Omit errors about missing SAVEPOINTs when aborting the .archive command
in the CLI.

FossilOrigin-Name: 2a47387ba6aa3c294607b7641aa1c4cf70a7b27a861e1098c2f79a38e5b7036a
2019-01-11 17:19:59 +00:00
drh
2a58dbde30 Improved detection of cell corruption in sqlite3VdbeRecordCompareWithSkip().
FossilOrigin-Name: fa47f4c6589c431cf678560ac33dea6b695052012bea2096b2c92869ed51c688
2019-01-11 16:44:16 +00:00
drh
f10ce63651 Fix PRAGMA integrity_check so that it does not cancel the PRAGMA vdbe_debug
setting.

FossilOrigin-Name: aaa3a19f8cf5ba7003634e4610abc7832354af91d7c7f65469218678f66bcd46
2019-01-11 14:46:44 +00:00
drh
1972c8cf07 Add the --vdbe-debug command-line option to dbfuzz2.
FossilOrigin-Name: 599b4df43c64ce295517c804b6bb4c3ab77d77e0ba585dc0657274f55489a3b1
2019-01-11 14:38:47 +00:00
drh
26391eeefe Add the "dbfuzz2" target to main.mk. Remove an unused local variable
from dbfuzz2.c.

FossilOrigin-Name: 05c7609cfd02f49114876267d7090f4e0ea2467f3aa7c65019c5986ec8f60a87
2019-01-11 14:22:33 +00:00
drh
51d35b0fa9 The keywords TRUE and FALSE should only act as boolean literal values if
unquoted.

FossilOrigin-Name: 5547f39de993c708f72301ef25df190a2f007e0c4253799bdd9e86bb1ae41777
2019-01-11 13:32:23 +00:00
drh
e65b9c6a5e Separate makefile targets for "dbfuzz2", "dbfuzz2-asan", and "dbfuzz2-msan".
FossilOrigin-Name: ea119641a7edcd0e1ec14371d93e35f860971888bd98cb0019253358a2ef123b
2019-01-11 13:03:06 +00:00
dan
6ca98ad6b1 Fix a memory leak in fts5 that could occur if scalar function fts5_decode()
was passed a corrupt record.

FossilOrigin-Name: 240f1c0c92cad8a1c19438b38489aedb831f62a4603c53f22367e876d8f644ff
2019-01-10 19:26:52 +00:00
dan
f7d687c9d3 Fix a memory leak in fts5.
FossilOrigin-Name: ff3b011f17f4f02e486f3c8de607f62eddf3b86562e2df82dba57ea166994b65
2019-01-10 18:35:09 +00:00
dan
25e3073741 Avoid use-after-free and double-free errors that could occur if an fts5 table
is modified in certain ways while there are active cursors.

FossilOrigin-Name: 3291b2a6fe6f38ae91b933e5cd2bf7d97432374b4fb1fccd92b4bd759b02ee06
2019-01-10 17:08:20 +00:00