diff options
| author | drh <drh@noemail.net> | 2016-12-30 15:16:20 +0000 |
|---|---|---|
| committer | drh <drh@noemail.net> | 2016-12-30 15:16:20 +0000 |
| commit | 1d081ab39e8296a46e1254278464c11aec582b51 (patch) | |
| tree | 5121ec8568bc52eea4b95907cf0a76fb810c7ac0 | |
| parent | 5f4ade0473f2d76361a91120a2c4fe9489feaee8 (diff) | |
| download | sqlite-1d081ab39e8296a46e1254278464c11aec582b51.tar.gz sqlite-1d081ab39e8296a46e1254278464c11aec582b51.zip | |
Strengthen the defense against OOM in the instr() SQL function.
FossilOrigin-Name: a0971e713682a73d8c7c20511db256c20d2f6388
| -rw-r--r-- | manifest | 12 | ||||
| -rw-r--r-- | manifest.uuid | 2 | ||||
| -rw-r--r-- | src/func.c | 5 |
3 files changed, 10 insertions, 9 deletions
@@ -1,5 +1,5 @@ -C Add\sa\stest\sto\sensure\sthat\sthe\sapp-defined\spcache\sxFetch()\smethod\sis\snever\npassed\sa\skey\sof\szero. -D 2016-12-30T14:25:42.274 +C Strengthen\sthe\sdefense\sagainst\sOOM\sin\sthe\sinstr()\sSQL\sfunction. +D 2016-12-30T15:16:20.650 F Makefile.in 41bd4cad981487345c4a84081074bcdb876e4b2e F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434 F Makefile.msc b8ca53350ae545e3562403d5da2a69cec79308da @@ -344,7 +344,7 @@ F src/delete.c c8bc10d145c9666a34ae906250326fdaa8d58fa5 F src/expr.c a90e37bc542abe33890cafccacbf8a7db9cb5401 F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007 F src/fkey.c 2e9aabe1aee76273aff8a84ee92c464e095400ae -F src/func.c e0190fd64810a66889bd52c8950f6b5ab3e67356 +F src/func.c 00cd42119843ab0730fac5ae35fc09f344b08259 F src/global.c dcdb89f30b7aa531c5660030af106bc5bc48ef2e F src/hash.c 63d0ee752a3b92d4695b2b1f5259c4621b2cfebd F src/hash.h ab34c5c54a9e9de2e790b24349ba5aab3dbb4fd4 @@ -1540,7 +1540,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 56ff72ab44288296efc99a608f7edc4346366a50 -R e9376a0e6f39c186396a7f16973b7c00 +P 0bdbe49c6d392c4c86a6c01219c9d91d150dea7d +R 08bfc0b07daab66cd8d9a28810d0ff87 U drh -Z a28c5cf75c694c3d54fc5cc0da0c3d0d +Z 6b0be7f43941c0b0506a1dbb2af0a32d diff --git a/manifest.uuid b/manifest.uuid index 23f172d71..674c29ed2 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -0bdbe49c6d392c4c86a6c01219c9d91d150dea7d
\ No newline at end of file +a0971e713682a73d8c7c20511db256c20d2f6388
\ No newline at end of file diff --git a/src/func.c b/src/func.c index 37f7cd615..1f80392ba 100644 --- a/src/func.c +++ b/src/func.c @@ -204,13 +204,14 @@ static void instrFunc( if( typeHaystack==SQLITE_BLOB && typeNeedle==SQLITE_BLOB ){ zHaystack = sqlite3_value_blob(argv[0]); zNeedle = sqlite3_value_blob(argv[1]); + assert( zNeedle!=0 ); + assert( zHaystack!=0 || nHaystack==0 ); isText = 0; }else{ zHaystack = sqlite3_value_text(argv[0]); zNeedle = sqlite3_value_text(argv[1]); isText = 1; - if( zNeedle==0 ) return; - assert( zHaystack ); + if( zHaystack==0 || zNeedle==0 ) return; } while( nNeedle<=nHaystack && memcmp(zHaystack, zNeedle, nNeedle)!=0 ){ N++; |