Fix a theoretical OOB memory access in sqlite3_stmt_scanstatus_v2().

FossilOrigin-Name: 87be9580747b405c2c534beadb0f95cee0d4f34e0245f90e157a6b7ada38e092
author: dan <Dan Kennedy> 2024-03-25 18:30:15 +0000
committer: dan <Dan Kennedy> 2024-03-25 18:30:15 +0000
commit: eb5bd4db91430a44f96bf636e4aba1c5eaa69c7d (patch)
tree: aa70bc92cf0d793b9a13be97194c6ac94cd87e02 /src
parent: 791b6f36cc8ed25766e709dfe2dc6d23782652b8 (diff)
download: sqlite-eb5bd4db91430a44f96bf636e4aba1c5eaa69c7d.tar.gz
sqlite-eb5bd4db91430a44f96bf636e4aba1c5eaa69c7d.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/vdbeapi.c b/src/vdbeapi.c
index 14c6091e0..3182e4070 100644
--- a/src/vdbeapi.c
+++ b/src/vdbeapi.c
@@ -2404,7 +2404,6 @@ int sqlite3_stmt_scanstatus_v2(
   }
   if( flags & SQLITE_SCANSTAT_COMPLEX ){
     idx = iScan;
-    pScan = &p->aScan[idx];
   }else{
     /* If the COMPLEX flag is clear, then this function must ignore any
     ** ScanStatus structures with ScanStatus.addrLoop set to 0. */
@@ -2417,6 +2416,8 @@ int sqlite3_stmt_scanstatus_v2(
     }
   }
   if( idx>=p->nScan ) return 1;
+  assert( pScan==0 || pScan==&p->aScan[idx] );
+  pScan = &p->aScan[idx];
 
   switch( iScanStatusOp ){
     case SQLITE_SCANSTAT_NLOOP: {
author	dan <Dan Kennedy>	2024-03-25 18:30:15 +0000
committer	dan <Dan Kennedy>	2024-03-25 18:30:15 +0000
commit	eb5bd4db91430a44f96bf636e4aba1c5eaa69c7d (patch)
tree	aa70bc92cf0d793b9a13be97194c6ac94cd87e02 /src
parent	791b6f36cc8ed25766e709dfe2dc6d23782652b8 (diff)
download	sqlite-eb5bd4db91430a44f96bf636e4aba1c5eaa69c7d.tar.gz sqlite-eb5bd4db91430a44f96bf636e4aba1c5eaa69c7d.zip