|Title:||Invalid pointer passed to the authorizer callback|
|Last Modified:||2013-05-06 13:45:39|
|Version Found In:||18.104.22.168|
drh added on 2013-05-06 13:03:05:
The UPDATE statement in the following code reads past the end of an array and passes an invalid pointer to the authorizer callback: <blockquote><verbatim> CREATE TABLE t1(a,b,c,d,e,f,g,h); UPDATE t1 SET rowid=rowid+100; </verbatim></blockquote> The problem can be seen by running the script above in the sqlite3 command-line shell using valgrind. This problem has been in the code since version 2.7.6 circa 2003-01-25 and appears to have been added by check-in [45de93f913a18026a]. The problem has not been noticed before now because it is obscure and mostly harmless - unless the authorizer is used on an UPDATE statement that changes the ROWID the worst that can happen is a single read past the end of an array.
drh added on 2013-05-06 13:45:39: (text/x-fossil-wiki)
An additional requirement for hitting this bug is that the number of columns in the table being updated must be a multiple of 8.