/ Check-in [c1ae1268]
Login
Home Timeline Branches Tags Tickets Wiki More...

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a buffer overread that might occur in analyze.c if SQLITE_ENABLE_STAT4 was defined.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: c1ae1268b9023a771fda98f26bf451c6066fe70b
User & Date: dan 2014-12-05 21:04:26
Context
2014-12-05
21:18
Avoid a potential NULL pointer deference in the sqlite3_stmt_scanstatus() logic. check-in: 42d44adc user: drh tags: trunk
21:04
Fix a buffer overread that might occur in analyze.c if SQLITE_ENABLE_STAT4 was defined. check-in: c1ae1268 user: dan tags: trunk
20:46
Add new test file e_walckpt.test. Still some tests to come. check-in: e4db3db3 user: dan tags: trunk
20:43
Fix a buffer overread that might occur in analyze.c if SQLITE_ENABLE_STAT4 was defined. check-in: 194c90db user: dan tags: branch-3.8.7
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/analyze.c. 

1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606

      int i;                    /* Used to iterate through samples */
      tRowcnt sumEq = 0;        /* Sum of the nEq values */
      tRowcnt avgEq = 0;
      tRowcnt nRow;             /* Number of rows in index */
      i64 nSum100 = 0;          /* Number of terms contributing to sumEq */
      i64 nDist100;             /* Number of distinct values in index */

      if( pIdx->aiRowEst==0 || pIdx->aiRowEst[iCol+1]==0 ){
        nRow = pFinal->anLt[iCol];
        nDist100 = (i64)100 * pFinal->anDLt[iCol];
        nSample--;
      }else{
        nRow = pIdx->aiRowEst[0];
        nDist100 = ((i64)100 * pIdx->aiRowEst[0]) / pIdx->aiRowEst[iCol+1];
      }








|








1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606

      int i;                    /* Used to iterate through samples */
      tRowcnt sumEq = 0;        /* Sum of the nEq values */
      tRowcnt avgEq = 0;
      tRowcnt nRow;             /* Number of rows in index */
      i64 nSum100 = 0;          /* Number of terms contributing to sumEq */
      i64 nDist100;             /* Number of distinct values in index */

      if( !pIdx->aiRowEst || iCol>=pIdx->nKeyCol || pIdx->aiRowEst[iCol+1]==0 ){
        nRow = pFinal->anLt[iCol];
        nDist100 = (i64)100 * pFinal->anDLt[iCol];
        nSample--;
      }else{
        nRow = pIdx->aiRowEst[0];
        nDist100 = ((i64)100 * pIdx->aiRowEst[0]) / pIdx->aiRowEst[iCol+1];
      }

This page was generated in about 0.008s by Fossil 2.10 [4c73b4afb9] 2019-07-22 19:06:28