SQLite

Check-in [c8c7846fb9]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix an obscure bug that causes a crash when parsing certain invalid SQL statements.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: c8c7846fb990199dcc0774a69e8257510bc36f2d
User & Date: drh 2012-02-23 17:35:28.314
Context
2012-02-24
00:02
A simple change that allows the SQLITE_32BIT_ROWID compile-time option to work better. (check-in: f9df4063fb user: drh tags: trunk)
2012-02-23
17:35
Fix an obscure bug that causes a crash when parsing certain invalid SQL statements. (check-in: c8c7846fb9 user: drh tags: trunk)
16:45
Fix a typo made inside an assert() statement in the previous commit. (check-in: f0640615f2 user: dan tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/select.c. 
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268

  int cnt;                    /* Index added to make the name unique */
  Column *aCol, *pCol;        /* For looping over result columns */
  int nCol;                   /* Number of columns in the result set */
  Expr *p;                    /* Expression for a single result column */
  char *zName;                /* Column name */
  int nName;                  /* Size of name in zName[] */

  *pnCol = nCol = pEList->nExpr;
  aCol = *paCol = sqlite3DbMallocZero(db, sizeof(aCol[0])*nCol);
  if( aCol==0 ) return SQLITE_NOMEM;
  for(i=0, pCol=aCol; i<nCol; i++, pCol++){
    /* Get an appropriate name for the column
    */
    p = pEList->a[i].pExpr;
    assert( p->pRight==0 || ExprHasProperty(p->pRight, EP_IntValue)








|








1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268

  int cnt;                    /* Index added to make the name unique */
  Column *aCol, *pCol;        /* For looping over result columns */
  int nCol;                   /* Number of columns in the result set */
  Expr *p;                    /* Expression for a single result column */
  char *zName;                /* Column name */
  int nName;                  /* Size of name in zName[] */

  *pnCol = nCol = pEList ? pEList->nExpr : 0;
  aCol = *paCol = sqlite3DbMallocZero(db, sizeof(aCol[0])*nCol);
  if( aCol==0 ) return SQLITE_NOMEM;
  for(i=0, pCol=aCol; i<nCol; i++, pCol++){
    /* Get an appropriate name for the column
    */
    p = pEList->a[i].pExpr;
    assert( p->pRight==0 || ExprHasProperty(p->pRight, EP_IntValue)
Changes to test/select1.test. 
1062
1063
1064
1065
1066
1067
1068






1069
1070

    execsql { DROP INDEX i1 } db2
    db2 close
  } {}
  do_test select1-15.3 {
    execsql { SELECT 2 IN (SELECT a FROM t1) }
  } {1}
}






  
finish_test








>
>
>
>
>
>



1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076

    execsql { DROP INDEX i1 } db2
    db2 close
  } {}
  do_test select1-15.3 {
    execsql { SELECT 2 IN (SELECT a FROM t1) }
  } {1}
}

# Crash bug reported on the mailing list on 2012-02-23
#
do_test select1-16.1 {
  catchsql {SELECT 1 FROM (SELECT *)}
} {1 {no tables specified}}
  
finish_test