SQLite

Check-in [ca185808ad]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Ensure that the sqlite3_value_text() interface returns a buffer that is long enough to hold the complete string plus the zero terminator even when the input is a zeroblob. Fix for a problem detected by OSS-Fuzz.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | branch-3.16
Files: files | file ages | folders
SHA1: ca185808ade195875918b5bad1762bcd8ec39457
User & Date: drh 2017-01-05 13:52:54.033
Context
2017-01-05
13:56
Fix problems in trigger and foreign key handling when doing REPLACE on a WITHOUT ROWID table that has no secondary indexes. Fix for ticket [30027b613b4]. (check-in: 8a788594e2 user: drh tags: branch-3.16)
13:52
Ensure that the sqlite3_value_text() interface returns a buffer that is long enough to hold the complete string plus the zero terminator even when the input is a zeroblob. Fix for a problem detected by OSS-Fuzz. (check-in: ca185808ad user: drh tags: branch-3.16)
07:58
Ensure that the sqlite3_value_text() interface returns a buffer that is long enough to hold the complete string plus the zero terminator even when the input is a zeroblob. Fix for a problem detected by OSS-Fuzz. (check-in: 2dc7eeb5b4 user: drh tags: trunk)
2017-01-03
18:27
Version 3.16.1 (check-in: 979f043928 user: drh tags: release, version-3.16.1, branch-3.16)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/vdbemem.c. 
1006
1007
1008
1009
1010
1011
1012

1013
1014
1015
1016
1017
1018
1019

static SQLITE_NOINLINE const void *valueToText(sqlite3_value* pVal, u8 enc){
  assert( pVal!=0 );
  assert( pVal->db==0 || sqlite3_mutex_held(pVal->db->mutex) );
  assert( (enc&3)==(enc&~SQLITE_UTF16_ALIGNED) );
  assert( (pVal->flags & MEM_RowSet)==0 );
  assert( (pVal->flags & (MEM_Null))==0 );
  if( pVal->flags & (MEM_Blob|MEM_Str) ){

    pVal->flags |= MEM_Str;
    if( pVal->enc != (enc & ~SQLITE_UTF16_ALIGNED) ){
      sqlite3VdbeChangeEncoding(pVal, enc & ~SQLITE_UTF16_ALIGNED);
    }
    if( (enc & SQLITE_UTF16_ALIGNED)!=0 && 1==(1&SQLITE_PTR_TO_INT(pVal->z)) ){
      assert( (pVal->flags & (MEM_Ephem|MEM_Static))!=0 );
      if( sqlite3VdbeMemMakeWriteable(pVal)!=SQLITE_OK ){








>








1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020

static SQLITE_NOINLINE const void *valueToText(sqlite3_value* pVal, u8 enc){
  assert( pVal!=0 );
  assert( pVal->db==0 || sqlite3_mutex_held(pVal->db->mutex) );
  assert( (enc&3)==(enc&~SQLITE_UTF16_ALIGNED) );
  assert( (pVal->flags & MEM_RowSet)==0 );
  assert( (pVal->flags & (MEM_Null))==0 );
  if( pVal->flags & (MEM_Blob|MEM_Str) ){
    if( ExpandBlob(pVal) ) return 0;
    pVal->flags |= MEM_Str;
    if( pVal->enc != (enc & ~SQLITE_UTF16_ALIGNED) ){
      sqlite3VdbeChangeEncoding(pVal, enc & ~SQLITE_UTF16_ALIGNED);
    }
    if( (enc & SQLITE_UTF16_ALIGNED)!=0 && 1==(1&SQLITE_PTR_TO_INT(pVal->z)) ){
      assert( (pVal->flags & (MEM_Ephem|MEM_Static))!=0 );
      if( sqlite3VdbeMemMakeWriteable(pVal)!=SQLITE_OK ){