SQLite: Check-in [f91471e7]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview

Comment:	Fix some segfaults that could occur in obscure circumstances where error messages contained characters that could be mistaken for printf format specifiers.
Downloads:	Tarball \| ZIP archive \| SQL archive
Timelines:	family \| ancestors \| descendants \| both \| trunk
Files:	files \| file ages \| folders
SHA1:	f91471e7234db490f97298b1ccb8d6c7fc45b089
User & Date:	dan 2010-10-21 15:12:44

Context

2010-10-21
22:58		Make sure the estimated row count for ephemeral tables is initialized so that automatic indices can be used on those tables. check-in: d30f7b2d user: drh tags: trunk
15:49		Merge trunk changes into experimental branch. check-in: fd1e5cad user: dan tags: experimental
15:12		Fix some segfaults that could occur in obscure circumstances where error messages contained characters that could be mistaken for printf format specifiers. check-in: f91471e7 user: dan tags: trunk
12:34		Fix a typo-bug that prevented --disable-amalgamation from working in Makefile.in. Also fix an overly long line in Makfile.in. check-in: 2c3c4ba0 user: drh tags: trunk

Changes

Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/vdbeblob.c.


    sqlite3_bind_int64((sqlite3_stmt *)v, 1, iRow);
    rc = sqlite3_step((sqlite3_stmt *)v);
    if( rc!=SQLITE_ROW ){
      nAttempt++;
      rc = sqlite3_finalize((sqlite3_stmt *)v);
      sqlite3DbFree(db, zErr);
      zErr = sqlite3MPrintf(db, sqlite3_errmsg(db));
      v = 0;
    }
  } while( nAttempt<5 && rc==SQLITE_SCHEMA );

  if( rc==SQLITE_ROW ){
    /* The row-record has been opened successfully. Check that the
    ** column in question contains text or a blob. If it contains
................................................................................
    rc = SQLITE_ERROR;
  }

blob_open_out:
  if( v && (rc!=SQLITE_OK || db->mallocFailed) ){
    sqlite3VdbeFinalize(v);
  }
  sqlite3Error(db, rc, zErr);
  sqlite3DbFree(db, zErr);
  sqlite3StackFree(db, pParse);
  rc = sqlite3ApiExit(db, rc);
  sqlite3_mutex_leave(db->mutex);
  return rc;
}


    sqlite3_bind_int64((sqlite3_stmt *)v, 1, iRow);
    rc = sqlite3_step((sqlite3_stmt *)v);
    if( rc!=SQLITE_ROW ){
      nAttempt++;
      rc = sqlite3_finalize((sqlite3_stmt *)v);
      sqlite3DbFree(db, zErr);
      zErr = sqlite3MPrintf(db, "%s", sqlite3_errmsg(db));
      v = 0;
    }
  } while( nAttempt<5 && rc==SQLITE_SCHEMA );

  if( rc==SQLITE_ROW ){
    /* The row-record has been opened successfully. Check that the
    ** column in question contains text or a blob. If it contains
................................................................................
    rc = SQLITE_ERROR;
  }

blob_open_out:
  if( v && (rc!=SQLITE_OK || db->mallocFailed) ){
    sqlite3VdbeFinalize(v);
  }
  sqlite3Error(db, rc, (zErr ? "%s" : 0), zErr);
  sqlite3DbFree(db, zErr);
  sqlite3StackFree(db, pParse);
  rc = sqlite3ApiExit(db, rc);
  sqlite3_mutex_leave(db->mutex);
  return rc;
}

Changes to src/vtab.c.

        pTab->aCol = pParse->pNewTable->aCol;
        pTab->nCol = pParse->pNewTable->nCol;
        pParse->pNewTable->nCol = 0;
        pParse->pNewTable->aCol = 0;
      }
      db->pVTab = 0;
    }else{
      sqlite3Error(db, SQLITE_ERROR, zErr);
      sqlite3DbFree(db, zErr);
      rc = SQLITE_ERROR;
    }
    pParse->declareVtab = 0;
  
    if( pParse->pVdbe ){
      sqlite3VdbeFinalize(pParse->pVdbe);

        pTab->aCol = pParse->pNewTable->aCol;
        pTab->nCol = pParse->pNewTable->nCol;
        pParse->pNewTable->nCol = 0;
        pParse->pNewTable->aCol = 0;
      }
      db->pVTab = 0;
    }else{
      sqlite3Error(db, SQLITE_ERROR, (zErr ? "%s" : 0), zErr);
      sqlite3DbFree(db, zErr);
      rc = SQLITE_ERROR;
    }
    pParse->declareVtab = 0;
  
    if( pParse->pVdbe ){
      sqlite3VdbeFinalize(pParse->pVdbe);

Changes to test/incrblob.test.

do_test incrblob-8.6 {
  set rc [catch {sqlite3_blob_write $::b 0 etilqs 6} msg]
  lappend rc $msg
} {0 {}}
do_test incrblob-8.7 {
  execsql {SELECT b FROM t1 WHERE a = 314159}
} {etilqs}











finish_test








>
>
>
>
>
>
>
>
>

do_test incrblob-8.6 {
  set rc [catch {sqlite3_blob_write $::b 0 etilqs 6} msg]
  lappend rc $msg
} {0 {}}
do_test incrblob-8.7 {
  execsql {SELECT b FROM t1 WHERE a = 314159}
} {etilqs}

# The following test case exposes an instance in the blob code where
# an error message was set using a call similar to sqlite3_mprintf(zErr),
# where zErr is an arbitrary string. This is no good if the string contains
# characters that can be mistaken for printf() formatting directives.
#
do_test incrblob-9.1 {
  list [catch { db incrblob t1 "A tricky column name %s%s" 1 } msg] $msg
} {1 {no such column: "A tricky column name %s%s"}}


finish_test

Changes to test/vtab1.test.

  do_test vtab1-16.$tn {
    set echo_module_fail(xRename,t2) "the xRename method has failed"
    catchsql { ALTER TABLE echo_t2 RENAME TO another_name }
  } "1 {echo-vtab-error: the xRename method has failed}"
  unset echo_module_fail(xRename,t2)
  incr tn
}
















unset -nocomplain echo_module_begin_fail
finish_test








>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

  do_test vtab1-16.$tn {
    set echo_module_fail(xRename,t2) "the xRename method has failed"
    catchsql { ALTER TABLE echo_t2 RENAME TO another_name }
  } "1 {echo-vtab-error: the xRename method has failed}"
  unset echo_module_fail(xRename,t2)
  incr tn
}

# The following test case exposes an instance in sqlite3_declare_vtab()
# an error message was set using a call similar to sqlite3_mprintf(zErr),
# where zErr is an arbitrary string. This is no good if the string contains
# characters that can be mistaken for printf() formatting directives.
#
do_test vtab1-17.1 {
  execsql { 
    PRAGMA writable_schema = 1;
    INSERT INTO sqlite_master VALUES(
      'table', 't3', 't3', 0, 'INSERT INTO "%s%s" VALUES(1)'
    );
  }
  catchsql { CREATE VIRTUAL TABLE t4 USING echo(t3); }
} {1 {vtable constructor failed: t4}}

unset -nocomplain echo_module_begin_fail
finish_test