Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix some segfaults that could occur in obscure circumstances where error messages contained characters that could be mistaken for printf format specifiers. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
f91471e7234db490f97298b1ccb8d6c7 |
| User & Date: | dan 2010-10-21 15:12:44.000 |
Context
|
2010-10-21
| ||
| 22:58 | Make sure the estimated row count for ephemeral tables is initialized so that automatic indices can be used on those tables. (check-in: d30f7b2def user: drh tags: trunk) | |
| 15:49 | Merge trunk changes into experimental branch. (check-in: fd1e5cade0 user: dan tags: experimental) | |
| 15:12 | Fix some segfaults that could occur in obscure circumstances where error messages contained characters that could be mistaken for printf format specifiers. (check-in: f91471e723 user: dan tags: trunk) | |
| 12:34 | Fix a typo-bug that prevented --disable-amalgamation from working in Makefile.in. Also fix an overly long line in Makfile.in. (check-in: 2c3c4ba035 user: drh tags: trunk) | |
Changes
Changes to src/vdbeblob.c.
| ︙ | ︙ | |||
227 228 229 230 231 232 233 |
sqlite3_bind_int64((sqlite3_stmt *)v, 1, iRow);
rc = sqlite3_step((sqlite3_stmt *)v);
if( rc!=SQLITE_ROW ){
nAttempt++;
rc = sqlite3_finalize((sqlite3_stmt *)v);
sqlite3DbFree(db, zErr);
| | | 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 |
sqlite3_bind_int64((sqlite3_stmt *)v, 1, iRow);
rc = sqlite3_step((sqlite3_stmt *)v);
if( rc!=SQLITE_ROW ){
nAttempt++;
rc = sqlite3_finalize((sqlite3_stmt *)v);
sqlite3DbFree(db, zErr);
zErr = sqlite3MPrintf(db, "%s", sqlite3_errmsg(db));
v = 0;
}
} while( nAttempt<5 && rc==SQLITE_SCHEMA );
if( rc==SQLITE_ROW ){
/* The row-record has been opened successfully. Check that the
** column in question contains text or a blob. If it contains
|
| ︙ | ︙ | |||
274 275 276 277 278 279 280 |
rc = SQLITE_ERROR;
}
blob_open_out:
if( v && (rc!=SQLITE_OK || db->mallocFailed) ){
sqlite3VdbeFinalize(v);
}
| | | 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 |
rc = SQLITE_ERROR;
}
blob_open_out:
if( v && (rc!=SQLITE_OK || db->mallocFailed) ){
sqlite3VdbeFinalize(v);
}
sqlite3Error(db, rc, (zErr ? "%s" : 0), zErr);
sqlite3DbFree(db, zErr);
sqlite3StackFree(db, pParse);
rc = sqlite3ApiExit(db, rc);
sqlite3_mutex_leave(db->mutex);
return rc;
}
|
| ︙ | ︙ |
Changes to src/vtab.c.
| ︙ | ︙ | |||
668 669 670 671 672 673 674 |
pTab->aCol = pParse->pNewTable->aCol;
pTab->nCol = pParse->pNewTable->nCol;
pParse->pNewTable->nCol = 0;
pParse->pNewTable->aCol = 0;
}
db->pVTab = 0;
}else{
| | | 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 |
pTab->aCol = pParse->pNewTable->aCol;
pTab->nCol = pParse->pNewTable->nCol;
pParse->pNewTable->nCol = 0;
pParse->pNewTable->aCol = 0;
}
db->pVTab = 0;
}else{
sqlite3Error(db, SQLITE_ERROR, (zErr ? "%s" : 0), zErr);
sqlite3DbFree(db, zErr);
rc = SQLITE_ERROR;
}
pParse->declareVtab = 0;
if( pParse->pVdbe ){
sqlite3VdbeFinalize(pParse->pVdbe);
|
| ︙ | ︙ |
Changes to test/incrblob.test.
| ︙ | ︙ | |||
672 673 674 675 676 677 678 679 680 681 |
do_test incrblob-8.6 {
set rc [catch {sqlite3_blob_write $::b 0 etilqs 6} msg]
lappend rc $msg
} {0 {}}
do_test incrblob-8.7 {
execsql {SELECT b FROM t1 WHERE a = 314159}
} {etilqs}
finish_test
| > > > > > > > > > | 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 |
do_test incrblob-8.6 {
set rc [catch {sqlite3_blob_write $::b 0 etilqs 6} msg]
lappend rc $msg
} {0 {}}
do_test incrblob-8.7 {
execsql {SELECT b FROM t1 WHERE a = 314159}
} {etilqs}
# The following test case exposes an instance in the blob code where
# an error message was set using a call similar to sqlite3_mprintf(zErr),
# where zErr is an arbitrary string. This is no good if the string contains
# characters that can be mistaken for printf() formatting directives.
#
do_test incrblob-9.1 {
list [catch { db incrblob t1 "A tricky column name %s%s" 1 } msg] $msg
} {1 {no such column: "A tricky column name %s%s"}}
finish_test
|
Changes to test/vtab1.test.
| ︙ | ︙ | |||
1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 |
do_test vtab1-16.$tn {
set echo_module_fail(xRename,t2) "the xRename method has failed"
catchsql { ALTER TABLE echo_t2 RENAME TO another_name }
} "1 {echo-vtab-error: the xRename method has failed}"
unset echo_module_fail(xRename,t2)
incr tn
}
unset -nocomplain echo_module_begin_fail
finish_test
| > > > > > > > > > > > > > > > | 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 |
do_test vtab1-16.$tn {
set echo_module_fail(xRename,t2) "the xRename method has failed"
catchsql { ALTER TABLE echo_t2 RENAME TO another_name }
} "1 {echo-vtab-error: the xRename method has failed}"
unset echo_module_fail(xRename,t2)
incr tn
}
# The following test case exposes an instance in sqlite3_declare_vtab()
# an error message was set using a call similar to sqlite3_mprintf(zErr),
# where zErr is an arbitrary string. This is no good if the string contains
# characters that can be mistaken for printf() formatting directives.
#
do_test vtab1-17.1 {
execsql {
PRAGMA writable_schema = 1;
INSERT INTO sqlite_master VALUES(
'table', 't3', 't3', 0, 'INSERT INTO "%s%s" VALUES(1)'
);
}
catchsql { CREATE VIRTUAL TABLE t4 USING echo(t3); }
} {1 {vtable constructor failed: t4}}
unset -nocomplain echo_module_begin_fail
finish_test
|