SQLite

Check-in [0770363b30]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a buffer overread that could occur when running fts5 prefix queries inside a transaction.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | branch-3.19
Files: files | file ages | folders
SHA3-256: 0770363b30382af76e87009192f3b59b8b089e2e2ad3dfac3392f52e78633a3b
User & Date: drh 2019-09-03 18:43:33.704
Context
2019-09-03
18:43
Fix a buffer overread that could occur when running fts5 prefix queries inside a transaction. (Leaf check-in: 0770363b30 user: drh tags: branch-3.19)
17:55
Disable the undocumented rtreenode() SQL function that is only used for testing, except when doing a build that is specifically intended for testing. (check-in: 34cd2d929e user: drh tags: branch-3.19)
2019-03-18
15:49
Fix a buffer overread that could occur when running fts5 prefix queries inside a transaction. (check-in: b3fa58dd74 user: dan tags: trunk)
Changes
Side-by-Side Diff Ignore Whitespace Patch
Changes to ext/fts5/fts5_hash.c.
440
441
442
443
444
445
446

447


448
449
450
451
452
453
454
440
441
442
443
444
445
446
447

448
449
450
451
452
453
454
455
456







+
-
+
+







  ap = sqlite3_malloc(sizeof(Fts5HashEntry*) * nMergeSlot);
  if( !ap ) return SQLITE_NOMEM;
  memset(ap, 0, sizeof(Fts5HashEntry*) * nMergeSlot);

  for(iSlot=0; iSlot<pHash->nSlot; iSlot++){
    Fts5HashEntry *pIter;
    for(pIter=pHash->aSlot[iSlot]; pIter; pIter=pIter->pHashNext){
      if( pTerm==0 
      if( pTerm==0 || 0==memcmp(fts5EntryKey(pIter), pTerm, nTerm) ){
       || (pIter->nKey+1>=nTerm && 0==memcmp(fts5EntryKey(pIter), pTerm, nTerm))
      ){
        Fts5HashEntry *pEntry = pIter;
        pEntry->pScanNext = 0;
        for(i=0; ap[i]; i++){
          pEntry = fts5HashEntryMerge(pEntry, ap[i]);
          ap[i] = 0;
        }
        ap[i] = pEntry;
Changes to ext/fts5/test/fts5aa.test.
587
588
589
590
591
592
593
594
595








596


597
598


599

587
588
589
590
591
592
593


594
595
596
597
598
599
600
601
602
603
604


605
606
607
608







-
-
+
+
+
+
+
+
+
+

+
+
-
-
+
+

+
  COMMIT;
}

do_execsql_test 22.1 {
  SELECT rowid FROM t9('a*')
} {1}

}


do_execsql_test 25.0 {
  CREATE VIRTUAL TABLE t13 USING fts5(x, detail=%DETAIL%);
}
do_execsql_test 25.1 {
  BEGIN;
  INSERT INTO t13 VALUES('AAAA');
SELECT * FROM t13('BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB*');

  END;
}
finish_test


}

finish_test