/ Check-in [21ecbce1]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Improve detection of out-of-range parameters in sqlite3_stmt_status() for SQLITE_ENABLE_API_ARMOR builds.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256:21ecbce1378f3cc4b1051628b8c1580bb807c8745a1f525bc089036af93a54af
User & Date: dan 2018-03-14 08:27:39
References
2018-03-14
15:06
Disable one of the test cases from check-in [21ecbce1378f3cc4] when API_ARMOR is not enabled. check-in: 8fb23d42 user: drh tags: trunk
Context
2018-03-14
15:06
Disable one of the test cases from check-in [21ecbce1378f3cc4] when API_ARMOR is not enabled. check-in: 8fb23d42 user: drh tags: trunk
14:53
Add the SQLITE_DBSTATUS_CACHE_SPILL option to sqlite3_db_status() Closed-Leaf check-in: 3faeb851 user: drh tags: dbstatus-cache-spill
08:27
Improve detection of out-of-range parameters in sqlite3_stmt_status() for SQLITE_ENABLE_API_ARMOR builds. check-in: 21ecbce1 user: dan tags: trunk
2018-03-12
21:09
Fix a typo causing SQLITE_LOG_CACHE_SPILL builds to fail. check-in: 0171d4a7 user: dan tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/vdbeapi.c.

  1664   1664   /*
  1665   1665   ** Return the value of a status counter for a prepared statement
  1666   1666   */
  1667   1667   int sqlite3_stmt_status(sqlite3_stmt *pStmt, int op, int resetFlag){
  1668   1668     Vdbe *pVdbe = (Vdbe*)pStmt;
  1669   1669     u32 v;
  1670   1670   #ifdef SQLITE_ENABLE_API_ARMOR
  1671         -  if( !pStmt ){
         1671  +  if( !pStmt 
         1672  +   || (op!=SQLITE_STMTSTATUS_MEMUSED && (op<0||op>=ArraySize(pVdbe->aCounter)))
         1673  +  ){
  1672   1674       (void)SQLITE_MISUSE_BKPT;
  1673   1675       return 0;
  1674   1676     }
  1675   1677   #endif
  1676   1678     if( op==SQLITE_STMTSTATUS_MEMUSED ){
  1677   1679       sqlite3 *db = pVdbe->db;
  1678   1680       sqlite3_mutex_enter(db->mutex);

Changes to test/dbstatus.test.

   411    411       do_cacheused_test 4.2.3 db2 { 4568 4568 }
   412    412       sqlite3 db file:test.db?cache=shared
   413    413       do_cacheused_test 4.2.4 db2 { 4568 2284 }
   414    414       db2 close
   415    415     }
   416    416   }
   417    417   
          418  +#-------------------------------------------------------------------------
          419  +# Test that passing an out-of-range value to sqlite3_stmt_status does
          420  +# not cause a crash.
          421  +reset_db
          422  +do_execsql_test 5.0 {
          423  +  CREATE TABLE t1(x, y);
          424  +  INSERT INTO t1 VALUES(1, 2);
          425  +  INSERT INTO t1 VALUES(3, 4);
          426  +}
          427  +
          428  +do_test 5.1 {
          429  +  set ::stmt [sqlite3_prepare db "SELECT * FROM t1" -1 dummy]
          430  +  sqlite3_step $::stmt
          431  +  sqlite3_step $::stmt
          432  +  sqlite3_step $::stmt
          433  +  sqlite3_reset $::stmt
          434  +} {SQLITE_OK}
          435  +
          436  +do_test 5.2 { sqlite3_stmt_status $::stmt -1 0 } 0
          437  +do_test 5.3 { sqlite3_stmt_status $::stmt  7 0 } 0
          438  +do_test 5.4 { 
          439  +  expr [sqlite3_stmt_status $::stmt 99 0]>0 
          440  +} 1
          441  +foreach {tn id res} {
          442  +  1 SQLITE_STMTSTATUS_MEMUSED 1
          443  +  2 SQLITE_STMTSTATUS_FULLSCAN_STEP 1
          444  +  3 SQLITE_STMTSTATUS_SORT 0
          445  +  4 SQLITE_STMTSTATUS_AUTOINDEX 0
          446  +  5 SQLITE_STMTSTATUS_VM_STEP 1
          447  +  6 SQLITE_STMTSTATUS_REPREPARE 0
          448  +  7 SQLITE_STMTSTATUS_RUN 1
          449  +} {
          450  +if {$tn==2} breakpoint
          451  +  do_test 5.5.$tn { expr [sqlite3_stmt_status $::stmt $id 0]>0 } $res
          452  +}
          453  +
          454  +sqlite3_finalize $::stmt
   418    455   finish_test
          456  +