/ Check-in [693b4350]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a segfault caused by having identical window functions in the select-list and ORDER BY clause of a SELECT statement.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 693b4350d741391226a33ab6a05eaad61e8ef1590176f01e8aed2a212e2d6419
User & Date: dan 2018-07-02 17:14:37
Context
2018-07-02
17:45
Fix a problem in the xInverse callback for the built-in sum() window function. check-in: b6563647 user: dan tags: trunk
17:14
Fix a segfault caused by having identical window functions in the select-list and ORDER BY clause of a SELECT statement. check-in: 693b4350 user: dan tags: trunk
15:03
Fix a crash caused by a LIKE pattern that consists of a single escape character. Problem found by OSSFuzz. check-in: bb9bfc3a user: dan tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/resolve.c.

  1239   1239       /* Otherwise, treat the ORDER BY term as an ordinary expression */
  1240   1240       pItem->u.x.iOrderByCol = 0;
  1241   1241       if( sqlite3ResolveExprNames(pNC, pE) ){
  1242   1242         return 1;
  1243   1243       }
  1244   1244       for(j=0; j<pSelect->pEList->nExpr; j++){
  1245   1245         if( sqlite3ExprCompare(0, pE, pSelect->pEList->a[j].pExpr, -1)==0 ){
         1246  +#ifndef SQLITE_OMIT_WINDOWFUNC
         1247  +        if( pE->pWin ){
         1248  +          Window **pp;
         1249  +          for(pp=&pSelect->pWin; *pp; pp=&(*pp)->pNextWin){
         1250  +            if( *pp==pE->pWin ){
         1251  +              *pp = (*pp)->pNextWin;
         1252  +              break;
         1253  +            }    
         1254  +          }
         1255  +        }
         1256  +#endif
  1246   1257           pItem->u.x.iOrderByCol = j+1;
  1247   1258         }
  1248   1259       }
  1249   1260     }
  1250   1261     return sqlite3ResolveOrderGroupBy(pParse, pSelect, pOrderBy, zType);
  1251   1262   }
  1252   1263   

Changes to test/window6.test.

   166    166     INSERT INTO t1 VALUES('');
   167    167   }
   168    168   
   169    169   do_execsql_test 7.1 {
   170    170     SELECT count(*) FROM t1 WHERE x LIKE '!' ESCAPE '!';
   171    171   } {0}
   172    172   
          173  +#-------------------------------------------------------------------------
          174  +#
          175  +do_execsql_test 8.0 {
          176  +  CREATE TABLE IF NOT EXISTS "sample" (
          177  +      "id" INTEGER NOT NULL PRIMARY KEY, 
          178  +      "counter" INTEGER NOT NULL, 
          179  +      "value" REAL NOT NULL
          180  +  );
          181  +
          182  +  INSERT INTO "sample" (counter, value) 
          183  +  VALUES (1, 10.), (1, 20.), (2, 1.), (2, 3.), (3, 100.);
          184  +}
          185  +
          186  +do_execsql_test 8.1 {
          187  +  SELECT "counter", "value", RANK() OVER w AS "rank" 
          188  +  FROM "sample"
          189  +  WINDOW w AS (PARTITION BY "counter" ORDER BY "value" DESC) 
          190  +  ORDER BY "counter", RANK() OVER w
          191  +} {
          192  +  1 20.0 1   1 10.0 2   2 3.0 1   2 1.0 2  3 100.0 1
          193  +}
   173    194   
   174    195   finish_test
   175         -