/ Check-in [ef591461]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Begin enforcing the SQLITE_LIMIT_VDBE_OP. The documentation warned that this day might come.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: ef5914617088cbf89bfae88f63ea959a07f02dff387ddc2b43948ad99c6a97b8
User & Date: drh 2017-03-17 22:50:16
Context
2017-03-17
22:51
Set a reasonable limit on the number of opcodes in a prepared statement for ossfuzz.c. This should prevent timeouts in OSS-Fuzz when it generates totally unreasonable queries. check-in: f74899ed user: drh tags: trunk
22:50
Begin enforcing the SQLITE_LIMIT_VDBE_OP. The documentation warned that this day might come. check-in: ef591461 user: drh tags: trunk
14:59
Add the --show-errors and --show-max-delay command-line options to the ossshell test program. check-in: 626bdca9 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/sqlite.h.in.

  3420   3420   ** <dd>The maximum depth of the parse tree on any expression.</dd>)^
  3421   3421   **
  3422   3422   ** [[SQLITE_LIMIT_COMPOUND_SELECT]] ^(<dt>SQLITE_LIMIT_COMPOUND_SELECT</dt>
  3423   3423   ** <dd>The maximum number of terms in a compound SELECT statement.</dd>)^
  3424   3424   **
  3425   3425   ** [[SQLITE_LIMIT_VDBE_OP]] ^(<dt>SQLITE_LIMIT_VDBE_OP</dt>
  3426   3426   ** <dd>The maximum number of instructions in a virtual machine program
  3427         -** used to implement an SQL statement.  This limit is not currently
  3428         -** enforced, though that might be added in some future release of
  3429         -** SQLite.</dd>)^
         3427  +** used to implement an SQL statement.  If [sqlite3_prepare_v2()] or
         3428  +** the equivalent tries to allocate space for more than this many opcodes
         3429  +** in a single prepared statement, an SQLITE_NOMEM error is returned.
         3430  +** A value of 0 means "unlimited".</dd>)^
  3430   3431   **
  3431   3432   ** [[SQLITE_LIMIT_FUNCTION_ARG]] ^(<dt>SQLITE_LIMIT_FUNCTION_ARG</dt>
  3432   3433   ** <dd>The maximum number of arguments on a function.</dd>)^
  3433   3434   **
  3434   3435   ** [[SQLITE_LIMIT_ATTACHED]] ^(<dt>SQLITE_LIMIT_ATTACHED</dt>
  3435   3436   ** <dd>The maximum number of [ATTACH | attached databases].)^</dd>
  3436   3437   **
................................................................................
  3459   3460   #define SQLITE_LIMIT_VDBE_OP                   5
  3460   3461   #define SQLITE_LIMIT_FUNCTION_ARG              6
  3461   3462   #define SQLITE_LIMIT_ATTACHED                  7
  3462   3463   #define SQLITE_LIMIT_LIKE_PATTERN_LENGTH       8
  3463   3464   #define SQLITE_LIMIT_VARIABLE_NUMBER           9
  3464   3465   #define SQLITE_LIMIT_TRIGGER_DEPTH            10
  3465   3466   #define SQLITE_LIMIT_WORKER_THREADS           11
         3467  +
  3466   3468   
  3467   3469   /*
  3468   3470   ** CAPI3REF: Compiling An SQL Statement
  3469   3471   ** KEYWORDS: {SQL statement compiler}
  3470   3472   ** METHOD: sqlite3
  3471   3473   ** CONSTRUCTOR: sqlite3_stmt
  3472   3474   **

Changes to src/sqliteLimit.h.

    83     83   #endif
    84     84   
    85     85   /*
    86     86   ** The maximum number of opcodes in a VDBE program.
    87     87   ** Not currently enforced.
    88     88   */
    89     89   #ifndef SQLITE_MAX_VDBE_OP
    90         -# define SQLITE_MAX_VDBE_OP 25000
           90  +# define SQLITE_MAX_VDBE_OP 250000000
    91     91   #endif
    92     92   
    93     93   /*
    94     94   ** The maximum number of arguments to an SQL function.
    95     95   */
    96     96   #ifndef SQLITE_MAX_FUNCTION_ARG
    97     97   # define SQLITE_MAX_FUNCTION_ARG 127

Changes to src/vdbeaux.c.

   112    112     ** size of the op array or add 1KB of space, whichever is smaller. */
   113    113   #ifdef SQLITE_TEST_REALLOC_STRESS
   114    114     int nNew = (p->nOpAlloc>=512 ? p->nOpAlloc*2 : p->nOpAlloc+nOp);
   115    115   #else
   116    116     int nNew = (p->nOpAlloc ? p->nOpAlloc*2 : (int)(1024/sizeof(Op)));
   117    117     UNUSED_PARAMETER(nOp);
   118    118   #endif
          119  +
          120  +  /* Ensure that the size of a VDBE does not grow too large */
          121  +  if( nNew > p->db->aLimit[SQLITE_LIMIT_VDBE_OP] ){
          122  +    sqlite3OomFault(p->db);
          123  +    return SQLITE_NOMEM;
          124  +  }
   119    125   
   120    126     assert( nOp<=(1024/sizeof(Op)) );
   121    127     assert( nNew>=(p->nOpAlloc+nOp) );
   122    128     pNew = sqlite3DbRealloc(p->db, v->aOp, nNew*sizeof(Op));
   123    129     if( pNew ){
   124    130       p->szOpAlloc = sqlite3DbMallocSize(p->db, pNew);
   125    131       p->nOpAlloc = p->szOpAlloc/sizeof(Op);