Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Change log typo fixes. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
0e82b7e2ddb95985fb0e40f3e2bcca39 |
User & Date: | drh 2017-07-25 17:03:27.440 |
Context
2017-07-26
| ||
15:06 | Update test metrics on the testing.html page. (check-in: 6fc727b510 user: drh tags: trunk) | |
2017-07-25
| ||
17:03 | Change log typo fixes. (check-in: 0e82b7e2dd user: drh tags: trunk) | |
15:57 | More typo fixes. (check-in: 9fdf1274f9 user: drh tags: trunk) | |
Changes
Changes to pages/bindptr.in.
︙ | |||
85 86 87 88 89 90 91 | 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 | - + | <p> Because the pointer is passed in the t1 column of the t1 table as a BLOB (in older versions of SQLite), such a query would have shown the value of the pointer in hex. The attacker could then modify that pointer to try to get the snippet() function to modify memory in some other part of the application address space instead of the fts3cursor object it |
︙ | |||
107 108 109 110 111 112 113 | 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 | - + | arbitrary SQL, and so most uses of SQLite are immute to the attack above. But there are some notable exceptions. To wit: <ul> <li><p> The [https://en.wikipedia.org/wiki/Web_SQL_Database|WebSQL] interface to webkit allowed any webpage to to run arbitrary SQL in the browser |
︙ |
Changes to pages/changes.in.
︙ | |||
20 21 22 23 24 25 26 | 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 | - + - - - - + + | set xrefChng($date) $nChng incr nChng } chng {2017-08-01 (3.20.0)} { <li> Update the text of error messages returned by [sqlite3_errmsg()] for some error codes. |
︙ |