SQLite

Check-in [21ecbce137]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Improve detection of out-of-range parameters in sqlite3_stmt_status() for SQLITE_ENABLE_API_ARMOR builds.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 21ecbce1378f3cc4b1051628b8c1580bb807c8745a1f525bc089036af93a54af
User & Date: dan 2018-03-14 08:27:39.022
References
2018-03-14
15:06
Disable one of the test cases from check-in [21ecbce1378f3cc4] when API_ARMOR is not enabled. (check-in: 8fb23d4281 user: drh tags: trunk)
Context
2018-03-14
15:06
Disable one of the test cases from check-in [21ecbce1378f3cc4] when API_ARMOR is not enabled. (check-in: 8fb23d4281 user: drh tags: trunk)
14:53
Add the SQLITE_DBSTATUS_CACHE_SPILL option to sqlite3_db_status() (Closed-Leaf check-in: 3faeb85137 user: drh tags: dbstatus-cache-spill)
08:27
Improve detection of out-of-range parameters in sqlite3_stmt_status() for SQLITE_ENABLE_API_ARMOR builds. (check-in: 21ecbce137 user: dan tags: trunk)
2018-03-12
21:09
Fix a typo causing SQLITE_LOG_CACHE_SPILL builds to fail. (check-in: 0171d4a71c user: dan tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/vdbeapi.c. 
1664
1665
1666
1667
1668
1669
1670
1671


1672
1673
1674
1675
1676
1677
1678

/*
** Return the value of a status counter for a prepared statement
*/
int sqlite3_stmt_status(sqlite3_stmt *pStmt, int op, int resetFlag){
  Vdbe *pVdbe = (Vdbe*)pStmt;
  u32 v;
#ifdef SQLITE_ENABLE_API_ARMOR
  if( !pStmt ){


    (void)SQLITE_MISUSE_BKPT;
    return 0;
  }
#endif
  if( op==SQLITE_STMTSTATUS_MEMUSED ){
    sqlite3 *db = pVdbe->db;
    sqlite3_mutex_enter(db->mutex);








|
>
>








1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680

/*
** Return the value of a status counter for a prepared statement
*/
int sqlite3_stmt_status(sqlite3_stmt *pStmt, int op, int resetFlag){
  Vdbe *pVdbe = (Vdbe*)pStmt;
  u32 v;
#ifdef SQLITE_ENABLE_API_ARMOR
  if( !pStmt 
   || (op!=SQLITE_STMTSTATUS_MEMUSED && (op<0||op>=ArraySize(pVdbe->aCounter)))
  ){
    (void)SQLITE_MISUSE_BKPT;
    return 0;
  }
#endif
  if( op==SQLITE_STMTSTATUS_MEMUSED ){
    sqlite3 *db = pVdbe->db;
    sqlite3_mutex_enter(db->mutex);
Changes to test/dbstatus.test. 
411
412
413
414
415
416
417





































418


    do_cacheused_test 4.2.3 db2 { 4568 4568 }
    sqlite3 db file:test.db?cache=shared
    do_cacheused_test 4.2.4 db2 { 4568 2284 }
    db2 close
  }
}






































finish_test









>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

>

411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456

    do_cacheused_test 4.2.3 db2 { 4568 4568 }
    sqlite3 db file:test.db?cache=shared
    do_cacheused_test 4.2.4 db2 { 4568 2284 }
    db2 close
  }
}

#-------------------------------------------------------------------------
# Test that passing an out-of-range value to sqlite3_stmt_status does
# not cause a crash.
reset_db
do_execsql_test 5.0 {
  CREATE TABLE t1(x, y);
  INSERT INTO t1 VALUES(1, 2);
  INSERT INTO t1 VALUES(3, 4);
}

do_test 5.1 {
  set ::stmt [sqlite3_prepare db "SELECT * FROM t1" -1 dummy]
  sqlite3_step $::stmt
  sqlite3_step $::stmt
  sqlite3_step $::stmt
  sqlite3_reset $::stmt
} {SQLITE_OK}

do_test 5.2 { sqlite3_stmt_status $::stmt -1 0 } 0
do_test 5.3 { sqlite3_stmt_status $::stmt  7 0 } 0
do_test 5.4 { 
  expr [sqlite3_stmt_status $::stmt 99 0]>0 
} 1
foreach {tn id res} {
  1 SQLITE_STMTSTATUS_MEMUSED 1
  2 SQLITE_STMTSTATUS_FULLSCAN_STEP 1
  3 SQLITE_STMTSTATUS_SORT 0
  4 SQLITE_STMTSTATUS_AUTOINDEX 0
  5 SQLITE_STMTSTATUS_VM_STEP 1
  6 SQLITE_STMTSTATUS_REPREPARE 0
  7 SQLITE_STMTSTATUS_RUN 1
} {
if {$tn==2} breakpoint
  do_test 5.5.$tn { expr [sqlite3_stmt_status $::stmt $id 0]>0 } $res
}

sqlite3_finalize $::stmt
finish_test