SQLite

Check-in [8a55b8e179]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Avoid a crash that can occur after an obscure OOM in the built-in INSTR() function.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | branch-3.15
Files: files | file ages | folders
SHA1: 8a55b8e179f3fd14ae656680ed4ebd462800e2f6
User & Date: drh 2016-11-23 20:19:00.738
Context
2016-11-23
20:24
Fix the JSON1 extension so that the JSON validator correctly rejects malformed backslash escapes within string literals. (check-in: 7c46628380 user: drh tags: branch-3.15)
20:19
Avoid a crash that can occur after an obscure OOM in the built-in INSTR() function. (check-in: 8a55b8e179 user: drh tags: branch-3.15)
20:12
Mark the ICU extension functions as deterministic. (check-in: 8fd2fccefb user: drh tags: branch-3.15)
2016-11-04
12:05
Avoid a crash that can occur after an obscure OOM in the built-in INSTR() function. (check-in: b86b79c442 user: dan tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/func.c. 
204
205
206
207
208
209
210


211
212
213
214
215
216
217

    zHaystack = sqlite3_value_blob(argv[0]);
    zNeedle = sqlite3_value_blob(argv[1]);
    isText = 0;
  }else{
    zHaystack = sqlite3_value_text(argv[0]);
    zNeedle = sqlite3_value_text(argv[1]);
    isText = 1;


  }
  while( nNeedle<=nHaystack && memcmp(zHaystack, zNeedle, nNeedle)!=0 ){
    N++;
    do{
      nHaystack--;
      zHaystack++;
    }while( isText && (zHaystack[0]&0xc0)==0x80 );








>
>








204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219

    zHaystack = sqlite3_value_blob(argv[0]);
    zNeedle = sqlite3_value_blob(argv[1]);
    isText = 0;
  }else{
    zHaystack = sqlite3_value_text(argv[0]);
    zNeedle = sqlite3_value_text(argv[1]);
    isText = 1;
    if( zNeedle==0 ) return;
    assert( zHaystack );
  }
  while( nNeedle<=nHaystack && memcmp(zHaystack, zNeedle, nNeedle)!=0 ){
    N++;
    do{
      nHaystack--;
      zHaystack++;
    }while( isText && (zHaystack[0]&0xc0)==0x80 );
Added test/instrfault.test. 










































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

# 2016 November 4
#
# The author disclaims copyright to this source code.  In place of
# a legal notice, here is a blessing:
#
#    May you do good and not evil.
#    May you find forgiveness for yourself and forgive others.
#    May you share freely, never taking more than you give.
#
#***********************************************************************
# This file implements regression tests for SQLite library.  The
# focus of this file is testing OOM error handling within the built-in 
# INSTR() function.
#


set testdir [file dirname $argv0]
source $testdir/tester.tcl
set testprefix instrfault

# Use big NEEDLE and HAYSTACK strings. Strings so large they cannot
# use lookaside buffers.
#
set ::NEEDLE [string repeat "abcdefghijklmnopqrstuvwxyz" 10]
set ::HAYSTACK "[string repeat 123 10]$NEEDLE[string repeat 456 10]"

foreach {enc} {
  utf8
  utf16
} {
  reset_db
  execsql "PRAGMA encoding = $enc"
  do_execsql_test 1.$enc.1 {
    CREATE TABLE t1(n, h);
    INSERT INTO t1 VALUES($::NEEDLE, $::HAYSTACK);
  } {}

  do_faultsim_test 1.$enc.1 -faults oom-t* -prep {
    execsql { SELECT instr(h, n) FROM t1 }
  } -body {
    execsql { SELECT instr(h, n) FROM t1 }
  } -test {
    faultsim_test_result {0 31}
  }

  do_faultsim_test 1.$enc.2 -faults oom-t* -prep {
    execsql { SELECT instr($::HAYSTACK, $::NEEDLE) FROM t1 }
  } -body {
    execsql { SELECT instr($::HAYSTACK, $::NEEDLE) FROM t1 }
  } -test {
    faultsim_test_result {0 31}
  }

  do_faultsim_test 1.$enc.3 -faults oom-t* -prep {
    set ::stmt [sqlite3_prepare_v2 db "SELECT instr(?, ?)" -1 dummy]
    sqlite3_bind_text $::stmt 1 $::HAYSTACK [string length $::HAYSTACK]
    sqlite3_bind_text $::stmt 2 $::NEEDLE [string length $::NEEDLE]
  } -body {
    set rc [sqlite3_step $::stmt]
    if {$rc=="SQLITE_NOMEM"} { error "out of memory" }
    sqlite3_column_int $::stmt 0
  } -test {
    faultsim_test_result {0 31}
    sqlite3_finalize $::stmt
  }
}

finish_test