SQLite

View Ticket
Login
2015-01-09
01:27 Fixed ticket [a59ae93e]: Crashes due to fuzzed input plus 5 other changes (artifact: 2907380e user: drh)
01:27
Fix three crash problems discovered by afl-fuzz. Ticket [a59ae93ee990a55]. (check-in: fe578863 user: drh tags: trunk)
00:43 New ticket [a59ae93e] Crashes due to fuzzed input. (artifact: 30acea0d user: drh)

Ticket Hash: a59ae93ee990a55021e617a50616607eb51af8c9
Title: Crashes due to fuzzed input
Status: Fixed Type: Code_Defect
Severity: Severe Priority: Immediate
Subsystem: Unknown Resolution: Fixed
Last Modified: 2015-01-09 01:27:34
Version Found In:
User Comments:
drh added on 2015-01-09 00:43:34:

Michal Zalewski found several crashing bugs by running a fuzzer against SQLite and reported them on the mailing list, moments ago. Each of the following four statements causes a crash:

SELECT n()AND+#00;
SELECT(SELECT strftime());
DETACH(SELECT group_concat(q));
CREATE TABLE t0(t); INSERT INTO t0 SELECT strftime();