Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Avoid branching on an uninitalized variable when comparing SQL values with the undefined serial types 10 and 11 (which only appear in corrupt databases). |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
b4a45d3b78fede2433ac18f20b1ab7bd |
User & Date: | dan 2015-05-26 20:07:32.939 |
Context
2015-05-26
| ||
20:31 | Avoid a buffer overread when comparing against a corrupt record that spans at least one overflow page. (check-in: 62a5b3633a user: dan tags: trunk) | |
20:07 | Avoid branching on an uninitalized variable when comparing SQL values with the undefined serial types 10 and 11 (which only appear in corrupt databases). (check-in: b4a45d3b78 user: dan tags: trunk) | |
19:08 | The "make fuzztest" target now uses fuzzcheck instead of fuzzershell. Test data is added for database fuzz testing. (check-in: 5e3e410bf4 user: drh tags: trunk) | |
Changes
Changes to src/vdbeaux.c.
︙ | ︙ | |||
3673 3674 3675 3676 3677 3678 3679 | } } } /* RHS is real */ else if( pRhs->flags & MEM_Real ){ serial_type = aKey1[idx1]; | | > > > > | 3673 3674 3675 3676 3677 3678 3679 3680 3681 3682 3683 3684 3685 3686 3687 3688 3689 3690 3691 | } } } /* RHS is real */ else if( pRhs->flags & MEM_Real ){ serial_type = aKey1[idx1]; if( serial_type>=10 ){ /* Serial types 12 or greater are strings and blobs (greater than ** numbers). Types 10 and 11 are currently "reserved for future ** use", so it doesn't really matter what the results of comparing ** them to numberic values are. */ rc = +1; }else if( serial_type==0 ){ rc = -1; }else{ double rhs = pRhs->u.r; double lhs; sqlite3VdbeSerialGet(&aKey1[d1], serial_type, &mem1); |
︙ | ︙ |