SQLite

Check-in [bc891ac6b6]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:OSSFuzz found a case where an assert() inside sqlite3ExprCompare() can be true. Test case added to TH3.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | branch-3.26
Files: files | file ages | folders
SHA3-256: bc891ac6b62fe7d9a5c157a95d0b9dc2559f7abb84d7b22e258acb9b250c224f
User & Date: drh 2018-12-12 11:57:35.159
Context
2019-01-22
18:20
Add the SQLITE_ENABLE_EARLY_CURSOR_CLOSE compile-time option which causes read cursors to be closed after their usefulness ends during a two-pass UPDATE. (check-in: 8790368b4a user: mistachkin tags: branch-3.26)
2018-12-12
11:57
OSSFuzz found a case where an assert() inside sqlite3ExprCompare() can be true. Test case added to TH3. (check-in: bc891ac6b6 user: drh tags: branch-3.26)
11:54
Fix a problem with using "<db>-vacuum" (the default) as the state database when resuming an RBU vacuum. (check-in: 6b7567fc0c user: drh tags: branch-3.26)
11:23
OSSFuzz found a case where an assert() inside sqlite3ExprCompare() can be true. Test case added to TH3. (check-in: 23b62fb160 user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/expr.c.
4788
4789
4790
4791
4792
4793
4794
4795
4796



4797
4798
4799
4800
4801
4802
4803
  if( (pA->flags & EP_Distinct)!=(pB->flags & EP_Distinct) ) return 2;
  if( ALWAYS((combinedFlags & EP_TokenOnly)==0) ){
    if( combinedFlags & EP_xIsSelect ) return 2;
    if( (combinedFlags & EP_FixedCol)==0
     && sqlite3ExprCompare(pParse, pA->pLeft, pB->pLeft, iTab) ) return 2;
    if( sqlite3ExprCompare(pParse, pA->pRight, pB->pRight, iTab) ) return 2;
    if( sqlite3ExprListCompare(pA->x.pList, pB->x.pList, iTab) ) return 2;
    assert( (combinedFlags & EP_Reduced)==0 );
    if( pA->op!=TK_STRING && pA->op!=TK_TRUEFALSE ){



      if( pA->iColumn!=pB->iColumn ) return 2;
      if( pA->iTable!=pB->iTable 
       && (pA->iTable!=iTab || NEVER(pB->iTable>=0)) ) return 2;
    }
  }
  return 0;
}







<
|
>
>
>







4788
4789
4790
4791
4792
4793
4794

4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
  if( (pA->flags & EP_Distinct)!=(pB->flags & EP_Distinct) ) return 2;
  if( ALWAYS((combinedFlags & EP_TokenOnly)==0) ){
    if( combinedFlags & EP_xIsSelect ) return 2;
    if( (combinedFlags & EP_FixedCol)==0
     && sqlite3ExprCompare(pParse, pA->pLeft, pB->pLeft, iTab) ) return 2;
    if( sqlite3ExprCompare(pParse, pA->pRight, pB->pRight, iTab) ) return 2;
    if( sqlite3ExprListCompare(pA->x.pList, pB->x.pList, iTab) ) return 2;

    if( pA->op!=TK_STRING
     && pA->op!=TK_TRUEFALSE
     && (combinedFlags & EP_Reduced)==0
    ){
      if( pA->iColumn!=pB->iColumn ) return 2;
      if( pA->iTable!=pB->iTable 
       && (pA->iTable!=iTab || NEVER(pB->iTable>=0)) ) return 2;
    }
  }
  return 0;
}