SQLite

Check-in [fc06ddd458]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a logic error discovered by OSSFuzz that can cause an assert() fault if a LIKE operator is used on an INTEGER PRIMARY KEY.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: fc06ddd458fc1028b33b3927cc3b113b7106caa67136993de2e57926a8a19623
User & Date: drh 2018-03-31 23:28:55.602
Original Comment: Fix a logic error discovered by OSSFuzz.
Context
2018-04-02
00:16
Better solution to the LIKE problem from the previous check-in that works even if the SQLITE_LIKE_DOESNT_MATCH_BLOBS compile-time option is used. (check-in: b850dd1599 user: drh tags: trunk)
2018-03-31
23:28
Fix a logic error discovered by OSSFuzz that can cause an assert() fault if a LIKE operator is used on an INTEGER PRIMARY KEY. (check-in: fc06ddd458 user: drh tags: trunk)
16:31
Fix an assertion failure triggered by a SELECT with a compound sub-query that contains an incorrectly placed ORDER BY clause. This problem is just an assert() failure - non-DEBUG builds are not affected. Problem found by OSSFuzz. (check-in: 823779d31e user: dan tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/wherecode.c. 
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137

        continue;
      }
      if( iLoop<3 && (pTerm->wtFlags & TERM_VARSELECT) ){
        if( iNext==0 ) iNext = 3;
        continue;
      }

      if( pTerm->wtFlags & TERM_LIKECOND ){
        /* If the TERM_LIKECOND flag is set, that means that the range search
        ** is sufficient to guarantee that the LIKE operator is true, so we
        ** can skip the call to the like(A,B) function.  But this only works
        ** for strings.  So do not skip the call to the function on the pass
        ** that compares BLOBs. */
#ifdef SQLITE_LIKE_DOESNT_MATCH_BLOBS
        continue;








|








2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137

        continue;
      }
      if( iLoop<3 && (pTerm->wtFlags & TERM_VARSELECT) ){
        if( iNext==0 ) iNext = 3;
        continue;
      }

      if( (pTerm->wtFlags & TERM_LIKECOND)!=0 && pLevel->iLikeRepCntr ){
        /* If the TERM_LIKECOND flag is set, that means that the range search
        ** is sufficient to guarantee that the LIKE operator is true, so we
        ** can skip the call to the like(A,B) function.  But this only works
        ** for strings.  So do not skip the call to the function on the pass
        ** that compares BLOBs. */
#ifdef SQLITE_LIKE_DOESNT_MATCH_BLOBS
        continue;