/ Check-in [9a425051]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a corner-case for the logic that cause an insert of a NULL into an INTEGER PRIMARY KEY column to be converted into a valid integer key, when the NULL results from a CASE expression that lacks an ELSE clause.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 9a425051e7ba59e797636f5cf32b5f6efafdb21c8d5300e099b8008b829c1439
User & Date: drh 2019-01-17 04:40:04
Context
2019-01-17
14:34
Limit the size of SrcList objects to 200 entries (compile-time configurable using -DSQLITE_MAX_SRCLIST=n). The maximum number of tables in a join has always been 64, so this is not a real constraint on capability. Limiting the size of a SrcList prevents DOS attacks (discovered by OSSFuzz) using crazy nexted CTE joins. check-in: 7cac614d user: drh tags: trunk
04:40
Fix a corner-case for the logic that cause an insert of a NULL into an INTEGER PRIMARY KEY column to be converted into a valid integer key, when the NULL results from a CASE expression that lacks an ELSE clause. check-in: 9a425051 user: drh tags: trunk
03:43
Ensure that the variable-length integer decoder in FTS3 never tries to left-shift a negative number. check-in: 10ffc1fe user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/insert.c.

   949    949       }
   950    950       if( ipkColumn>=0 ){
   951    951         if( useTempTable ){
   952    952           sqlite3VdbeAddOp3(v, OP_Column, srcTab, ipkColumn, regRowid);
   953    953         }else if( pSelect ){
   954    954           sqlite3VdbeAddOp2(v, OP_Copy, regFromSelect+ipkColumn, regRowid);
   955    955         }else{
   956         -        VdbeOp *pOp;
   957         -        sqlite3ExprCode(pParse, pList->a[ipkColumn].pExpr, regRowid);
   958         -        pOp = sqlite3VdbeGetOp(v, -1);
   959         -        assert( pOp!=0 );
   960         -        if( pOp->opcode==OP_Null && !IsVirtual(pTab) ){
          956  +        Expr *pIpk = pList->a[ipkColumn].pExpr;
          957  +        if( pIpk->op==TK_NULL && !IsVirtual(pTab) ){
          958  +          sqlite3VdbeAddOp3(v, OP_NewRowid, iDataCur, regRowid, regAutoinc);
   961    959             appendFlag = 1;
   962         -          pOp->opcode = OP_NewRowid;
   963         -          pOp->p1 = iDataCur;
   964         -          pOp->p2 = regRowid;
   965         -          pOp->p3 = regAutoinc;
          960  +        }else{
          961  +          sqlite3ExprCode(pParse, pList->a[ipkColumn].pExpr, regRowid);
   966    962           }
   967    963         }
   968    964         /* If the PRIMARY KEY expression is NULL, then use OP_NewRowid
   969    965         ** to generate a unique primary key value.
   970    966         */
   971    967         if( !appendFlag ){
   972    968           int addr1;

Changes to test/insert.test.

   444    444     DROP TABLE IF EXISTS t13;
   445    445     CREATE TABLE t13(a INTEGER PRIMARY KEY,b UNIQUE);
   446    446     CREATE INDEX t13x1 ON t13(-b=b);
   447    447     INSERT INTO t13 VALUES(1,5),(6,2);
   448    448     REPLACE INTO t13 SELECT b,0 FROM t13;
   449    449     SELECT * FROM t13 ORDER BY +b;
   450    450   } {2 0 6 2 1 5}
          451  +
          452  +# 2019-01-17.  From the chromium fuzzer.
          453  +#
          454  +do_execsql_test insert-14.1 {
          455  +  DROP TABLE IF EXISTS t14;
          456  +  CREATE TABLE t14(x INTEGER PRIMARY KEY);
          457  +  INSERT INTO t14 VALUES(CASE WHEN 1 THEN null END);
          458  +  SELECT x FROM t14;
          459  +} {1}
   451    460   
   452    461   integrity_check insert-99.0
   453    462   
   454    463   finish_test