Fix a possible null pointer deref following OOM. Discovered by dbsqlfuzz.

FossilOrigin-Name: cc888878ea8d5bc754c69de523819d32d6d9853857e31d7287f9dbfd723428db
author: drh <drh@noemail.net> 2020-06-26 04:34:28 +0000
committer: drh <drh@noemail.net> 2020-06-26 04:34:28 +0000
commit: d8d335d737682456565942f5eb9a4cac9878eae1 (patch)
tree: 43731c8369ea5cf390df1ac86ac87fd4e6d226fd /src/expr.c
parent: 0f40e8dd411513ac457a7ee76524b4b5661d6b62 (diff)
download: sqlite-d8d335d737682456565942f5eb9a4cac9878eae1.tar.gz
sqlite-d8d335d737682456565942f5eb9a4cac9878eae1.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/expr.c b/src/expr.c
index 201d53ac3..9b63a569b 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -4270,7 +4270,9 @@ expr_code_doover:
       int nCol;
       testcase( op==TK_EXISTS );
       testcase( op==TK_SELECT );
-      if( op==TK_SELECT && (nCol = pExpr->x.pSelect->pEList->nExpr)!=1 ){
+      if( pParse->db->mallocFailed ){
+        return 0;
+      }else if( op==TK_SELECT && (nCol = pExpr->x.pSelect->pEList->nExpr)!=1 ){
         sqlite3SubselectError(pParse, nCol, 1);
       }else{
         return sqlite3CodeSubselect(pParse, pExpr);
author	drh <drh@noemail.net>	2020-06-26 04:34:28 +0000
committer	drh <drh@noemail.net>	2020-06-26 04:34:28 +0000
commit	d8d335d737682456565942f5eb9a4cac9878eae1 (patch)
tree	43731c8369ea5cf390df1ac86ac87fd4e6d226fd /src/expr.c
parent	0f40e8dd411513ac457a7ee76524b4b5661d6b62 (diff)
download	sqlite-d8d335d737682456565942f5eb9a4cac9878eae1.tar.gz sqlite-d8d335d737682456565942f5eb9a4cac9878eae1.zip