Fix a valgrind error and potential buffer overread when handling a corrupt database.

FossilOrigin-Name: b1e0cd6444d1f710e58129723b285cf1321679fa920fc2841492dcb489ab8b9d
author: dan <Dan Kennedy> 2023-03-21 11:13:53 +0000
committer: dan <Dan Kennedy> 2023-03-21 11:13:53 +0000
commit: 29fbee66c93582c714b1535cb56ea708510d08c3 (patch)
tree: 3614634a67c0dd9d2adde23aea8e4747f99dca50 /src
parent: 1eca5b5a4011efd2ac5a89396e812d5b3119be38 (diff)
download: sqlite-29fbee66c93582c714b1535cb56ea708510d08c3.tar.gz
sqlite-29fbee66c93582c714b1535cb56ea708510d08c3.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/src/where.c b/src/where.c
index f707fab12..9de72d76d 100644
--- a/src/where.c
+++ b/src/where.c
@@ -1526,6 +1526,7 @@ static int whereKeyStats(
   assert( pRec!=0 );
   assert( pIdx->nSample>0 );
   assert( pRec->nField>0 );
+ 
 
   /* Do a binary search to find the first sample greater than or equal
   ** to pRec. If pRec contains a single field, the set of samples to search
@@ -1571,7 +1572,12 @@ static int whereKeyStats(
   ** it is extended to two fields. The duplicates that this creates do not 
   ** cause any problems.
   */
-  nField = MIN(pRec->nField, pIdx->nSample);
+  if( !HasRowid(pIdx->pTable) && IsPrimaryKeyIndex(pIdx) ){
+    nField = pIdx->nKeyCol;
+  }else{
+    nField = pIdx->nColumn;
+  }
+  nField = MIN(pRec->nField, nField);
   iCol = 0;
   iSample = pIdx->nSample * nField;
   do{
author	dan <Dan Kennedy>	2023-03-21 11:13:53 +0000
committer	dan <Dan Kennedy>	2023-03-21 11:13:53 +0000
commit	29fbee66c93582c714b1535cb56ea708510d08c3 (patch)
tree	3614634a67c0dd9d2adde23aea8e4747f99dca50 /src
parent	1eca5b5a4011efd2ac5a89396e812d5b3119be38 (diff)
download	sqlite-29fbee66c93582c714b1535cb56ea708510d08c3.tar.gz sqlite-29fbee66c93582c714b1535cb56ea708510d08c3.zip