Fix an unsafe use of sqlite3_mprintf() in sqlite3_overload_function() identified by forum post: <https://sqlite.org/forum/forumpost/95b338860d>.

FossilOrigin-Name: 9fa2b94c2e0fd43c1a9c15a79fe1325afa1699f0685dcd039024a80185cc5658
author: dan <Dan Kennedy> 2022-12-15 11:31:11 +0000
committer: dan <Dan Kennedy> 2022-12-15 11:31:11 +0000
commit: 7acee13eb2b90fc246e80a8a89d6b6a97ae0cb0d (patch)
tree: e32c6c5376baa3c4f8caeb8ab3836ced2ba9aeb6 /src
parent: 73b471964b872eaa99a4f3d7243fbfa9497fbe0c (diff)
download: sqlite-7acee13eb2b90fc246e80a8a89d6b6a97ae0cb0d.tar.gz
sqlite-7acee13eb2b90fc246e80a8a89d6b6a97ae0cb0d.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/main.c b/src/main.c
index ecb4190fd..a2d96ad28 100644
--- a/src/main.c
+++ b/src/main.c
@@ -2119,7 +2119,7 @@ int sqlite3_overload_function(
   rc = sqlite3FindFunction(db, zName, nArg, SQLITE_UTF8, 0)!=0;
   sqlite3_mutex_leave(db->mutex);
   if( rc ) return SQLITE_OK;
-  zCopy = sqlite3_mprintf(zName);
+  zCopy = sqlite3_mprintf("%s", zName);
   if( zCopy==0 ) return SQLITE_NOMEM;
   return sqlite3_create_function_v2(db, zName, nArg, SQLITE_UTF8,
                            zCopy, sqlite3InvalidFunction, 0, 0, sqlite3_free);
author	dan <Dan Kennedy>	2022-12-15 11:31:11 +0000
committer	dan <Dan Kennedy>	2022-12-15 11:31:11 +0000
commit	7acee13eb2b90fc246e80a8a89d6b6a97ae0cb0d (patch)
tree	e32c6c5376baa3c4f8caeb8ab3836ced2ba9aeb6 /src
parent	73b471964b872eaa99a4f3d7243fbfa9497fbe0c (diff)
download	sqlite-7acee13eb2b90fc246e80a8a89d6b6a97ae0cb0d.tar.gz sqlite-7acee13eb2b90fc246e80a8a89d6b6a97ae0cb0d.zip