Merge updates from trunk

FossilOrigin-Name: 35351371c5e9602dec210ad0926ff8a1a269556ce1a166e81eb0543938e0c57e
author: drh <> 2021-10-01 02:16:52 +0000
committer: drh <> 2021-10-01 02:16:52 +0000
commit: 817424fe377dd4980f23a37125da8f39abdaba1c (patch)
tree: 7d52741b38a254d143147778a12e4fc6863e4fa1 /src
parent: f06db3e8929e36f7686ccc8f9f138359c6b12e80 (diff)
parent: afaa660aef3d596fabbbcf6e99746294f77dbafa (diff)
download: sqlite-817424fe377dd4980f23a37125da8f39abdaba1c.tar.gz
sqlite-817424fe377dd4980f23a37125da8f39abdaba1c.zip
4 files changed, 25 insertions, 13 deletions
diff --git a/src/alter.c b/src/alter.c
index 9cdc342ee..81f6cf69d 100644
--- a/src/alter.c
+++ b/src/alter.c
@@ -864,9 +864,7 @@ static int renameUnmapSelectCb(Walker *pWalker, Select *p){
   Parse *pParse = pWalker->pParse;
   int i;
   if( pParse->nErr ) return WRC_Abort;
-  if( p->selFlags & (SF_View|SF_CopyCte) ){
-    testcase( p->selFlags & SF_View );
-    testcase( p->selFlags & SF_CopyCte );
+  if( NEVER(p->selFlags & (SF_View|SF_CopyCte)) ){
     return WRC_Prune;
   }
   if( ALWAYS(p->pEList) ){
@@ -881,7 +879,7 @@ static int renameUnmapSelectCb(Walker *pWalker, Select *p){
     SrcList *pSrc = p->pSrc;
     for(i=0; i<pSrc->nSrc; i++){
       sqlite3RenameTokenRemap(pParse, 0, (void*)pSrc->a[i].zName);
-      if( sqlite3WalkExpr(pWalker, pSrc->a[i].pOn) ) return WRC_Abort;
+      sqlite3WalkExpr(pWalker, pSrc->a[i].pOn);
       unmapColumnIdlistNames(pParse, pSrc->a[i].pUsing);
     }
   }
diff --git a/src/dbstat.c b/src/dbstat.c
index 33f9ea8f7..bb88a76f4 100644
--- a/src/dbstat.c
+++ b/src/dbstat.c
@@ -26,6 +26,15 @@
     && !defined(SQLITE_OMIT_VIRTUALTABLE)
 
 /*
+** The pager and btree modules arrange objects in memory so that there are
+** always approximately 200 bytes of addressable memory following each page
+** buffer. This way small buffer overreads caused by corrupt database pages
+** do not cause undefined behaviour. This module pads each page buffer
+** by the following number of bytes for the same purpose.
+*/
+#define DBSTAT_PAGE_PADDING_BYTES 256
+
+/*
 ** Page paths:
 ** 
 **   The value of the 'path' column describes the path taken from the 
@@ -459,7 +468,7 @@ static int statDecodePage(Btree *pBt, StatPage *p){
         if( nPayload>(u32)nLocal ){
           int j;
           int nOvfl = ((nPayload - nLocal) + nUsable-4 - 1) / (nUsable - 4);
-          if( iOff+nLocal>nUsable || nPayload>0x7fffffff ){
+          if( iOff+nLocal+4>nUsable || nPayload>0x7fffffff ){
             goto statPageIsCorrupt;
           }
           pCell->nLastOvfl = (nPayload-nLocal) - (nOvfl-1) * (nUsable-4);
@@ -533,10 +542,11 @@ static int statGetPage(
   int rc;
 
   if( pPg->aPg==0 ){
-    pPg->aPg = (u8*)sqlite3_malloc(pgsz);
+    pPg->aPg = (u8*)sqlite3_malloc(pgsz + DBSTAT_PAGE_PADDING_BYTES);
     if( pPg->aPg==0 ){
       return SQLITE_NOMEM_BKPT;
     }
+    memset(&pPg->aPg[pgsz], 0, DBSTAT_PAGE_PADDING_BYTES);
   }
 
   rc = sqlite3PagerGet(sqlite3BtreePager(pBt), iPg, &pDbPage, 0);
diff --git a/src/expr.c b/src/expr.c
index 5b7a58fb5..d121fbfd2 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -516,12 +516,16 @@ Expr *sqlite3ExprForVectorField(
       pRet->pLeft = pVector;
     }
   }else{
-    if( pVector->op==TK_VECTOR ) pVector = pVector->x.pList->a[iField].pExpr;
-    pRet = sqlite3ExprDup(pParse->db, pVector, 0);
-    if( IN_RENAME_OBJECT && pRet ){
-      SWAP(Expr, *pRet, *pVector);
-      sqlite3RenameTokenRemap(pParse, pRet, pVector);
+    if( pVector->op==TK_VECTOR ){
+      Expr **ppVector = &pVector->x.pList->a[iField].pExpr;
+      pVector = *ppVector;
+      if( IN_RENAME_OBJECT ){
+        /* This must be a vector UPDATE inside a trigger */
+        *ppVector = 0;
+        return pVector;
+      }
     }
+    pRet = sqlite3ExprDup(pParse->db, pVector, 0);
   }
   return pRet;
 }
diff --git a/src/select.c b/src/select.c
index ba82d624d..6af8b85bc 100644
--- a/src/select.c
+++ b/src/select.c
@@ -5499,9 +5499,9 @@ static int selectExpander(Walker *pWalker, Select *p){
               pTab->zName);
           }
           pFrom->pSelect = sqlite3SelectDup(db, pTab->u.view.pSelect, 0);
-        }else
+        }
 #ifndef SQLITE_OMIT_VIRTUALTABLE
-        if( ALWAYS(IsVirtual(pTab))
+        else if( ALWAYS(IsVirtual(pTab))
          && pFrom->fg.fromDDL
          && ALWAYS(pTab->u.vtab.p!=0)
          && pTab->u.vtab.p->eVtabRisk > ((db->flags & SQLITE_TrustedSchema)!=0)
author	drh <>	2021-10-01 02:16:52 +0000
committer	drh <>	2021-10-01 02:16:52 +0000
commit	817424fe377dd4980f23a37125da8f39abdaba1c (patch)
tree	7d52741b38a254d143147778a12e4fc6863e4fa1 /src
parent	f06db3e8929e36f7686ccc8f9f138359c6b12e80 (diff)
parent	afaa660aef3d596fabbbcf6e99746294f77dbafa (diff)
download	sqlite-817424fe377dd4980f23a37125da8f39abdaba1c.tar.gz sqlite-817424fe377dd4980f23a37125da8f39abdaba1c.zip