aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--manifest16
-rw-r--r--manifest.uuid2
-rw-r--r--src/vdbeapi.c3
-rw-r--r--test/scanstatus2.test11
4 files changed, 22 insertions, 10 deletions
diff --git a/manifest b/manifest
index 3e57f6173..2ec51c300 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Revert\sthe\sprevious\schange.\s\sInstead,\sdo\sa\spre-check\sof\sthe\sCREATE\sTABLE\nstatement\sthat\sis\sthe\ssecond\sargument\sto\ssqlite3_declare_vtab()\sand\sif\nthe\sfirst\stwo\skeywords\sare\snot\s"CREATE"\sand\s"TABLE",\sthen\sraise\san\nSQLITE_MISUSE\serror.
-D 2024-03-25T18:24:28.496
+C Fix\sa\stheoretical\sOOB\smemory\saccess\sin\ssqlite3_stmt_scanstatus_v2().
+D 2024-03-25T18:30:15.250
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -823,7 +823,7 @@ F src/vacuum.c 604fcdaebe76f3497c855afcbf91b8fa5046b32de3045bab89cc008d68e40104
F src/vdbe.c 651aa0f31027d5d0a133eb7b41d11c41dc3b88ecb760b770430da0e477ae3b6c
F src/vdbe.h c2d78d15112c3fc5ab87f5e8e0b75d2db1c624409de2e858c3d1aafb1650bb4f
F src/vdbeInt.h 949669dfd8a41550d27dcb905b494f2ccde9a2e6c1b0b04daa1227e2e74c2b2c
-F src/vdbeapi.c 8f57d60c89da0b60e6d4e272358c511f6bae4e24330bdb11f8b42f986d1bf21b
+F src/vdbeapi.c 80235ac380e9467fec1cb0883354d841f2a771976e766995f7e0c77f845406df
F src/vdbeaux.c 6385727adf51a649e4993098870a62c3945fe21dbc0e0fd9013772aff930b8fb
F src/vdbeblob.c 13f9287b55b6356b4b1845410382d6bede203ceb29ef69388a4a3d007ffacbe5
F src/vdbemem.c 213bf303826c0ef702e3a2a69dab2309d84b8381b822c6787885859fd7cd4c4e
@@ -1560,7 +1560,7 @@ F test/savepoint6.test f41279c5e137139fa5c21485773332c7adb98cd7
F test/savepoint7.test cde525ea3075283eb950cdcdefe23ead4f700daa
F test/savepointfault.test f044eac64b59f09746c7020ee261734de82bf9b2
F test/scanstatus.test b249328caf4d317e71058006872b8012598a5fa045b30bf24a81eeff650ab49e
-F test/scanstatus2.test 317670daf7f3eef48a9598cb7800ba8eccab51949cf52bca3f7da3b83a0c1c8c
+F test/scanstatus2.test 688adc0c3ab1ffadead218cbce6446b10aa892004a8ea5e3640d59257fb836f2
F test/schema.test 5dd11c96ba64744de955315d2e4f8992e447533690153b93377dffb2a5ef5431
F test/schema2.test 906408621ea881fdb496d878b1822572a34e32c5
F test/schema3.test 8ed4ae66e082cdd8b1b1f22d8549e1e7a0db4527a8e6ee8b6193053ee1e5c9ce
@@ -2182,8 +2182,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 715fcf033a6c0c64fa3076d58be8c39246aebef922c1a44a31831b40e165015e
-R 56888bcd4145065d254cef5a88e451fc
-U drh
-Z d2c55463ac4c41ce779d550b765c534c
+P 6a2ff8351244da2336055454dfad2dd40534b7cfb51e840f7f8cf2ddacf8649e
+R 1054addf5a80b70d64920561ede27990
+U dan
+Z b1b40567e29d2af418e3b643400eabb8
# Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index 8fc054c74..e0d4ad904 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-6a2ff8351244da2336055454dfad2dd40534b7cfb51e840f7f8cf2ddacf8649e \ No newline at end of file
+87be9580747b405c2c534beadb0f95cee0d4f34e0245f90e157a6b7ada38e092 \ No newline at end of file
diff --git a/src/vdbeapi.c b/src/vdbeapi.c
index 14c6091e0..3182e4070 100644
--- a/src/vdbeapi.c
+++ b/src/vdbeapi.c
@@ -2404,7 +2404,6 @@ int sqlite3_stmt_scanstatus_v2(
}
if( flags & SQLITE_SCANSTAT_COMPLEX ){
idx = iScan;
- pScan = &p->aScan[idx];
}else{
/* If the COMPLEX flag is clear, then this function must ignore any
** ScanStatus structures with ScanStatus.addrLoop set to 0. */
@@ -2417,6 +2416,8 @@ int sqlite3_stmt_scanstatus_v2(
}
}
if( idx>=p->nScan ) return 1;
+ assert( pScan==0 || pScan==&p->aScan[idx] );
+ pScan = &p->aScan[idx];
switch( iScanStatusOp ){
case SQLITE_SCANSTAT_NLOOP: {
diff --git a/test/scanstatus2.test b/test/scanstatus2.test
index e4b510d20..7f107cd2e 100644
--- a/test/scanstatus2.test
+++ b/test/scanstatus2.test
@@ -328,6 +328,17 @@ QUERY (nCycle=nnn)
--SCAN xy2 (nCycle=nnn)
}
+#-------------------------------------------------------------------------
+reset_db
+
+# Check that an OOB parameter (45) does not cause asan or valgrind errors.
+#
+do_test 7.0 {
+ db eval {SELECT * FROM sqlite_schema}
+ set stmt [db version -last-stmt-ptr]
+ sqlite3_stmt_scanstatus -flags complex $stmt 1000000
+} {}
+
#explain_i { SELECT (a % 2), group_concat(b) FROM t1 GROUP BY 1 }
#puts_debug_info { SELECT (a % 2), group_concat(b) FROM t1 GROUP BY 1 }
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 19:00:32 +0000