Auto sync2gitlab import of sqlite-3.26.0-15.el8.src.rpm

This commit is contained in:
James Antill 2022-05-26 14:33:05 -04:00
parent a5e1028e5a
commit d397abe6e9
35 changed files with 3870 additions and 1 deletions

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
/sqlite-autoconf-3260000.tar.gz
/sqlite-doc-3260000.zip
/sqlite-src-3260000.zip

1
EMPTY
View File

@ -1 +0,0 @@

3
sources Normal file
View File

@ -0,0 +1,3 @@
SHA512 (sqlite-autoconf-3260000.tar.gz) = 8c3306b3814a0e9bc69b741f62bdb6efc9f1e07163ca3e3a1581994465de163a7924223522e812d6b3663c1525c7012a6f6d73ad333556eba9f97ce9326fbdb8
SHA512 (sqlite-doc-3260000.zip) = e59f74369adb3ffe3afc235e4369101b8ba077f9cac34d524e2425278c3a30f63340613e5baa0fc3c693265525377b6830a1c6b5e97fb06702b89eb604b1eade
SHA512 (sqlite-src-3260000.zip) = 02faacd831781f25a12ffc8858d648f481d8bbdb68814b18c4c96e3a661233d0e25d675b95feeb35eee4b5ea88e5e0a1fc5fbaecbe434d3f7246d80e81bff6a3

View File

@ -0,0 +1,24 @@
diff -up sqlite-src-3120200/configure.ac.malloc_usable_size sqlite-src-3120200/configure.ac
--- sqlite-src-3120200/configure.ac.malloc_usable_size 2016-04-25 09:46:48.134690570 +0200
+++ sqlite-src-3120200/configure.ac 2016-04-25 09:48:41.622637181 +0200
@@ -108,7 +108,7 @@ AC_CHECK_HEADERS([sys/types.h stdlib.h s
#########
# Figure out whether or not we have these functions
#
-AC_CHECK_FUNCS([fdatasync gmtime_r isnan localtime_r localtime_s malloc_usable_size strchrnul usleep utime pread pread64 pwrite pwrite64])
+AC_CHECK_FUNCS([fdatasync gmtime_r isnan localtime_r localtime_s strchrnul usleep utime pread pread64 pwrite pwrite64])
#########
# By default, we use the amalgamation (this may be changed below...)
diff -up sqlite-src-3120200/configure.malloc_usable_size sqlite-src-3120200/configure
--- sqlite-src-3120200/configure.malloc_usable_size 2016-04-25 09:47:12.594679063 +0200
+++ sqlite-src-3120200/configure 2016-04-25 09:49:28.684615042 +0200
@@ -10275,7 +10275,7 @@ done
#########
# Figure out whether or not we have these functions
#
-for ac_func in fdatasync gmtime_r isnan localtime_r localtime_s malloc_usable_size strchrnul usleep utime pread pread64 pwrite pwrite64
+for ac_func in fdatasync gmtime_r isnan localtime_r localtime_s strchrnul usleep utime pread pread64 pwrite pwrite64
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"

View File

@ -0,0 +1,14 @@
--- sqlite-src-3160100/test/date.test.orig 2017-01-04 14:48:46.113737093 +0100
+++ sqlite-src-3160100/test/date.test 2017-01-04 14:49:11.144833563 +0100
@@ -76,11 +76,6 @@ datetest 2.1c datetime(0,'unixepochx') N
datetest 2.1d datetime('2003-10-22','unixepoch') NULL
datetest 2.2 datetime(946684800,'unixepoch') {2000-01-01 00:00:00}
datetest 2.2b datetime('946684800','unixepoch') {2000-01-01 00:00:00}
-for {set i 0} {$i<1000} {incr i} {
- set sql [format {strftime('%%H:%%M:%%f',1237962480.%03d,'unixepoch')} $i]
- set res [format {06:28:00.%03d} $i]
- datetest 2.2c-$i $sql $res
-}
datetest 2.3 {date('2003-10-22','weekday 0')} 2003-10-26
datetest 2.4 {date('2003-10-22','weekday 1')} 2003-10-27
datetest 2.4a {date('2003-10-22','weekday 1')} 2003-10-27

View File

@ -0,0 +1,90 @@
--- sqlite-src-3180000/test/sync2.test.sync2-dirsync 2017-03-30 21:26:42.000000000 +0200
+++ sqlite-src-3180000/test/sync2.test 2017-04-03 13:16:14.422329691 +0200
@@ -44,6 +44,15 @@
uplevel [list do_test $tn [list execsql_sync $sql] [list {*}$res]]
}
+# Wrapper over the expected sync count, takes DIRSYNC into consideration
+proc expected_sync_count {sync_count} {
+ ifcapable dirsync {
+ return $sync_count
+ } else {
+ return [ incr sync_count -1 ]
+ }
+}
+
#-----------------------------------------------------------------------
# Tests for journal mode.
#
@@ -53,13 +62,13 @@
INSERT INTO t1 VALUES(1, 2);
}
-do_execsql_sync_test 1.1 { INSERT INTO t1 VALUES(3, 4) } 4
+do_execsql_sync_test 1.1 { INSERT INTO t1 VALUES(3, 4) } [ expected_sync_count 4 ]
# synchronous=normal. So, 1 sync on the directory, 1 on the journal, 1
# on the db file. 3 in total.
do_execsql_test 1.2.1 { PRAGMA main.synchronous = NORMAL }
do_execsql_test 1.2.2 { PRAGMA main.synchronous } 1
-do_execsql_sync_test 1.2.3 { INSERT INTO t1 VALUES(5, 6) } 3
+do_execsql_sync_test 1.2.3 { INSERT INTO t1 VALUES(5, 6) } [ expected_sync_count 3 ]
# synchronous=off. No syncs.
do_execsql_test 1.3.1 { PRAGMA main.synchronous = OFF }
@@ -70,7 +79,7 @@
# 2 on the journal, 1 on the db file. 4 in total.
do_execsql_test 1.4.1 { PRAGMA main.synchronous = FULL }
do_execsql_test 1.4.2 { PRAGMA main.synchronous } 2
-do_execsql_sync_test 1.4.3 { INSERT INTO t1 VALUES(9, 10) } 4
+do_execsql_sync_test 1.4.3 { INSERT INTO t1 VALUES(9, 10) } [ expected_sync_count 4 ]
#-----------------------------------------------------------------------
# Tests for wal mode.
@@ -79,7 +88,7 @@
# sync=full, journal_mode=wal. One sync on the directory, two on the
# wal file.
-do_execsql_sync_test 1.6 { INSERT INTO t1 VALUES(11, 12) } 3
+do_execsql_sync_test 1.6 { INSERT INTO t1 VALUES(11, 12) } [ expected_sync_count 3 ]
# One sync on the wal file.
do_execsql_sync_test 1.7 { INSERT INTO t1 VALUES(13, 14) } 1
@@ -112,7 +121,7 @@
# Wal mode, sync=normal. The first transaction does one sync on directory,
# one on the wal file. The second does no syncs.
- do_execsql_sync_test 1.11.1 { INSERT INTO t1 VALUES(19, 20) } 2
+ do_execsql_sync_test 1.11.1 { INSERT INTO t1 VALUES(19, 20) } [ expected_sync_count 2 ]
do_execsql_sync_test 1.11.2 { INSERT INTO t1 VALUES(21, 22) } 0
do_execsql_test 1.11.3 { PRAGMA main.synchronous } 1
@@ -129,14 +138,14 @@
# Delete mode, sync=full. The first transaction does one sync on
# directory, two on the journal file, one on the db. The second does
# the same.
- do_execsql_sync_test 1.15.1 { INSERT INTO t1 VALUES(26, 27) } 4
- do_execsql_sync_test 1.15.2 { INSERT INTO t1 VALUES(28, 29) } 4
+ do_execsql_sync_test 1.15.1 { INSERT INTO t1 VALUES(26, 27) } [ expected_sync_count 4 ]
+ do_execsql_sync_test 1.15.2 { INSERT INTO t1 VALUES(28, 29) } [ expected_sync_count 4 ]
do_execsql_test 1.15.3 { PRAGMA main.synchronous } 2
# Switch back to wal mode.
do_execsql_test 1.16 { PRAGMA journal_mode = wal } {wal}
- do_execsql_sync_test 1.17.1 { INSERT INTO t1 VALUES(30, 31) } 2
+ do_execsql_sync_test 1.17.1 { INSERT INTO t1 VALUES(30, 31) } [ expected_sync_count 2 ]
do_execsql_sync_test 1.17.2 { INSERT INTO t1 VALUES(32, 33) } 0
do_execsql_test 1.17.3 { PRAGMA main.synchronous } 1
@@ -152,8 +161,8 @@
# Close and reopen the db. Back to synchronous=normal.
db close
sqlite3 db test.db
- do_execsql_sync_test 1.20.1 { INSERT INTO t1 VALUES(38, 39) } 4
- do_execsql_sync_test 1.20.2 { INSERT INTO t1 VALUES(40, 41) } 4
+ do_execsql_sync_test 1.20.1 { INSERT INTO t1 VALUES(38, 39) } [ expected_sync_count 4 ]
+ do_execsql_sync_test 1.20.2 { INSERT INTO t1 VALUES(40, 41) } [ expected_sync_count 4 ]
do_execsql_test 1.20.3 { PRAGMA main.synchronous } 2
}

View File

@ -0,0 +1,149 @@
From 92b243715eea17997ed9707540757d0667ad9eb2 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Thu, 2 Jan 2020 09:54:41 +0100
Subject: [PATCH] Improved detection of corrupt shadow tables in FTS3. Enable
the debugging special-inserts for FTS3 for both SQLITE_DEBUG and SQLITE_TEST.
Resolves: CVE-2019-13752
---
ext/fts3/fts3.c | 2 +-
ext/fts3/fts3Int.h | 2 +-
ext/fts3/fts3_write.c | 42 +++++++++++++++++++++++++++---------------
3 files changed, 29 insertions(+), 17 deletions(-)
diff --git a/ext/fts3/fts3.c b/ext/fts3/fts3.c
index f6fb931..6d6bd46 100644
--- a/ext/fts3/fts3.c
+++ b/ext/fts3/fts3.c
@@ -4304,7 +4304,7 @@ static int fts3EvalPhraseStart(Fts3Cursor *pCsr, int bOptOk, Fts3Phrase *p){
int bIncrOk = (bOptOk
&& pCsr->bDesc==pTab->bDescIdx
&& p->nToken<=MAX_INCR_PHRASE_TOKENS && p->nToken>0
-#ifdef SQLITE_TEST
+#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
&& pTab->bNoIncrDoclist==0
#endif
);
diff --git a/ext/fts3/fts3Int.h b/ext/fts3/fts3Int.h
index 077bad7..6f5a7a0 100644
--- a/ext/fts3/fts3Int.h
+++ b/ext/fts3/fts3Int.h
@@ -283,7 +283,7 @@ struct Fts3Table {
int mxSavepoint; /* Largest valid xSavepoint integer */
#endif
-#ifdef SQLITE_TEST
+#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
/* True to disable the incremental doclist optimization. This is controled
** by special insert command 'test-no-incr-doclist'. */
int bNoIncrDoclist;
diff --git a/ext/fts3/fts3_write.c b/ext/fts3/fts3_write.c
index 8fc6589..ee668aa 100644
--- a/ext/fts3/fts3_write.c
+++ b/ext/fts3/fts3_write.c
@@ -23,7 +23,7 @@
#include <string.h>
#include <assert.h>
#include <stdlib.h>
-
+#include <stdio.h>
#define FTS_MAX_APPENDABLE_HEIGHT 16
@@ -2021,6 +2021,11 @@ static int fts3NodeAddTerm(
nPrefix = fts3PrefixCompress(pTree->zTerm, pTree->nTerm, zTerm, nTerm);
nSuffix = nTerm-nPrefix;
+ /* If nSuffix is zero or less, then zTerm/nTerm must be a prefix of
+ ** pWriter->zTerm/pWriter->nTerm. i.e. must be equal to or less than when
+ ** compared with BINARY collation. This indicates corruption. */
+ if( nSuffix<=0 ) return FTS_CORRUPT_VTAB;
+
nReq += sqlite3Fts3VarintLen(nPrefix)+sqlite3Fts3VarintLen(nSuffix)+nSuffix;
if( nReq<=p->nNodeSize || !pTree->zTerm ){
@@ -2309,9 +2314,11 @@ static int fts3SegWriterAdd(
/* Append the prefix-compressed term and doclist to the buffer. */
nData += sqlite3Fts3PutVarint(&pWriter->aData[nData], nPrefix);
nData += sqlite3Fts3PutVarint(&pWriter->aData[nData], nSuffix);
+ assert( nSuffix>0 );
memcpy(&pWriter->aData[nData], &zTerm[nPrefix], nSuffix);
nData += nSuffix;
nData += sqlite3Fts3PutVarint(&pWriter->aData[nData], nDoclist);
+ assert( nDoclist>0 );
memcpy(&pWriter->aData[nData], aDoclist, nDoclist);
pWriter->nData = nData + nDoclist;
@@ -2331,6 +2338,7 @@ static int fts3SegWriterAdd(
pWriter->zTerm = zNew;
}
assert( pWriter->zTerm==pWriter->zMalloc );
+ assert( nTerm>0 );
memcpy(pWriter->zTerm, zTerm, nTerm);
}else{
pWriter->zTerm = (char *)zTerm;
@@ -2639,6 +2647,7 @@ static int fts3MsrBufferData(
pMsr->aBuffer = pNew;
}
+ assert( nList>0 );
memcpy(pMsr->aBuffer, pList, nList);
return SQLITE_OK;
}
@@ -3821,6 +3830,7 @@ static int fts3IncrmergePush(
** be added to. */
nPrefix = fts3PrefixCompress(pNode->key.a, pNode->key.n, zTerm, nTerm);
nSuffix = nTerm - nPrefix;
+ if( NEVER(nSuffix<=0) ) return FTS_CORRUPT_VTAB;
nSpace = sqlite3Fts3VarintLen(nPrefix);
nSpace += sqlite3Fts3VarintLen(nSuffix) + nSuffix;
@@ -5300,7 +5310,7 @@ static int fts3DoIntegrityCheck(
** meaningful value to insert is the text 'optimize'.
*/
static int fts3SpecialInsert(Fts3Table *p, sqlite3_value *pVal){
- int rc; /* Return Code */
+ int rc = SQLITE_ERROR; /* Return Code */
const char *zVal = (const char *)sqlite3_value_text(pVal);
int nVal = sqlite3_value_bytes(pVal);
@@ -5316,21 +5326,23 @@ static int fts3SpecialInsert(Fts3Table *p, sqlite3_value *pVal){
rc = fts3DoIncrmerge(p, &zVal[6]);
}else if( nVal>10 && 0==sqlite3_strnicmp(zVal, "automerge=", 10) ){
rc = fts3DoAutoincrmerge(p, &zVal[10]);
-#ifdef SQLITE_TEST
- }else if( nVal>9 && 0==sqlite3_strnicmp(zVal, "nodesize=", 9) ){
- p->nNodeSize = atoi(&zVal[9]);
- rc = SQLITE_OK;
- }else if( nVal>11 && 0==sqlite3_strnicmp(zVal, "maxpending=", 9) ){
- p->nMaxPendingData = atoi(&zVal[11]);
- rc = SQLITE_OK;
- }else if( nVal>21 && 0==sqlite3_strnicmp(zVal, "test-no-incr-doclist=", 21) ){
- p->bNoIncrDoclist = atoi(&zVal[21]);
- rc = SQLITE_OK;
-#endif
+#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
}else{
- rc = SQLITE_ERROR;
+ int v;
+ if( nVal>9 && 0==sqlite3_strnicmp(zVal, "nodesize=", 9) ){
+ v = atoi(&zVal[9]);
+ if( v>=24 && v<=p->nPgsz-35 ) p->nNodeSize = v;
+ rc = SQLITE_OK;
+ }else if( nVal>11 && 0==sqlite3_strnicmp(zVal, "maxpending=", 9) ){
+ v = atoi(&zVal[11]);
+ if( v>=64 && v<=FTS3_MAX_PENDING_DATA ) p->nMaxPendingData = v;
+ rc = SQLITE_OK;
+ }else if( nVal>21 && 0==sqlite3_strnicmp(zVal,"test-no-incr-doclist=",21) ){
+ p->bNoIncrDoclist = atoi(&zVal[21]);
+ rc = SQLITE_OK;
+ }
+#endif
}
-
return rc;
}
--
2.19.1

View File

@ -0,0 +1,25 @@
From 0b3ba64a9c7f785f6b3f1c1c15c5b0f1e41e0461 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Thu, 2 Jan 2020 10:25:58 +0100
Subject: [PATCH] Remove a reachable NEVER() in FTS3.
---
ext/fts3/fts3_write.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ext/fts3/fts3_write.c b/ext/fts3/fts3_write.c
index ee668aa..8624329 100644
--- a/ext/fts3/fts3_write.c
+++ b/ext/fts3/fts3_write.c
@@ -3830,7 +3830,7 @@ static int fts3IncrmergePush(
** be added to. */
nPrefix = fts3PrefixCompress(pNode->key.a, pNode->key.n, zTerm, nTerm);
nSuffix = nTerm - nPrefix;
- if( NEVER(nSuffix<=0) ) return FTS_CORRUPT_VTAB;
+ if(nSuffix<=0 ) return FTS_CORRUPT_VTAB;
nSpace = sqlite3Fts3VarintLen(nPrefix);
nSpace += sqlite3Fts3VarintLen(nSuffix) + nSuffix;
--
2.19.1

View File

@ -0,0 +1,107 @@
From 5f4ce30babee8085fc36680c6103d9a06be49ef7 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Thu, 2 Jan 2020 11:58:39 +0100
Subject: [PATCH] More improvements to shadow table corruption detection in
FTS3.
---
ext/fts3/fts3.c | 4 ++++
ext/fts3/fts3Int.h | 10 ++++++++++
ext/fts3/fts3_write.c | 14 +++++++++++---
3 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/ext/fts3/fts3.c b/ext/fts3/fts3.c
index 6d6bd46..84fc8a5 100644
--- a/ext/fts3/fts3.c
+++ b/ext/fts3/fts3.c
@@ -1460,6 +1460,10 @@ static int fts3InitVtab(
fts3DatabasePageSize(&rc, p);
p->nNodeSize = p->nPgsz-35;
+#if defined(SQLITE_DEBUG)||defined(SQLITE_TEST)
+ p->nMergeCount = FTS3_MERGE_COUNT;
+#endif
+
/* Declare the table schema to SQLite. */
fts3DeclareVtab(&rc, p);
diff --git a/ext/fts3/fts3Int.h b/ext/fts3/fts3Int.h
index 6f5a7a0..0d1b491 100644
--- a/ext/fts3/fts3Int.h
+++ b/ext/fts3/fts3Int.h
@@ -287,9 +287,19 @@ struct Fts3Table {
/* True to disable the incremental doclist optimization. This is controled
** by special insert command 'test-no-incr-doclist'. */
int bNoIncrDoclist;
+
+ /* Number of segments in a level */
+ int nMergeCount;
#endif
};
+/* Macro to find the number of segments to merge */
+#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
+# define MergeCount(P) ((P)->nMergeCount)
+#else
+# define MergeCount(P) FTS3_MERGE_COUNT
+#endif
+
/*
** When the core wants to read from the virtual table, it creates a
** virtual table cursor (an instance of the following structure) using
diff --git a/ext/fts3/fts3_write.c b/ext/fts3/fts3_write.c
index 8624329..d57d265 100644
--- a/ext/fts3/fts3_write.c
+++ b/ext/fts3/fts3_write.c
@@ -1152,7 +1152,7 @@ static int fts3AllocateSegdirIdx(
** segment and allocate (newly freed) index 0 at level iLevel. Otherwise,
** if iNext is less than FTS3_MERGE_COUNT, allocate index iNext.
*/
- if( iNext>=FTS3_MERGE_COUNT ){
+ if( iNext>=MergeCount(p) ){
fts3LogMerge(16, getAbsoluteLevel(p, iLangid, iIndex, iLevel));
rc = fts3SegmentMerge(p, iLangid, iIndex, iLevel);
*piIdx = 0;
@@ -4259,6 +4259,10 @@ static int fts3IncrmergeLoad(
int i;
int nHeight = (int)aRoot[0];
NodeWriter *pNode;
+ if( nHeight<1 || nHeight>FTS_MAX_APPENDABLE_HEIGHT ){
+ sqlite3_reset(pSelect);
+ return FTS_CORRUPT_VTAB;
+ }
pWriter->nLeafEst = (int)((iEnd - iStart) + 1)/FTS_MAX_APPENDABLE_HEIGHT;
pWriter->iStart = iStart;
@@ -5007,7 +5011,7 @@ static int fts3DoIncrmerge(
const char *zParam /* Nul-terminated string containing "A,B" */
){
int rc;
- int nMin = (FTS3_MERGE_COUNT / 2);
+ int nMin = (MergeCount(p) / 2);
int nMerge = 0;
const char *z = zParam;
@@ -5052,7 +5056,7 @@ static int fts3DoAutoincrmerge(
int rc = SQLITE_OK;
sqlite3_stmt *pStmt = 0;
p->nAutoincrmerge = fts3Getint(&zParam);
- if( p->nAutoincrmerge==1 || p->nAutoincrmerge>FTS3_MERGE_COUNT ){
+ if( p->nAutoincrmerge==1 || p->nAutoincrmerge>MergeCount(p) ){
p->nAutoincrmerge = 8;
}
if( !p->bHasStat ){
@@ -5340,6 +5344,10 @@ static int fts3SpecialInsert(Fts3Table *p, sqlite3_value *pVal){
}else if( nVal>21 && 0==sqlite3_strnicmp(zVal,"test-no-incr-doclist=",21) ){
p->bNoIncrDoclist = atoi(&zVal[21]);
rc = SQLITE_OK;
+ }else if( nVal>11 && 0==sqlite3_strnicmp(zVal,"mergecount=",11) ){
+ v = atoi(&zVal[11]);
+ if( v>=4 && v<=FTS3_MERGE_COUNT && (v&1)==0 ) p->nMergeCount = v;
+ rc = SQLITE_OK;
}
#endif
}
--
2.19.1

View File

@ -0,0 +1,158 @@
Subject: [PATCH] In defensive mode, do not allow shadow tables to be renamed
using ALTER TABLE and do not allow shadow tables to be dropped.
diff --git a/src/alter.c b/src/alter.c
index 0fa24c0..707472a 100644
--- a/src/alter.c
+++ b/src/alter.c
@@ -28,9 +28,16 @@
**
** Or, if zName is not a system table, zero is returned.
*/
-static int isSystemTable(Parse *pParse, const char *zName){
- if( 0==sqlite3StrNICmp(zName, "sqlite_", 7) ){
- sqlite3ErrorMsg(pParse, "table %s may not be altered", zName);
+static int isAlterableTable(Parse *pParse, Table *pTab){
+ if( 0==sqlite3StrNICmp(pTab->zName, "sqlite_", 7)
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ || ( (pTab->tabFlags & TF_Shadow)
+ && (pParse->db->flags & SQLITE_Defensive)
+ && pParse->db->nVdbeExec==0
+ )
+#endif
+ ){
+ sqlite3ErrorMsg(pParse, "table %s may not be altered", pTab->zName);
return 1;
}
return 0;
@@ -129,7 +136,7 @@ void sqlite3AlterRenameTable(
/* Make sure it is not a system table being altered, or a reserved name
** that the table is being renamed to.
*/
- if( SQLITE_OK!=isSystemTable(pParse, pTab->zName) ){
+ if( SQLITE_OK!=isAlterableTable(pParse, pTab) ){
goto exit_rename_table;
}
if( SQLITE_OK!=sqlite3CheckObjectName(pParse, zName) ){ goto
@@ -427,7 +434,7 @@ void sqlite3AlterBeginAddColumn(Parse *pParse, SrcList *pSrc){
sqlite3ErrorMsg(pParse, "Cannot add a column to a view");
goto exit_begin_add_column;
}
- if( SQLITE_OK!=isSystemTable(pParse, pTab->zName) ){
+ if( SQLITE_OK!=isAlterableTable(pParse, pTab) ){
goto exit_begin_add_column;
}
@@ -529,7 +536,7 @@ void sqlite3AlterRenameColumn(
if( !pTab ) goto exit_rename_column;
/* Cannot alter a system table */
- if( SQLITE_OK!=isSystemTable(pParse, pTab->zName) ) goto exit_rename_column;
+ if( SQLITE_OK!=isAlterableTable(pParse, pTab) ) goto exit_rename_column;
if( SQLITE_OK!=isRealTable(pParse, pTab) ) goto exit_rename_column;
/* Which schema holds the table to be altered */
diff --git a/src/build.c b/src/build.c
index 1dc2614..3412670 100644
--- a/src/build.c
+++ b/src/build.c
@@ -2661,6 +2661,22 @@ void sqlite3CodeDropTable(Parse *pParse, Table *pTab, int iDb, int isView){
sqliteViewResetAll(db, iDb);
}
+/*
+** Return true if it is not allowed to drop the given table
+*/
+static int tableMayNotBeDropped(Parse *pParse, Table *pTab){
+ if( sqlite3StrNICmp(pTab->zName, "sqlite_", 7)==0 ){
+ if( sqlite3StrNICmp(pTab->zName+7, "stat", 4)==0 ) return 0;
+ if( sqlite3StrNICmp(pTab->zName+7, "parameters", 10)==0 ) return 0;
+ return 1;
+ }
+ if( pTab->tabFlags & TF_Shadow ){
+ sqlite3 *db = pParse->db;
+ if( (db->flags & SQLITE_Defensive)!=0 && db->nVdbeExec==0 ) return 1;
+ }
+ return 0;
+}
+
/*
** This routine is called to do the work of a DROP TABLE statement.
** pName is the name of the table to be dropped.
@@ -2730,8 +2746,7 @@ void sqlite3DropTable(Parse *pParse, SrcList *pName, int isView, int noErr){
}
}
#endif
- if( sqlite3StrNICmp(pTab->zName, "sqlite_", 7)==0
- && sqlite3StrNICmp(pTab->zName, "sqlite_stat", 11)!=0 ){
+ if( tableMayNotBeDropped(pParse, pTab) ){
sqlite3ErrorMsg(pParse, "table %s may not be dropped", pTab->zName);
goto exit_drop_table;
}
diff --git a/test/altertab.test b/test/altertab.test
index a364207..891b081 100644
--- a/test/altertab.test
+++ b/test/altertab.test
@@ -505,5 +505,62 @@ do_execsql_test 15.5 {
SELECT sql FROM sqlite_master WHERE name = 'y';
} {{CREATE VIEW y AS SELECT f2 AS f1 FROM x}}
+#-------------------------------------------------------------------------
+# Test that it is not possible to rename a shadow table in DEFENSIVE mode.
+#
+ifcapable fts3 {
+ proc vtab_command {method args} {
+ switch -- $method {
+ xConnect {
+ if {[info exists ::vtab_connect_sql]} {
+ execsql $::vtab_connect_sql
+ }
+ return "CREATE TABLE t1(a, b, c)"
+ }
+
+ xBestIndex {
+ set clist [lindex $args 0]
+ if {[llength $clist]!=1} { error "unexpected constraint list" }
+ catch { array unset C }
+ array set C [lindex $clist 0]
+ if {$C(usable)} {
+ return "omit 0 cost 0 rows 1 idxnum 555 idxstr eq!"
+ } else {
+ return "cost 1000000 rows 0 idxnum 0 idxstr scan..."
+ }
+ }
+ }
+
+ return {}
+ }
+
+ register_tcl_module db
+
+ sqlite3_db_config db DEFENSIVE 1
+
+ do_execsql_test 16.0 {
+ CREATE VIRTUAL TABLE y1 USING fts3;
+ }
+
+ do_catchsql_test 16.10 {
+ INSERT INTO y1_segments VALUES(1, X'1234567890');
+ } {1 {table y1_segments may not be modified}}
+
+ do_catchsql_test 16.20 {
+ ALTER TABLE y1_segments RENAME TO abc;
+ } {1 {table y1_segments may not be altered}}
+
+ do_catchsql_test 16.21 {
+ DROP TABLE y1_segments;
+ } {1 {table y1_segments may not be dropped}}
+
+ do_execsql_test 16.30 {
+ ALTER TABLE y1 RENAME TO z1;
+ }
+
+ do_execsql_test 16.40 {
+ SELECT * FROM z1_segments;
+ }
+}
finish_test

View File

@ -0,0 +1,22 @@
Subject: [PATCH] Further improve detection of corrupt records in fts3
---
ext/fts3/fts3_write.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ext/fts3/fts3_write.c b/ext/fts3/fts3_write.c
index 5330b4c..0647bd7 100644
--- a/ext/fts3/fts3_write.c
+++ b/ext/fts3/fts3_write.c
@@ -1376,7 +1376,7 @@ static int fts3SegReaderNext(
pNext += fts3GetVarint32(pNext, &nSuffix);
if( nSuffix<=0
|| (&pReader->aNode[pReader->nNode] - pNext)<nSuffix
- || nPrefix>pReader->nTermAlloc
+ || nPrefix>pReader->nTerm
){
return FTS_CORRUPT_VTAB;
}
--
2.30.2

View File

@ -0,0 +1,65 @@
From ab17169870e985b062e520ecf95e6c79ad784f38 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Thu, 23 Apr 2020 11:25:13 +0200
Subject: [PATCH] fixed CVE-2019-16168 (rhbz#1826897)
---
src/analyze.c | 4 +++-
src/where.c | 1 +
test/analyzeC.test | 13 +++++++++++++
3 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/src/analyze.c b/src/analyze.c
index 5075b57..e47c0f5 100644
--- a/src/analyze.c
+++ b/src/analyze.c
@@ -1497,7 +1497,9 @@ static void decodeIntArray(
if( sqlite3_strglob("unordered*", z)==0 ){
pIndex->bUnordered = 1;
}else if( sqlite3_strglob("sz=[0-9]*", z)==0 ){
- pIndex->szIdxRow = sqlite3LogEst(sqlite3Atoi(z+3));
+ int sz = sqlite3Atoi(z+3);
+ if( sz<2 ) sz = 2;
+ pIndex->szIdxRow = sqlite3LogEst(sz);
}else if( sqlite3_strglob("noskipscan*", z)==0 ){
pIndex->noSkipScan = 1;
}
diff --git a/src/where.c b/src/where.c
index 8e01660..1a4fa51 100644
--- a/src/where.c
+++ b/src/where.c
@@ -2655,6 +2655,7 @@ static int whereLoopAddBtreeIndex(
** it to pNew->rRun, which is currently set to the cost of the index
** seek only. Then, if this is a non-covering index, add the cost of
** visiting the rows in the main table. */
+ assert( pSrc->pTab->szTabRow>0 );
rCostIdx = pNew->nOut + 1 + (15*pProbe->szIdxRow)/pSrc->pTab->szTabRow;
pNew->rRun = sqlite3LogEstAdd(rLogSize, rCostIdx);
if( (pNew->wsFlags & (WHERE_IDX_ONLY|WHERE_IPK))==0 ){
diff --git a/test/analyzeC.test b/test/analyzeC.test
index 02faa9c..3595c9d 100644
--- a/test/analyzeC.test
+++ b/test/analyzeC.test
@@ -132,6 +132,19 @@ do_execsql_test 4.3 {
SELECT count(a) FROM t1;
} {/.*INDEX t1ca.*/}
+# 2019-08-15.
+# Ticket https://www.sqlite.org/src/tktview/e4598ecbdd18bd82945f602901
+# The sz=N parameter in the sqlite_stat1 table needs to have a value of
+# 2 or more to avoid a division by zero in the query planner.
+#
+do_execsql_test 4.4 {
+ DROP TABLE IF EXISTS t44;
+ CREATE TABLE t44(a PRIMARY KEY);
+ INSERT INTO sqlite_stat1 VALUES('t44',null,'sz=0');
+ ANALYZE sqlite_master;
+ SELECT 0 FROM t44 WHERE a IN(1,2,3);
+} {}
+
# The sz=NNN parameter works even if there is other extraneous text
# in the sqlite_stat1.stat column.
--
2.24.1

View File

@ -0,0 +1,124 @@
Subject: [PATCH] Do not allow CREATE TABLE or CREATE VIEW of an object with a name
that looks like a shadow table name.
diff --git a/src/build.c b/src/build.c
index 3412670..f273394 100644
--- a/src/build.c
+++ b/src/build.c
@@ -814,6 +814,22 @@ int sqlite3WritableSchema(sqlite3 *db){
return (db->flags&(SQLITE_WriteSchema|SQLITE_Defensive))==SQLITE_WriteSchema;
}
+/*
+** Return TRUE if shadow tables should be read-only in the current
+** context.
+*/
+int sqlite3ReadOnlyShadowTables(sqlite3 *db){
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ if( (db->flags & SQLITE_Defensive)!=0
+ && db->pVtabCtx==0
+ && db->nVdbeExec==0
+ ){
+ return 1;
+ }
+#endif
+ return 0;
+}
+
/*
** This routine is used to check if the UTF-8 string zName is a legal
** unqualified name for a new schema object (table, index, view or
@@ -822,9 +838,10 @@ int sqlite3WritableSchema(sqlite3 *db){
** is reserved for internal use.
*/
int sqlite3CheckObjectName(Parse *pParse, const char *zName){
- if( !pParse->db->init.busy && pParse->nested==0
+ if(( !pParse->db->init.busy && pParse->nested==0
&& sqlite3WritableSchema(pParse->db)==0
- && 0==sqlite3StrNICmp(zName, "sqlite_", 7) ){
+ && 0==sqlite3StrNICmp(zName, "sqlite_", 7) ) ||
+ (sqlite3ReadOnlyShadowTables(pParse->db) && sqlite3ShadowTableName(pParse->db, zName))){
sqlite3ErrorMsg(pParse, "object name reserved for internal use: %s", zName);
return SQLITE_ERROR;
}
@@ -1929,7 +1946,7 @@ int sqlite3IsShadowTableOf(sqlite3 *db, Table *pTab, const char *zName){
** zName is temporarily modified while this routine is running, but is
** restored to its original value prior to this routine returning.
*/
-static int isShadowTableName(sqlite3 *db, char *zName){
+int sqlite3ShadowTableName(sqlite3 *db, const char *zName){
char *zTail; /* Pointer to the last "_" in zName */
Table *pTab; /* Table that zName is a shadow of */
@@ -1942,8 +1959,6 @@ static int isShadowTableName(sqlite3 *db, char *zName){
if( !IsVirtual(pTab) ) return 0;
return sqlite3IsShadowTableOf(db, pTab, zName);
}
-#else
-# define isShadowTableName(x,y) 0
#endif /* ifndef SQLITE_OMIT_VIRTUALTABLE */
/*
@@ -1985,7 +2000,7 @@ void sqlite3EndTable(
p = pParse->pNewTable;
if( p==0 ) return;
- if( pSelect==0 && isShadowTableName(db, p->zName) ){
+ if( pSelect==0 && sqlite3ShadowTableName(db, p->zName) ){
p->tabFlags |= TF_Shadow;
}
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index 60b2ebd..e5ba8a0 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -4408,6 +4408,11 @@ void sqlite3AutoLoadExtensions(sqlite3*);
);
# define sqlite3VtabInSync(db) ((db)->nVTrans>0 && (db)->aVTrans==0)
#endif
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ int sqlite3ShadowTableName(sqlite3 *db, const char *zName);
+#else
+# define sqlite3ShadowTableName(A,B) 0
+#endif
#ifndef SQLITE_OMIT_VIRTUALTABLE
int sqlite3IsShadowTableOf(sqlite3*,Table*,const char*);
#else
diff --git a/test/altertab.test b/test/altertab.test
index 891b081..0705abc 100644
--- a/test/altertab.test
+++ b/test/altertab.test
@@ -547,13 +547,29 @@ ifcapable fts3 {
} {1 {table y1_segments may not be modified}}
do_catchsql_test 16.20 {
- ALTER TABLE y1_segments RENAME TO abc;
- } {1 {table y1_segments may not be altered}}
-
- do_catchsql_test 16.21 {
DROP TABLE y1_segments;
} {1 {table y1_segments may not be dropped}}
+ do_catchsql_test 16.20 {
+ ALTER TABLE y1_segments RENAME TO abc;
+ } {1 {table y1_segments may not be altered}}
+ sqlite3_db_config db DEFENSIVE 0
+ do_catchsql_test 16.22 {
+ ALTER TABLE y1_segments RENAME TO abc;
+ } {0 {}}
+ sqlite3_db_config db DEFENSIVE 1
+ do_catchsql_test 16.23 {
+ CREATE TABLE y1_segments AS SELECT * FROM abc;
+ } {1 {object name reserved for internal use: y1_segments}}
+ do_catchsql_test 16.24 {
+ CREATE VIEW y1_segments AS SELECT * FROM abc;
+ } {1 {object name reserved for internal use: y1_segments}}
+ sqlite3_db_config db DEFENSIVE 0
+ do_catchsql_test 16.25 {
+ ALTER TABLE abc RENAME TO y1_segments;
+ } {0 {}}
+ sqlite3_db_config db DEFENSIVE 1
+
do_execsql_test 16.30 {
ALTER TABLE y1 RENAME TO z1;
}

View File

@ -0,0 +1,67 @@
From 7d47517d579601bb6e59e33bf0896f0ed36aa0aa Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Mon, 20 Jan 2020 09:34:41 +0100
Subject: [PATCH] Continue to back away from the LEFT JOIN optimization of
check-in
by disallowing query flattening if the outer query is DISTINCT. Without this fix,
if an index scan is run on the table within the view on the right-hand side of the
LEFT JOIN, stale result registers might be accessed yielding incorrect results,
and/or an OP_IfNullRow opcode might be invoked on the un-opened table, resulting
in a NULL-pointer dereference. This problem was found by the Yongheng and Rui fuzzer.
---
src/select.c | 8 ++++++--
test/join.test | 13 +++++++++++++
2 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/src/select.c b/src/select.c
index c60ff27..0205a08 100644
--- a/src/select.c
+++ b/src/select.c
@@ -3569,6 +3569,7 @@ static void substSelect(
** (3b) the FROM clause of the subquery may not contain a virtual
** table and
** (3c) the outer query may not be an aggregate.
+** (3d) the outer query may not be DISTINCT.
**
** (4) The subquery can not be DISTINCT.
**
@@ -3765,8 +3766,11 @@ static int flattenSubquery(
*/
if( (pSubitem->fg.jointype & JT_OUTER)!=0 ){
isLeftJoin = 1;
- if( pSubSrc->nSrc>1 || isAgg || IsVirtual(pSubSrc->a[0].pTab) ){
- /* (3a) (3c) (3b) */
+ if( pSubSrc->nSrc>1 /* (3a) */
+ || isAgg /* (3b) */
+ || IsVirtual(pSubSrc->a[0].pTab) /* (3c) */
+ || (p->selFlags & SF_Distinct)!=0 /* (3d) */
+ ){
return 0;
}
}
diff --git a/test/join.test b/test/join.test
index 8c6f463..8c6a53d 100644
--- a/test/join.test
+++ b/test/join.test
@@ -844,4 +844,17 @@ do_execsql_test join-15.110 {
ORDER BY a1, a2, a3, a4, a5;
} {1 {} {} {} {} 1 11 {} {} {} 1 12 {} {} {} 1 12 121 {} {} 1 13 {} {} {}}
+# 2019-12-18 problem with a LEFT JOIN where the RHS is a view.
+# Detected by Yongheng and Rui.
+# Follows from the optimization attempt of check-in 41c27bc0ff1d3135
+# on 2017-04-18
+#
+reset_db
+do_execsql_test join-22.10 {
+ CREATE TABLE t0(a, b);
+ CREATE INDEX t0a ON t0(a);
+ INSERT INTO t0 VALUES(10,10),(10,11),(10,12);
+ SELECT DISTINCT c FROM t0 LEFT JOIN (SELECT a+1 AS c FROM t0) ORDER BY c ;
+} {11}
+
finish_test
--
2.19.1

View File

@ -0,0 +1,60 @@
From 6b06304c2a46e17a6dc4402eadc75ccac24da893 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Fri, 17 Jan 2020 13:03:54 +0100
Subject: [PATCH] When an error occurs while rewriting the parser tree for
window functions in the sqlite3WindowRewrite() routine, make sure that
pParse->nErr is set, and make sure that this shuts down any subsequent code
generation that might depend on the transformations that were implemented.
This fixes a problem discovered by the Yongheng and Rui fuzzer.
---
src/expr.c | 1 +
src/vdbeaux.c | 3 ++-
src/window.c | 5 +++++
3 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/expr.c b/src/expr.c
index d4eb9de..b081ca2 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -344,6 +344,7 @@ static int codeCompare(
int addr;
CollSeq *p4;
+ if( pParse->nErr ) return 0;
p4 = sqlite3BinaryCompareCollSeq(pParse, pLeft, pRight);
p5 = binaryCompareP5(pLeft, pRight, jumpIfNull);
addr = sqlite3VdbeAddOp4(pParse->pVdbe, opcode, in2, dest, in1,
diff --git a/src/vdbeaux.c b/src/vdbeaux.c
index f1496a3..b74141b 100644
--- a/src/vdbeaux.c
+++ b/src/vdbeaux.c
@@ -1160,7 +1160,8 @@ void sqlite3VdbeSetP4KeyInfo(Parse *pParse, Index *pIdx){
*/
static void vdbeVComment(Vdbe *p, const char *zFormat, va_list ap){
assert( p->nOp>0 || p->aOp==0 );
- assert( p->aOp==0 || p->aOp[p->nOp-1].zComment==0 || p->db->mallocFailed );
+ assert( p->aOp==0 || p->aOp[p->nOp-1].zComment==0 || p->db->mallocFailed
+ || p->pParse->nErr>0 );
if( p->nOp ){
assert( p->aOp );
sqlite3DbFree(p->db, p->aOp[p->nOp-1].zComment);
diff --git a/src/window.c b/src/window.c
index f5deae9..56c0145 100644
--- a/src/window.c
+++ b/src/window.c
@@ -843,6 +843,11 @@ int sqlite3WindowRewrite(Parse *pParse, Select *p){
if( db->mallocFailed ) rc = SQLITE_NOMEM;
}
+ if( rc && pParse->nErr==0 ){
+ assert( pParse->db->mallocFailed );
+ return SQLITE_NOMEM;
+ }
+
return rc;
}
--
2.19.1

View File

@ -0,0 +1,50 @@
From 1986c6384122947b10804cbc5c4d7af85e097404 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Mon, 20 Jan 2020 10:09:55 +0100
Subject: [PATCH] Fix the zipfile extension so that INSERT works even if the
pathname of
the file being inserted is a NULL. Bug discovered by the
Yongheng and Rui fuzzer.
---
ext/misc/zipfile.c | 1 +
test/zipfile.test | 13 +++++++++++++
2 files changed, 14 insertions(+)
diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c
index e57dc38..6f48d0f 100644
--- a/ext/misc/zipfile.c
+++ b/ext/misc/zipfile.c
@@ -1618,6 +1618,7 @@ static int zipfileUpdate(
if( rc==SQLITE_OK ){
zPath = (const char*)sqlite3_value_text(apVal[2]);
+ if( zPath==0 ) zPath = "";
nPath = (int)strlen(zPath);
mTime = zipfileGetTime(apVal[4]);
}
diff --git a/test/zipfile.test b/test/zipfile.test
index 2bab066..5bca10b 100644
--- a/test/zipfile.test
+++ b/test/zipfile.test
@@ -795,4 +795,17 @@ if {$tcl_platform(platform)!="windows"} {
} {. ./x1.txt ./x2.txt}
}
+# 2019-12-18 Yongheng and Rui fuzzer
+#
+do_execsql_test 13.10 {
+ DROP TABLE IF EXISTS t0;
+ DROP TABLE IF EXISTS t1;
+ CREATE TABLE t0(a,b,c,d,e,f,g);
+ REPLACE INTO t0(c,b,f) VALUES(10,10,10);
+ CREATE VIRTUAL TABLE t1 USING zipfile('h.zip');
+ REPLACE INTO t1 SELECT * FROM t0;
+ SELECT quote(name),quote(mode),quote(mtime),quote(sz),quote(rawdata),
+ quote(data),quote(method) FROM t1;
+} {'' 10 10 2 X'3130' X'3130' 0}
+
finish_test
--
2.19.1

View File

@ -0,0 +1,63 @@
From 16c5290d72cb8059e9dfe545613183b850fc44e4 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Mon, 20 Jan 2020 10:26:35 +0100
Subject: [PATCH] Fix the zipfile() function in the zipfile extension so that
it is able to
deal with goofy filenames that contain embedded zeros.
---
ext/misc/zipfile.c | 4 ++--
test/zipfile.test | 13 +++++++++++++
2 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c
index 6f48d0f..e6141ef 100644
--- a/ext/misc/zipfile.c
+++ b/ext/misc/zipfile.c
@@ -1632,7 +1632,7 @@ static int zipfileUpdate(
zFree = sqlite3_mprintf("%s/", zPath);
if( zFree==0 ){ rc = SQLITE_NOMEM; }
zPath = (const char*)zFree;
- nPath++;
+ nPath = (int)strlen(zPath);
}
}
@@ -2033,11 +2033,11 @@ void zipfileStep(sqlite3_context *pCtx, int nVal, sqlite3_value **apVal){
}else{
if( zName[nName-1]!='/' ){
zName = zFree = sqlite3_mprintf("%s/", zName);
- nName++;
if( zName==0 ){
rc = SQLITE_NOMEM;
goto zipfile_step_out;
}
+ nName = (int)strlen(zName);
}else{
while( nName>1 && zName[nName-2]=='/' ) nName--;
}
diff --git a/test/zipfile.test b/test/zipfile.test
index 5bca10b..e4b8088 100644
--- a/test/zipfile.test
+++ b/test/zipfile.test
@@ -808,4 +808,17 @@ do_execsql_test 13.10 {
quote(data),quote(method) FROM t1;
} {'' 10 10 2 X'3130' X'3130' 0}
+# 2019-12-23 Yongheng and Rui fuzzer
+# Run using valgrind to see the problem.
+#
+do_execsql_test 14.10 {
+ DROP TABLE t1;
+ CREATE TABLE t1(x char);
+ INSERT INTO t1(x) VALUES('1');
+ INSERT INTO t1(x) SELECT zipfile(x, 'xyz') FROM t1;
+ INSERT INTO t1(x) SELECT zipfile(x, 'uvw') FROM t1;
+ SELECT count(*) FROM t1;
+ PRAGMA integrity_check;
+} {3 ok}
+
finish_test
--
2.19.1

View File

@ -0,0 +1,102 @@
From ff5f246e41239cc4dd33ffa73883fa07f78674e1 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Fri, 7 Aug 2020 07:00:29 +0200
Subject: [PATCH] Do not attempt to unwind the WITH stack in the Parse object
following an error.
---
src/select.c | 5 ++++-
src/util.c | 1 +
test/altertab2.test | 20 ++++++++++++++++++++
test/with3.test | 10 +++++++++-
4 files changed, 34 insertions(+), 2 deletions(-)
diff --git a/src/select.c b/src/select.c
index c46f177..a6d1757 100644
--- a/src/select.c
+++ b/src/select.c
@@ -4639,6 +4639,9 @@ static int withExpand(
With *pWith; /* WITH clause that pCte belongs to */
assert( pFrom->pTab==0 );
+ if( pParse->nErr ){
+ return SQLITE_ERROR;
+ }
pCte = searchWith(pParse->pWith, pFrom, &pWith);
if( pCte ){
@@ -4908,7 +4911,7 @@ static int selectExpander(Walker *pWalker, Select *p){
/* Process NATURAL keywords, and ON and USING clauses of joins.
*/
- if( db->mallocFailed || sqliteProcessJoin(pParse, p) ){
+ if( pParse->nErr || db->mallocFailed || sqliteProcessJoin(pParse, p) ){
return WRC_Abort;
}
diff --git a/src/util.c b/src/util.c
index 54f9b93..96b0b14 100644
--- a/src/util.c
+++ b/src/util.c
@@ -222,6 +222,7 @@ void sqlite3ErrorMsg(Parse *pParse, const char *zFormat, ...){
sqlite3DbFree(db, pParse->zErrMsg);
pParse->zErrMsg = zMsg;
pParse->rc = SQLITE_ERROR;
+ pParse->pWith = 0;
}
}
diff --git a/test/altertab2.test b/test/altertab2.test
index 2e4212c..2102e02 100644
--- a/test/altertab2.test
+++ b/test/altertab2.test
@@ -85,5 +85,25 @@ do_execsql_test 2.3 {
{CREATE TABLE c3(x, FOREIGN KEY (x) REFERENCES "p3"(a))}
}
+#------------------------------------------------------------------------
+#
+reset_db
+do_execsql_test 3.0 {
+ CREATE TABLE v0 (a);
+ CREATE VIEW v2 (v3) AS
+ WITH x1 AS (SELECT * FROM v2)
+ SELECT v3 AS x, v3 AS y FROM v2;
+}
+
+do_catchsql_test 3.1 {
+ SELECT * FROM v2
+} {1 {view v2 is circularly defined}}
+
+db close
+sqlite3 db test.db
+
+do_catchsql_test 3.2 {
+ ALTER TABLE v0 RENAME TO t3 ;
+} {1 {error in view v2: view v2 is circularly defined}}
finish_test
diff --git a/test/with3.test b/test/with3.test
index de150b1..4a3a5a7 100644
--- a/test/with3.test
+++ b/test/with3.test
@@ -30,7 +30,15 @@ do_catchsql_test 1.0 {
SELECT 5 FROM t0 UNION SELECT 8 FROM m
)
SELECT * FROM i;
-} {1 {no such table: m}}
+} {1 {no such table: t0}}
+
+# 2019-11-09 dbfuzzcheck find
+do_catchsql_test 1.1 {
+ CREATE VIEW v1(x,y) AS
+ WITH t1(a,b) AS (VALUES(1,2))
+ SELECT * FROM nosuchtable JOIN t1;
+ SELECT * FROM v1;
+} {1 {no such table: main.nosuchtable}}
# Additional test cases that came out of the work to
# fix for Kostya's problem.
--
2.26.0

View File

@ -0,0 +1,281 @@
Subject: [PATCH] Prevent aliases of window functions expressions from being
used as arguments to aggregate or other window functions.
---
src/resolve.c | 21 ++++++---
src/sqliteInt.h | 2 +
test/windowerr.tcl | 59 ++++++++++++++++++++++++++
test/windowerr.test | 99 ++++++++++++++++++++++++++++++++++++++++++
4 files changed, 176 insertions(+), 5 deletions(-)
create mode 100644 test/windowerr.tcl
create mode 100644 test/windowerr.test
diff --git a/src/resolve.c b/src/resolve.c
index 0c7dfc0..cdcf4d9 100644
--- a/src/resolve.c
+++ b/src/resolve.c
@@ -436,6 +436,10 @@ static int lookupName(
sqlite3ErrorMsg(pParse, "misuse of aliased aggregate %s", zAs);
return WRC_Abort;
}
+ if( (pNC->ncFlags&NC_AllowWin)==0 && ExprHasProperty(pOrig, EP_Win) ){
+ sqlite3ErrorMsg(pParse, "misuse of aliased window function %s",zAs);
+ return WRC_Abort;
+ }
if( sqlite3ExprVectorSize(pOrig)!=1 ){
sqlite3ErrorMsg(pParse, "row value misused");
return WRC_Abort;
@@ -707,6 +711,7 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
const char *zId; /* The function name. */
FuncDef *pDef; /* Information about the function */
u8 enc = ENC(pParse->db); /* The database encoding */
+ int savedAllowFlags = (pNC->ncFlags & (NC_AllowAgg | NC_AllowWin));
assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
zId = pExpr->u.zToken;
@@ -828,8 +833,11 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
pNC->nErr++;
}
if( is_agg ){
+ /* Window functions may not be arguments of aggregate functions.
+ ** Or arguments of other window functions. But aggregate functions
+ ** may be arguments for window functions. */
#ifndef SQLITE_OMIT_WINDOWFUNC
- pNC->ncFlags &= ~(pExpr->y.pWin ? NC_AllowWin : NC_AllowAgg);
+ pNC->ncFlags &= ~(NC_AllowWin | (!pExpr->y.pWin ? NC_AllowAgg : 0));
#else
pNC->ncFlags &= ~NC_AllowAgg;
#endif
@@ -850,7 +858,7 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
pExpr->y.pWin->pNextWin = pSel->pWin;
pSel->pWin = pExpr->y.pWin;
}
- pNC->ncFlags |= NC_AllowWin;
+ pNC->ncFlags |= NC_HasWin;
}else
#endif /* SQLITE_OMIT_WINDOWFUNC */
{
@@ -868,8 +876,8 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
pNC2->ncFlags |= NC_HasAgg | (pDef->funcFlags & SQLITE_FUNC_MINMAX);
}
- pNC->ncFlags |= NC_AllowAgg;
}
+ pNC->ncFlags |= savedAllowFlags;
}
/* FIX ME: Compute pExpr->affinity based on the expected return
** type of the function
@@ -1573,8 +1581,8 @@ int sqlite3ResolveExprNames(
Walker w;
if( pExpr==0 ) return SQLITE_OK;
- savedHasAgg = pNC->ncFlags & (NC_HasAgg|NC_MinMaxAgg);
- pNC->ncFlags &= ~(NC_HasAgg|NC_MinMaxAgg);
+ savedHasAgg = pNC->ncFlags & (NC_HasAgg|NC_MinMaxAgg|NC_HasWin);
+ pNC->ncFlags &= ~(NC_HasAgg|NC_MinMaxAgg|NC_HasWin);
w.pParse = pNC->pParse;
w.xExprCallback = resolveExprStep;
w.xSelectCallback = resolveSelectStep;
@@ -1593,6 +1601,9 @@ int sqlite3ResolveExprNames(
if( pNC->ncFlags & NC_HasAgg ){
ExprSetProperty(pExpr, EP_Agg);
}
+ if( pNC->ncFlags & NC_HasWin ){
+ ExprSetProperty(pExpr, EP_Win);
+ }
pNC->ncFlags |= savedHasAgg;
return pNC->nErr>0 || w.pParse->nErr>0;
}
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index 5f5f3cc..b7d3571 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -2517,6 +2517,7 @@ struct Expr {
#define EP_Alias 0x400000 /* Is an alias for a result set column */
#define EP_Leaf 0x800000 /* Expr.pLeft, .pRight, .u.pSelect all NULL */
#define EP_WinFunc 0x1000000 /* TK_FUNCTION with Expr.y.pWin set */
+#define EP_Win 0x8000000 /* Contains window functions */
/*
** The EP_Propagate mask is a set of properties that automatically propagate
@@ -2773,6 +2774,7 @@ struct NameContext {
#define NC_MinMaxAgg 0x1000 /* min/max aggregates seen. See note above */
#define NC_Complex 0x2000 /* True if a function or subquery seen */
#define NC_AllowWin 0x4000 /* Window functions are allowed here */
+#define NC_HasWin 0x8000 /* One or more window functions seen */
/*
** An instance of the following object describes a single ON CONFLICT
diff --git a/test/windowerr.tcl b/test/windowerr.tcl
new file mode 100644
index 0000000..80f464d
--- /dev/null
+++ b/test/windowerr.tcl
@@ -0,0 +1,59 @@
+# 2018 May 19
+#
+# The author disclaims copyright to this source code. In place of
+# a legal notice, here is a blessing:
+#
+# May you do good and not evil.
+# May you find forgiveness for yourself and forgive others.
+# May you share freely, never taking more than you give.
+#
+#***********************************************************************
+#
+
+source [file join [file dirname $argv0] pg_common.tcl]
+
+#=========================================================================
+
+start_test windowerr "2019 March 01"
+ifcapable !windowfunc
+
+execsql_test 1.0 {
+ DROP TABLE IF EXISTS t1;
+ CREATE TABLE t1(a INTEGER, b INTEGER);
+ INSERT INTO t1 VALUES(1, 1);
+ INSERT INTO t1 VALUES(2, 2);
+ INSERT INTO t1 VALUES(3, 3);
+ INSERT INTO t1 VALUES(4, 4);
+ INSERT INTO t1 VALUES(5, 5);
+}
+
+foreach {tn frame} {
+ 1 "ORDER BY a ROWS BETWEEN -1 PRECEDING AND 1 FOLLOWING"
+ 2 "ORDER BY a ROWS BETWEEN 1 PRECEDING AND -1 FOLLOWING"
+
+ 3 "ORDER BY a RANGE BETWEEN -1 PRECEDING AND 1 FOLLOWING"
+ 4 "ORDER BY a RANGE BETWEEN 1 PRECEDING AND -1 FOLLOWING"
+
+ 5 "ORDER BY a GROUPS BETWEEN -1 PRECEDING AND 1 FOLLOWING"
+ 6 "ORDER BY a GROUPS BETWEEN 1 PRECEDING AND -1 FOLLOWING"
+
+ 7 "ORDER BY a,b RANGE BETWEEN 1 PRECEDING AND 1 FOLLOWING"
+
+ 8 "PARTITION BY a RANGE BETWEEN 1 PRECEDING AND 1 FOLLOWING"
+} {
+ errorsql_test 1.$tn "
+ SELECT a, sum(b) OVER (
+ $frame
+ ) FROM t1 ORDER BY 1
+ "
+}
+errorsql_test 2.1 {
+ SELECT sum( sum(a) OVER () ) FROM t1;
+}
+
+errorsql_test 2.2 {
+ SELECT sum(a) OVER () AS xyz FROM t1 ORDER BY sum(xyz);
+}
+
+
+finish_test
diff --git a/test/windowerr.test b/test/windowerr.test
new file mode 100644
index 0000000..97dae64
--- /dev/null
+++ b/test/windowerr.test
@@ -0,0 +1,99 @@
+# 2019 March 01
+#
+# The author disclaims copyright to this source code. In place of
+# a legal notice, here is a blessing:
+#
+# May you do good and not evil.
+# May you find forgiveness for yourself and forgive others.
+# May you share freely, never taking more than you give.
+#
+#***********************************************************************
+# This file implements regression tests for SQLite library.
+#
+
+####################################################
+# DO NOT EDIT! THIS FILE IS AUTOMATICALLY GENERATED!
+####################################################
+
+set testdir [file dirname $argv0]
+source $testdir/tester.tcl
+set testprefix windowerr
+
+ifcapable !windowfunc { finish_test ; return }
+do_execsql_test 1.0 {
+ DROP TABLE IF EXISTS t1;
+ CREATE TABLE t1(a INTEGER, b INTEGER);
+ INSERT INTO t1 VALUES(1, 1);
+ INSERT INTO t1 VALUES(2, 2);
+ INSERT INTO t1 VALUES(3, 3);
+ INSERT INTO t1 VALUES(4, 4);
+ INSERT INTO t1 VALUES(5, 5);
+} {}
+
+# PG says ERROR: frame starting offset must not be negative
+do_test 1.1 { catch { execsql {
+ SELECT a, sum(b) OVER (
+ ORDER BY a ROWS BETWEEN -1 PRECEDING AND 1 FOLLOWING
+ ) FROM t1 ORDER BY 1
+} } } 1
+
+# PG says ERROR: frame ending offset must not be negative
+do_test 1.2 { catch { execsql {
+ SELECT a, sum(b) OVER (
+ ORDER BY a ROWS BETWEEN 1 PRECEDING AND -1 FOLLOWING
+ ) FROM t1 ORDER BY 1
+} } } 1
+
+# PG says ERROR: invalid preceding or following size in window function
+do_test 1.3 { catch { execsql {
+ SELECT a, sum(b) OVER (
+ ORDER BY a RANGE BETWEEN -1 PRECEDING AND 1 FOLLOWING
+ ) FROM t1 ORDER BY 1
+} } } 1
+
+# PG says ERROR: invalid preceding or following size in window function
+do_test 1.4 { catch { execsql {
+ SELECT a, sum(b) OVER (
+ ORDER BY a RANGE BETWEEN 1 PRECEDING AND -1 FOLLOWING
+ ) FROM t1 ORDER BY 1
+} } } 1
+
+# PG says ERROR: frame starting offset must not be negative
+do_test 1.5 { catch { execsql {
+ SELECT a, sum(b) OVER (
+ ORDER BY a GROUPS BETWEEN -1 PRECEDING AND 1 FOLLOWING
+ ) FROM t1 ORDER BY 1
+} } } 1
+
+# PG says ERROR: frame ending offset must not be negative
+do_test 1.6 { catch { execsql {
+ SELECT a, sum(b) OVER (
+ ORDER BY a GROUPS BETWEEN 1 PRECEDING AND -1 FOLLOWING
+ ) FROM t1 ORDER BY 1
+} } } 1
+
+# PG says ERROR: RANGE with offset PRECEDING/FOLLOWING requires exactly one ORDER BY column
+do_test 1.7 { catch { execsql {
+ SELECT a, sum(b) OVER (
+ ORDER BY a,b RANGE BETWEEN 1 PRECEDING AND 1 FOLLOWING
+ ) FROM t1 ORDER BY 1
+} } } 1
+
+# PG says ERROR: RANGE with offset PRECEDING/FOLLOWING requires exactly one ORDER BY column
+do_test 1.8 { catch { execsql {
+ SELECT a, sum(b) OVER (
+ PARTITION BY a RANGE BETWEEN 1 PRECEDING AND 1 FOLLOWING
+ ) FROM t1 ORDER BY 1
+} } } 1
+
+# PG says ERROR: aggregate function calls cannot contain window function calls
+do_test 2.1 { catch { execsql {
+ SELECT sum( sum(a) OVER () ) FROM t1;
+} } } 1
+
+# PG says ERROR: column "xyz" does not exist
+do_test 2.2 { catch { execsql {
+ SELECT sum(a) OVER () AS xyz FROM t1 ORDER BY sum(xyz);
+} } } 1
+
+finish_test
--
2.24.1

View File

@ -0,0 +1,442 @@
Subject: [PATCH] Use the 64-bit memory allocator interfaces in extensions,
whenever possible and Enforce the SQLITE_LIMIT_COLUMN limit on virtual tables
---
ext/fts3/fts3_snippet.c | 7 ++++---
ext/fts3/fts3_test.c | 6 +++---
ext/fts3/fts3_tokenize_vtab.c | 2 +-
ext/fts3/fts3_tokenizer.c | 4 ++--
ext/fts3/fts3_write.c | 19 ++++++++++---------
ext/fts5/fts5_tokenize.c | 2 +-
ext/rtree/geopoly.c | 20 ++++++++++----------
src/build.c | 8 ++++----
src/expr.c | 2 +-
src/main.c | 2 +-
src/test_fs.c | 2 +-
src/util.c | 2 +-
src/vdbeaux.c | 8 +++++---
src/vdbesort.c | 4 ++--
src/vtab.c | 25 +++++++++++++++----------
15 files changed, 61 insertions(+), 52 deletions(-)
diff --git a/ext/fts3/fts3_snippet.c b/ext/fts3/fts3_snippet.c
index 5778620..efffff3 100644
--- a/ext/fts3/fts3_snippet.c
+++ b/ext/fts3/fts3_snippet.c
@@ -130,10 +130,11 @@ struct StrBuffer {
*/
static MatchinfoBuffer *fts3MIBufferNew(int nElem, const char *zMatchinfo){
MatchinfoBuffer *pRet;
- int nByte = sizeof(u32) * (2*nElem + 1) + sizeof(MatchinfoBuffer);
- int nStr = (int)strlen(zMatchinfo);
+ sqlite3_int64 nByte = sizeof(u32) * (2*(sqlite3_int64)nElem + 1)
+ + sizeof(MatchinfoBuffer);
+ sqlite3_int64 nStr = strlen(zMatchinfo);
- pRet = sqlite3_malloc(nByte + nStr+1);
+ pRet = sqlite3_malloc64(nByte + nStr+1);
if( pRet ){
memset(pRet, 0, nByte);
pRet->aMatchinfo[0] = (u8*)(&pRet->aMatchinfo[1]) - (u8*)pRet;
diff --git a/ext/fts3/fts3_test.c b/ext/fts3/fts3_test.c
index a48a556..0b4edcc 100644
--- a/ext/fts3/fts3_test.c
+++ b/ext/fts3/fts3_test.c
@@ -448,14 +448,14 @@ static int testTokenizerNext(
}else{
/* Advance to the end of the token */
const char *pToken = p;
- int nToken;
+ sqlite3_int64 nToken;
while( p<pEnd && testIsTokenChar(*p) ) p++;
- nToken = (int)(p-pToken);
+ nToken = (sqlite3_int64)(p-pToken);
/* Copy the token into the buffer */
if( nToken>pCsr->nBuffer ){
sqlite3_free(pCsr->aBuffer);
- pCsr->aBuffer = sqlite3_malloc(nToken);
+ pCsr->aBuffer = sqlite3_malloc64(nToken);
}
if( pCsr->aBuffer==0 ){
rc = SQLITE_NOMEM;
diff --git a/ext/fts3/fts3_tokenize_vtab.c b/ext/fts3/fts3_tokenize_vtab.c
index a3d24bc..5b4085b 100644
--- a/ext/fts3/fts3_tokenize_vtab.c
+++ b/ext/fts3/fts3_tokenize_vtab.c
@@ -346,7 +346,7 @@ static int fts3tokFilterMethod(
if( idxNum==1 ){
const char *zByte = (const char *)sqlite3_value_text(apVal[0]);
int nByte = sqlite3_value_bytes(apVal[0]);
- pCsr->zInput = sqlite3_malloc(nByte+1);
+ pCsr->zInput = sqlite3_malloc64(nByte+1);
if( pCsr->zInput==0 ){
rc = SQLITE_NOMEM;
}else{
diff --git a/ext/fts3/fts3_tokenizer.c b/ext/fts3/fts3_tokenizer.c
index bfc36af..fe2003e 100644
--- a/ext/fts3/fts3_tokenizer.c
+++ b/ext/fts3/fts3_tokenizer.c
@@ -194,8 +194,8 @@ int sqlite3Fts3InitTokenizer(
int iArg = 0;
z = &z[n+1];
while( z<zEnd && (NULL!=(z = (char *)sqlite3Fts3NextToken(z, &n))) ){
- int nNew = sizeof(char *)*(iArg+1);
- char const **aNew = (const char **)sqlite3_realloc((void *)aArg, nNew);
+ sqlite3_int64 nNew = sizeof(char *)*(iArg+1);
+ char const **aNew = (const char **)sqlite3_realloc64((void *)aArg, nNew);
if( !aNew ){
sqlite3_free(zCopy);
sqlite3_free((void *)aArg);
diff --git a/ext/fts3/fts3_write.c b/ext/fts3/fts3_write.c
index d57d265..5330b4c 100644
--- a/ext/fts3/fts3_write.c
+++ b/ext/fts3/fts3_write.c
@@ -1744,8 +1744,9 @@ int sqlite3Fts3SegReaderPending(
}
if( nElem>0 ){
- int nByte = sizeof(Fts3SegReader) + (nElem+1)*sizeof(Fts3HashElem *);
- pReader = (Fts3SegReader *)sqlite3_malloc(nByte);
+ sqlite3_int64 nByte;
+ nByte = sizeof(Fts3SegReader) + (nElem+1)*sizeof(Fts3HashElem *);
+ pReader = (Fts3SegReader *)sqlite3_malloc64(nByte);
if( !pReader ){
rc = SQLITE_NOMEM;
}else{
@@ -3357,7 +3358,7 @@ static void fts3InsertDocsize(
int rc; /* Result code from subfunctions */
if( *pRC ) return;
- pBlob = sqlite3_malloc( 10*p->nColumn );
+ pBlob = sqlite3_malloc64( 10*(sqlite3_int64)p->nColumn );
if( pBlob==0 ){
*pRC = SQLITE_NOMEM;
return;
@@ -3407,7 +3408,7 @@ static void fts3UpdateDocTotals(
const int nStat = p->nColumn+2;
if( *pRC ) return;
- a = sqlite3_malloc( (sizeof(u32)+10)*nStat );
+ a = sqlite3_malloc64( (sizeof(u32)+10)*(sqlite3_int64)nStat );
if( a==0 ){
*pRC = SQLITE_NOMEM;
return;
@@ -3528,8 +3529,8 @@ static int fts3DoRebuild(Fts3Table *p){
}
if( rc==SQLITE_OK ){
- int nByte = sizeof(u32) * (p->nColumn+1)*3;
- aSz = (u32 *)sqlite3_malloc(nByte);
+ sqlite3_int64 nByte = sizeof(u32) * ((sqlite3_int64)p->nColumn+1)*3;
+ aSz = (u32 *)sqlite3_malloc64(nByte);
if( aSz==0 ){
rc = SQLITE_NOMEM;
}else{
@@ -3595,12 +3596,12 @@ static int fts3IncrmergeCsr(
){
int rc; /* Return Code */
sqlite3_stmt *pStmt = 0; /* Statement used to read %_segdir entry */
- int nByte; /* Bytes allocated at pCsr->apSegment[] */
+ sqlite3_int64 nByte; /* Bytes allocated at pCsr->apSegment[] */
/* Allocate space for the Fts3MultiSegReader.aCsr[] array */
memset(pCsr, 0, sizeof(*pCsr));
nByte = sizeof(Fts3SegReader *) * nSeg;
- pCsr->apSegment = (Fts3SegReader **)sqlite3_malloc(nByte);
+ pCsr->apSegment = (Fts3SegReader **)sqlite3_malloc64(nByte);
if( pCsr->apSegment==0 ){
rc = SQLITE_NOMEM;
@@ -5591,7 +5592,7 @@ int sqlite3Fts3UpdateMethod(
}
/* Allocate space to hold the change in document sizes */
- aSzDel = sqlite3_malloc( sizeof(aSzDel[0])*(p->nColumn+1)*2 );
+ aSzDel = sqlite3_malloc64(sizeof(aSzDel[0])*((sqlite3_int64)p->nColumn+1)*2);
if( aSzDel==0 ){
rc = SQLITE_NOMEM;
goto update_out;
diff --git a/ext/fts5/fts5_tokenize.c b/ext/fts5/fts5_tokenize.c
index af2bc22..029efc5 100644
--- a/ext/fts5/fts5_tokenize.c
+++ b/ext/fts5/fts5_tokenize.c
@@ -363,7 +363,7 @@ static int fts5UnicodeCreate(
p->bRemoveDiacritic = 1;
p->nFold = 64;
- p->aFold = sqlite3_malloc(p->nFold * sizeof(char));
+ p->aFold = sqlite3_malloc64(p->nFold * sizeof(char));
if( p->aFold==0 ){
rc = SQLITE_NOMEM;
}
diff --git a/ext/rtree/geopoly.c b/ext/rtree/geopoly.c
index f6a31f5..7b97f9b 100644
--- a/ext/rtree/geopoly.c
+++ b/ext/rtree/geopoly.c
@@ -261,7 +261,7 @@ static GeoPoly *geopolyParseJson(const unsigned char *z, int *pRc){
GeoPoly *pOut;
int x = 1;
s.nVertex--; /* Remove the redundant vertex at the end */
- pOut = sqlite3_malloc64( GEOPOLY_SZ(s.nVertex) );
+ pOut = sqlite3_malloc64( GEOPOLY_SZ((sqlite3_int64)s.nVertex) );
x = 1;
if( pOut==0 ) goto parse_json_err;
pOut->nVertex = s.nVertex;
@@ -644,7 +644,7 @@ static GeoPoly *geopolyBBox(
if( pRc ) *pRc = SQLITE_OK;
if( aCoord==0 ){
geopolyBboxFill:
- pOut = sqlite3_realloc(p, GEOPOLY_SZ(4));
+ pOut = sqlite3_realloc64(p, GEOPOLY_SZ(4));
if( pOut==0 ){
sqlite3_free(p);
if( context ) sqlite3_result_error_nomem(context);
@@ -1040,9 +1040,9 @@ static GeoSegment *geopolySortSegmentsByYAndC(GeoSegment *pList){
** Determine the overlap between two polygons
*/
static int geopolyOverlap(GeoPoly *p1, GeoPoly *p2){
- int nVertex = p1->nVertex + p2->nVertex + 2;
+ sqlite3_int64 nVertex = p1->nVertex + p2->nVertex + 2;
GeoOverlap *p;
- int nByte;
+ sqlite3_int64 nByte;
GeoEvent *pThisEvent;
double rX;
int rc = 0;
@@ -1054,7 +1054,7 @@ static int geopolyOverlap(GeoPoly *p1, GeoPoly *p2){
nByte = sizeof(GeoEvent)*nVertex*2
+ sizeof(GeoSegment)*nVertex
+ sizeof(GeoOverlap);
- p = sqlite3_malloc( nByte );
+ p = sqlite3_malloc64( nByte );
if( p==0 ) return -1;
p->aEvent = (GeoEvent*)&p[1];
p->aSegment = (GeoSegment*)&p->aEvent[nVertex*2];
@@ -1213,8 +1213,8 @@ static int geopolyInit(
){
int rc = SQLITE_OK;
Rtree *pRtree;
- int nDb; /* Length of string argv[1] */
- int nName; /* Length of string argv[2] */
+ sqlite3_int64 nDb; /* Length of string argv[1] */
+ sqlite3_int64 nName; /* Length of string argv[2] */
sqlite3_str *pSql;
char *zSql;
int ii;
@@ -1222,9 +1222,9 @@ static int geopolyInit(
sqlite3_vtab_config(db, SQLITE_VTAB_CONSTRAINT_SUPPORT, 1);
/* Allocate the sqlite3_vtab structure */
- nDb = (int)strlen(argv[1]);
- nName = (int)strlen(argv[2]);
- pRtree = (Rtree *)sqlite3_malloc(sizeof(Rtree)+nDb+nName+2);
+ nDb = strlen(argv[1]);
+ nName = strlen(argv[2]);
+ pRtree = (Rtree *)sqlite3_malloc64(sizeof(Rtree)+nDb+nName+2);
if( !pRtree ){
return SQLITE_NOMEM;
}
diff --git a/src/build.c b/src/build.c
index afe4171..1dc2614 100644
--- a/src/build.c
+++ b/src/build.c
@@ -3760,9 +3760,9 @@ void *sqlite3ArrayAllocate(
int *pIdx /* Write the index of a new slot here */
){
char *z;
- int n = *pnEntry;
+ sqlite3_int64 n = *pnEntry;
if( (n & (n-1))==0 ){
- int sz = (n==0) ? 1 : 2*n;
+ sqlite3_int64 sz = (n==0) ? 1 : 2*n;
void *pNew = sqlite3DbRealloc(db, pArray, sz*szEntry);
if( pNew==0 ){
*pIdx = -1;
@@ -3870,7 +3870,7 @@ SrcList *sqlite3SrcListEnlarge(
/* Allocate additional space if needed */
if( (u32)pSrc->nSrc+nExtra>pSrc->nAlloc ){
SrcList *pNew;
- int nAlloc = pSrc->nSrc*2+nExtra;
+ sqlite3_int64 nAlloc = 2*(sqlite3_int64)pSrc->nSrc+nExtra;
int nGot;
pNew = sqlite3DbRealloc(db, pSrc,
sizeof(*pSrc) + (nAlloc-1)*sizeof(pSrc->a[0]) );
@@ -4612,7 +4612,7 @@ With *sqlite3WithAdd(
}
if( pWith ){
- int nByte = sizeof(*pWith) + (sizeof(pWith->a[1]) * pWith->nCte);
+ sqlite3_int64 nByte = sizeof(*pWith) + (sizeof(pWith->a[1]) * pWith->nCte);
pNew = sqlite3DbRealloc(db, pWith, nByte);
}else{
pNew = sqlite3DbMallocZero(db, sizeof(*pWith));
diff --git a/src/expr.c b/src/expr.c
index 5f98f76..d64b8eb 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -1547,7 +1547,7 @@ ExprList *sqlite3ExprListAppend(
}else if( (pList->nExpr & (pList->nExpr-1))==0 ){
ExprList *pNew;
pNew = sqlite3DbRealloc(db, pList,
- sizeof(*pList)+(2*pList->nExpr - 1)*sizeof(pList->a[0]));
+ sizeof(*pList)+(2*(sqlite3_int64)pList->nExpr-1)*sizeof(pList->a[0]));
if( pNew==0 ){
goto no_mem;
}
diff --git a/src/main.c b/src/main.c
index 46c8346..434b898 100644
--- a/src/main.c
+++ b/src/main.c
@@ -698,7 +698,7 @@ static int setupLookaside(sqlite3 *db, void *pBuf, int sz, int cnt){
pStart = 0;
}else if( pBuf==0 ){
sqlite3BeginBenignMalloc();
- pStart = sqlite3Malloc( sz*cnt ); /* IMP: R-61949-35727 */
+ pStart = sqlite3Malloc( sz*(sqlite3_int64)cnt ); /* IMP: R-61949-35727 */
sqlite3EndBenignMalloc();
if( pStart ) cnt = sqlite3MallocSize(pStart)/sz;
}else{
diff --git a/src/test_fs.c b/src/test_fs.c
index 8192beb..1feea46 100644
--- a/src/test_fs.c
+++ b/src/test_fs.c
@@ -744,7 +744,7 @@ static int fsColumn(sqlite3_vtab_cursor *cur, sqlite3_context *ctx, int i){
fstat(fd, &sbuf);
if( sbuf.st_size>=pCur->nAlloc ){
- int nNew = sbuf.st_size*2;
+ sqlite3_int64 nNew = sbuf.st_size*2;
char *zNew;
if( nNew<1024 ) nNew = 1024;
diff --git a/src/util.c b/src/util.c
index 96b0b14..7f2b977 100644
--- a/src/util.c
+++ b/src/util.c
@@ -1572,7 +1572,7 @@ VList *sqlite3VListAdd(
assert( pIn==0 || pIn[0]>=3 ); /* Verify ok to add new elements */
if( pIn==0 || pIn[1]+nInt > pIn[0] ){
/* Enlarge the allocation */
- int nAlloc = (pIn ? pIn[0]*2 : 10) + nInt;
+ sqlite3_int64 nAlloc = (pIn ? 2*(sqlite3_int64)pIn[0] : 10) + nInt;
VList *pOut = sqlite3DbRealloc(db, pIn, nAlloc*sizeof(int));
if( pOut==0 ) return pIn;
if( pIn==0 ) pOut[1] = 2;
diff --git a/src/vdbeaux.c b/src/vdbeaux.c
index b74141b..ffc5d0b 100644
--- a/src/vdbeaux.c
+++ b/src/vdbeaux.c
@@ -125,9 +125,11 @@ static int growOpArray(Vdbe *v, int nOp){
** operation (without SQLITE_TEST_REALLOC_STRESS) is to double the current
** size of the op array or add 1KB of space, whichever is smaller. */
#ifdef SQLITE_TEST_REALLOC_STRESS
- int nNew = (p->nOpAlloc>=512 ? p->nOpAlloc*2 : p->nOpAlloc+nOp);
+ sqlite3_int64 nNew = (p->nOpAlloc>=512 ? 2*(sqlite3_int64)p->nOpAlloc
+ : (sqlite3_int64)p->nOpAlloc+nOp);
#else
- int nNew = (p->nOpAlloc ? p->nOpAlloc*2 : (int)(1024/sizeof(Op)));
+ sqlite3_int64 nNew = (p->nOpAlloc ? 2*(sqlite3_int64)p->nOpAlloc
+ : (sqlite3_int64)1024/sizeof(Op));
UNUSED_PARAMETER(nOp);
#endif
@@ -875,7 +877,7 @@ void sqlite3VdbeScanStatus(
LogEst nEst, /* Estimated number of output rows */
const char *zName /* Name of table or index being scanned */
){
- int nByte = (p->nScan+1) * sizeof(ScanStatus);
+ sqlite3_int64 nByte = (p->nScan+1) * sizeof(ScanStatus);
ScanStatus *aNew;
aNew = (ScanStatus*)sqlite3DbRealloc(p->db, p->aScan, nByte);
if( aNew ){
diff --git a/src/vdbesort.c b/src/vdbesort.c
index b30bc4e..d84a411 100644
--- a/src/vdbesort.c
+++ b/src/vdbesort.c
@@ -537,7 +537,7 @@ static int vdbePmaReadBlob(
/* Extend the p->aAlloc[] allocation if required. */
if( p->nAlloc<nByte ){
u8 *aNew;
- int nNew = MAX(128, p->nAlloc*2);
+ sqlite3_int64 nNew = MAX(128, 2*(sqlite3_int64)p->nAlloc);
while( nByte>nNew ) nNew = nNew*2;
aNew = sqlite3Realloc(p->aAlloc, nNew);
if( !aNew ) return SQLITE_NOMEM_BKPT;
@@ -1829,7 +1829,7 @@ int sqlite3VdbeSorterWrite(
if( nMin>pSorter->nMemory ){
u8 *aNew;
int iListOff = (u8*)pSorter->list.pList - pSorter->list.aMemory;
- int nNew = pSorter->nMemory * 2;
+ sqlite3_int64 nNew = 2 * (sqlite3_int64)pSorter->nMemory;
while( nNew < nMin ) nNew = nNew*2;
if( nNew > pSorter->mxPmaSize ) nNew = pSorter->mxPmaSize;
if( nNew < nMin ) nNew = nMin;
diff --git a/src/vtab.c b/src/vtab.c
index 1b8d283..41c6093 100644
--- a/src/vtab.c
+++ b/src/vtab.c
@@ -302,9 +302,13 @@ void sqlite3VtabClear(sqlite3 *db, Table *p){
** string will be freed automatically when the table is
** deleted.
*/
-static void addModuleArgument(sqlite3 *db, Table *pTable, char *zArg){
- int nBytes = sizeof(char *)*(2+pTable->nModuleArg);
+static void addModuleArgument(Parse *pParse, Table *pTable, char *zArg){
+ sqlite3_int64 nBytes = sizeof(char *)*(2+pTable->nModuleArg);
char **azModuleArg;
+ sqlite3 *db = pParse->db;
+ if( pTable->nModuleArg+3>=db->aLimit[SQLITE_LIMIT_COLUMN] ){
+ sqlite3ErrorMsg(pParse, "too many columns on %s", pTable->zName);
+ }
azModuleArg = sqlite3DbRealloc(db, pTable->azModuleArg, nBytes);
if( azModuleArg==0 ){
sqlite3DbFree(db, zArg);
@@ -339,9 +343,9 @@ void sqlite3VtabBeginParse(
db = pParse->db;
assert( pTable->nModuleArg==0 );
- addModuleArgument(db, pTable, sqlite3NameFromToken(db, pModuleName));
- addModuleArgument(db, pTable, 0);
- addModuleArgument(db, pTable, sqlite3DbStrDup(db, pTable->zName));
+ addModuleArgument(pParse, pTable, sqlite3NameFromToken(db, pModuleName));
+ addModuleArgument(pParse, pTable, 0);
+ addModuleArgument(pParse, pTable, sqlite3DbStrDup(db, pTable->zName));
assert( (pParse->sNameToken.z==pName2->z && pName2->z!=0)
|| (pParse->sNameToken.z==pName1->z && pName2->z==0)
);
@@ -374,7 +378,7 @@ static void addArgumentToVtab(Parse *pParse){
const char *z = (const char*)pParse->sArg.z;
int n = pParse->sArg.n;
sqlite3 *db = pParse->db;
- addModuleArgument(db, pParse->pNewTable, sqlite3DbStrNDup(db, z, n));
+ addModuleArgument(pParse, pParse->pNewTable, sqlite3DbStrNDup(db, z, n));
}
}
@@ -663,7 +667,8 @@ static int growVTrans(sqlite3 *db){
/* Grow the sqlite3.aVTrans array if required */
if( (db->nVTrans%ARRAY_INCR)==0 ){
VTable **aVTrans;
- int nBytes = sizeof(sqlite3_vtab *) * (db->nVTrans + ARRAY_INCR);
+ sqlite3_int64 nBytes = sizeof(sqlite3_vtab*)*
+ ((sqlite3_int64)db->nVTrans + ARRAY_INCR);
aVTrans = sqlite3DbRealloc(db, (void *)db->aVTrans, nBytes);
if( !aVTrans ){
return SQLITE_NOMEM_BKPT;
@@ -1157,9 +1162,9 @@ int sqlite3VtabEponymousTableInit(Parse *pParse, Module *pMod){
pTab->pSchema = db->aDb[0].pSchema;
assert( pTab->nModuleArg==0 );
pTab->iPKey = -1;
- addModuleArgument(db, pTab, sqlite3DbStrDup(db, pTab->zName));
- addModuleArgument(db, pTab, 0);
- addModuleArgument(db, pTab, sqlite3DbStrDup(db, pTab->zName));
+ addModuleArgument(pParse, pTab, sqlite3DbStrDup(db, pTab->zName));
+ addModuleArgument(pParse, pTab, 0);
+ addModuleArgument(pParse, pTab, sqlite3DbStrDup(db, pTab->zName));
rc = vtabCallConstructor(db, pTab, pMod, pModule->xConnect, &zErr);
if( rc ){
sqlite3ErrorMsg(pParse, "%s", zErr);
--
2.30.2

View File

@ -0,0 +1,73 @@
Subject: [PATCH] Limit the "precision" of floating-point to text conversions
in the printf() function to 100,000,000.
---
src/printf.c | 12 ++++++++++++
test/printf.test | 16 +++++++++++++---
2 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/src/printf.c b/src/printf.c
index 7bce83f..260bf79 100644
--- a/src/printf.c
+++ b/src/printf.c
@@ -165,6 +165,13 @@ static char *getTextArg(PrintfArguments *p){
#endif
#define etBUFSIZE SQLITE_PRINT_BUF_SIZE /* Size of the output buffer */
+/*
+** Hard limit on the precision of floating-point conversions.
+*/
+#ifndef SQLITE_PRINTF_PRECISION_LIMIT
+# define SQLITE_FP_PRECISION_LIMIT 100000000
+#endif
+
/*
** Render a string given by "fmt" into the StrAccum object.
*/
@@ -471,6 +478,11 @@ void sqlite3_str_vappendf(
length = 0;
#else
if( precision<0 ) precision = 6; /* Set default precision */
+#ifdef SQLITE_FP_PRECISION_LIMIT
+ if( precision>SQLITE_FP_PRECISION_LIMIT ){
+ precision = SQLITE_FP_PRECISION_LIMIT;
+ }
+#endif
if( realvalue<0.0 ){
realvalue = -realvalue;
prefix = '-';
diff --git a/test/printf.test b/test/printf.test
index d768898..a2b5e2a 100644
--- a/test/printf.test
+++ b/test/printf.test
@@ -538,9 +538,11 @@ do_test printf-2.1.2.8 {
do_test printf-2.1.2.9 {
sqlite3_mprintf_double {abc: %d %d (%1.1g) :xyz} 1 1 1.0e-20
} {abc: 1 1 (1e-20) :xyz}
-do_test printf-2.1.2.10 {
- sqlite3_mprintf_double {abc: %*.*f} 2000000000 1000000000 1.0e-20
-} {abc: }
+if {$SQLITE_MAX_LENGTH<=[expr 1000*1000*1000]} {
+ do_test printf-2.1.2.10 {
+ sqlite3_mprintf_double {abc: %*.*f} 2000000000 1000000000 1.0e-20
+ } {}
+}
do_test printf-2.1.3.1 {
sqlite3_mprintf_double {abc: (%*.*f) :xyz} 1 1 1.0
} {abc: (1.0) :xyz}
@@ -3777,4 +3779,12 @@ foreach ::iRepeat {0 1} {
}
}
+# 2020-05-23
+# ticket 23439ea582241138
+#
+do_execsql_test printf-16.1 {
+ SELECT printf('%.*g',2147483647,0.01);
+} {0.01}
+
+
finish_test
--
2.24.1

View File

@ -0,0 +1,144 @@
Subject: [PATCH] When rewriting a query for window functions, if the rewrite
changes the depth of TK_AGG_FUNCTION nodes, be sure to adjust the Expr.op2
field appropriately.
diff --git a/src/resolve.c b/src/resolve.c
index cdcf4d9..c47f6bb 100644
--- a/src/resolve.c
+++ b/src/resolve.c
@@ -24,6 +24,8 @@
**
** incrAggFunctionDepth(pExpr,n) is the main routine. incrAggDepth(..)
** is a helper function - a callback for the tree walker.
+**
+** See also the sqlite3WindowExtraAggFuncDepth() routine in window.c
*/
static int incrAggDepth(Walker *pWalker, Expr *pExpr){
if( pExpr->op==TK_AGG_FUNCTION ) pExpr->op2 += pWalker->u.n;
diff --git a/src/select.c b/src/select.c
index a6d1757..6f5570c 100644
--- a/src/select.c
+++ b/src/select.c
@@ -1961,7 +1961,7 @@ int sqlite3ColumnsFromExprList(
assert( pColExpr!=0 );
}
assert( pColExpr->op!=TK_AGG_COLUMN );
- if( pColExpr->op==TK_COLUMN ){
+ if( pColExpr->op==TK_COLUMN && pColExpr->y.pTab ){
/* For columns use the column name name */
int iCol = pColExpr->iColumn;
Table *pTab = pColExpr->y.pTab;
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index 1cf6937..ea9a7ae 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -3579,6 +3579,8 @@ void sqlite3WindowUpdate(Parse*, Window*, Window*, FuncDef*);
Window *sqlite3WindowDup(sqlite3 *db, Expr *pOwner, Window *p);
Window *sqlite3WindowListDup(sqlite3 *db, Window *p);
void sqlite3WindowFunctions(void);
+int sqlite3WalkerDepthIncrease(Walker*,Select*);
+void sqlite3WalkerDepthDecrease(Walker*,Select*);
#else
# define sqlite3WindowDelete(a,b)
# define sqlite3WindowFunctions()
diff --git a/src/walker.c b/src/walker.c
index c31d94f..8cd3b65 100644
--- a/src/walker.c
+++ b/src/walker.c
@@ -165,3 +165,16 @@ int sqlite3WalkSelect(Walker *pWalker, Select *p){
}while( p!=0 );
return WRC_Continue;
}
+
+/* Increase the walkerDepth when entering a subquery, and
+** descrease when leaving the subquery.
+*/
+int sqlite3WalkerDepthIncrease(Walker *pWalker, Select *pSelect){
+ UNUSED_PARAMETER(pSelect);
+ pWalker->walkerDepth++;
+ return WRC_Continue;
+}
+void sqlite3WalkerDepthDecrease(Walker *pWalker, Select *pSelect){
+ UNUSED_PARAMETER(pSelect);
+ pWalker->walkerDepth--;
+}
\ No newline at end of file
diff --git a/src/window.c b/src/window.c
index c65eadd..48d8090 100644
--- a/src/window.c
+++ b/src/window.c
@@ -738,6 +738,23 @@ static ExprList *exprListAppendList(
return pList;
}
+/*
+** When rewriting a query, if the new subquery in the FROM clause
+** contains TK_AGG_FUNCTION nodes that refer to an outer query,
+** then we have to increase the Expr->op2 values of those nodes
+** due to the extra subquery layer that was added.
+**
+** See also the incrAggDepth() routine in resolve.c
+*/
+static int sqlite3WindowExtraAggFuncDepth(Walker *pWalker, Expr *pExpr){
+ if( pExpr->op==TK_AGG_FUNCTION
+ && pExpr->op2>=pWalker->walkerDepth
+ ){
+ pExpr->op2++;
+ }
+ return WRC_Continue;
+}
+
/*
** If the SELECT statement passed as the second argument does not invoke
** any SQL window functions, this function is a no-op. Otherwise, it
@@ -827,14 +844,24 @@ int sqlite3WindowRewrite(Parse *pParse, Select *p){
p->pSrc = sqlite3SrcListAppend(db, 0, 0, 0);
assert( p->pSrc || db->mallocFailed );
if( p->pSrc ){
+ Table *pTab2;
+ Walker w;
p->pSrc->a[0].pSelect = pSub;
sqlite3SrcListAssignCursors(pParse, p->pSrc);
- if( sqlite3ExpandSubquery(pParse, &p->pSrc->a[0]) ){
+ pTab2 = sqlite3ResultSetOfSelect(pParse, pSub);
+ if( pTab2==0 ){
rc = SQLITE_NOMEM;
}else{
pSub->selFlags |= SF_Expanded;
p->selFlags &= ~SF_Aggregate;
sqlite3SelectPrep(pParse, pSub, 0);
+ pTab2->tabFlags |= TF_Ephemeral;
+ p->pSrc->a[0].pTab = pTab2;
+ memset(&w, 0, sizeof(w));
+ w.xExprCallback = sqlite3WindowExtraAggFuncDepth;
+ w.xSelectCallback = sqlite3WalkerDepthIncrease;
+ w.xSelectCallback2 = sqlite3WalkerDepthDecrease;
+ sqlite3WalkSelect(&w, pSub);
}
sqlite3VdbeAddOp2(v, OP_OpenEphemeral, pMWin->iEphCsr, pSublist->nExpr);
diff --git a/test/window1.test b/test/window1.test
index a8399a8..13ecc32 100644
--- a/test/window1.test
+++ b/test/window1.test
@@ -594,4 +594,20 @@ do_execsql_test 13.5 {
} {
}
+# 2020-05-23
+# ticket 7a5279a25c57adf1
+#
+reset_db
+do_execsql_test 53.0 {
+ CREATE TABLE a(c UNIQUE);
+ INSERT INTO a VALUES(4),(0),(9),(-9);
+ SELECT a.c
+ FROM a
+ JOIN a AS b ON a.c=4
+ JOIN a AS e ON a.c=e.c
+ WHERE a.c=(SELECT (SELECT coalesce(lead(2) OVER(),0) + sum(d.c))
+ FROM a AS d
+ WHERE a.c);
+} {4 4 4 4}
+
finish_test

View File

@ -0,0 +1,88 @@
Subject: [PATCH] Fix a use-after-free bug in the fts3 snippet() function.
---
ext/fts3/fts3.c | 1 +
test/fts3snippet2.test | 59 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 60 insertions(+)
create mode 100644 test/fts3snippet2.test
diff --git a/ext/fts3/fts3.c b/ext/fts3/fts3.c
index 84fc8a5..9ddd201 100644
--- a/ext/fts3/fts3.c
+++ b/ext/fts3/fts3.c
@@ -5213,6 +5213,7 @@ static void fts3EvalNextRow(
fts3EvalNextRow(pCsr, pLeft, pRc);
}
}
+ pRight->bEof = pLeft->bEof = 1;
}
}
break;
diff --git a/test/fts3snippet2.test b/test/fts3snippet2.test
new file mode 100644
index 0000000..607b01e
--- /dev/null
+++ b/test/fts3snippet2.test
@@ -0,0 +1,59 @@
+# 2020-05-14
+#
+# The author disclaims copyright to this source code. In place of
+# a legal notice, here is a blessing:
+#
+# May you do good and not evil.
+# May you find forgiveness for yourself and forgive others.
+# May you share freely, never taking more than you give.
+#
+#*************************************************************************
+#
+# The tests in this file test the FTS3 auxillary functions offsets(),
+# snippet() and matchinfo() work. At time of writing, running this file
+# provides full coverage of fts3_snippet.c.
+#
+
+set testdir [file dirname $argv0]
+source $testdir/tester.tcl
+set testprefix fts3snippet
+
+# If SQLITE_ENABLE_FTS3 is not defined, omit this file.
+ifcapable !fts3 { finish_test ; return }
+source $testdir/fts3_common.tcl
+
+set sqlite_fts3_enable_parentheses 1
+#-------------------------------------------------------------------------
+# Request a snippet from a query with more than 64 phrases.
+#
+reset_db
+do_execsql_test 1.0 {
+ CREATE VIRTUAL TABLE f USING fts3(b);
+ INSERT INTO f VALUES ( x'746e6e6d64612e082a011065616e656d655a616c702a2f65732e0f42014001380230018218');
+}
+
+do_execsql_test 1.1 {
+ SELECT length(snippet(f))>0 FROM f WHERE b MATCH x'1065616e656d655a616c702a2f65732e0f42014001380230018218021001081e0a3d746e6e6d64612e082a010f42014001380230018218021001081e0a3d746e6e6d64612e082a011065616e656d655a616c702a2f65732e0f42014001380230018218021001081e0a3d746e6e6d64612e082a011065616e656d655a616c702a2f65732e0f42014001380230018218021001081e0a3d746e6e6d64612e082a011065616e656d655a616c702a2f0a3d746e6e6d64612e082a011065616e656d655a616c702a2f65732e0f42014001018218021001081e0a3d746e6e6d64612e082a011065616e656d655a616c702a018218021001081e0a3d746e6e6d64612e082a011065616e656d655a616c2a2f65732e0f42014001380230018218021001081e0a3d746e6e6d64612e082a011065616e656d655a616c702a2f65732e0f42014001380230018218021001081e0a3d746e6e6d64612e082a011065616e656d655a616c702a2f65732e0f42014001380230018218021001081e0a3d746e6e6d64612e082a011065616e656d655a616c702a2f65732e0f42014001380230018218021001081e0a3d746e6e6d64612e0f42';
+} {1}
+
+reset_db
+do_execsql_test 2.0 {
+ CREATE VIRTUAL TABLE t0 USING fts3(col0 INTEGER PRIMARY KEY,col1 VARCHAR(8),col2 BINARY,col3 BINARY);
+ INSERT INTO t0 VALUES (1, '1234','aaaa','bbbb');
+ SELECT snippet(t0) FROM t0 WHERE t0 MATCH x'0a4d4d4d4d320a4f52d70a310a310a4e4541520a0a31f6ce0a4f520a0a310a310a310a4f520a75fc2a242424' ;
+} {<b>1</b>}
+
+reset_db
+do_execsql_test 2.1 {
+ CREATE VIRTUAL TABLE t0 USING fts3(
+ col0 INTEGER PRIMARY KEY,col1 VARCHAR(8),col2 BINARY,col3 BINARY
+ );
+ INSERT INTO t0 VALUES ('one', '1234','aaaa','bbbb');
+}
+do_execsql_test 2.2 {
+ SELECT snippet(t0) FROM t0 WHERE t0 MATCH
+ '(def AND (one NEAR abc)) OR one'
+} {<b>one</b>}
+
+set sqlite_fts3_enable_parentheses 0
+finish_test
--
2.24.1

View File

@ -0,0 +1,98 @@
Subject: [PATCH] Do not allow a virtual table to be renamed into the name of
one of its shadows.
---
src/alter.c | 5 ++++-
src/build.c | 29 +++++++++++++++++++++++------
src/sqliteInt.h | 5 +++++
3 files changed, 32 insertions(+), 7 deletions(-)
diff --git a/src/alter.c b/src/alter.c
index 1280e90..0fa24c0 100644
--- a/src/alter.c
+++ b/src/alter.c
@@ -117,7 +117,10 @@ void sqlite3AlterRenameTable(
/* Check that a table or index named 'zName' does not already exist
** in database iDb. If so, this is an error.
*/
- if( sqlite3FindTable(db, zName, zDb) || sqlite3FindIndex(db, zName, zDb) ){
+ if( sqlite3FindTable(db, zName, zDb)
+ || sqlite3FindIndex(db, zName, zDb)
+ || sqlite3IsShadowTableOf(db, pTab, zName)
+ ){
sqlite3ErrorMsg(pParse,
"there is already another table or index with this name: %s", zName);
goto exit_rename_table;
diff --git a/src/build.c b/src/build.c
index e0fed8a..afe4171 100644
--- a/src/build.c
+++ b/src/build.c
@@ -1899,6 +1899,28 @@ static void convertToWithoutRowidTable(Parse *pParse, Table *pTab){
recomputeColumnsNotIndexed(pPk);
}
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/*
+** Return true if pTab is a virtual table and zName is a shadow table name
+** for that virtual table.
+*/
+int sqlite3IsShadowTableOf(sqlite3 *db, Table *pTab, const char *zName){
+ int nName; /* Length of zName */
+ Module *pMod; /* Module for the virtual table */
+
+ if( !IsVirtual(pTab) ) return 0;
+ nName = sqlite3Strlen30(pTab->zName);
+ if( sqlite3_strnicmp(zName, pTab->zName, nName)!=0 ) return 0;
+ if( zName[nName]!='_' ) return 0;
+ pMod = (Module*)sqlite3HashFind(&db->aModule, pTab->azModuleArg[0]);
+ if( pMod==0 ) return 0;
+ if( pMod->pModule->iVersion<3 ) return 0;
+ if( pMod->pModule->xShadowName==0 ) return 0;
+ return pMod->pModule->xShadowName(zName+nName+1);
+}
+#endif /* ifndef SQLITE_OMIT_VIRTUALTABLE */
+
#ifndef SQLITE_OMIT_VIRTUALTABLE
/*
** Return true if zName is a shadow table name in the current database
@@ -1910,7 +1932,6 @@ static void convertToWithoutRowidTable(Parse *pParse, Table *pTab){
static int isShadowTableName(sqlite3 *db, char *zName){
char *zTail; /* Pointer to the last "_" in zName */
Table *pTab; /* Table that zName is a shadow of */
- Module *pMod; /* Module for the virtual table */
zTail = strrchr(zName, '_');
if( zTail==0 ) return 0;
@@ -1919,11 +1940,7 @@ static int isShadowTableName(sqlite3 *db, char *zName){
*zTail = '_';
if( pTab==0 ) return 0;
if( !IsVirtual(pTab) ) return 0;
- pMod = (Module*)sqlite3HashFind(&db->aModule, pTab->azModuleArg[0]);
- if( pMod==0 ) return 0;
- if( pMod->pModule->iVersion<3 ) return 0;
- if( pMod->pModule->xShadowName==0 ) return 0;
- return pMod->pModule->xShadowName(zTail+1);
+ return sqlite3IsShadowTableOf(db, pTab, zName);
}
#else
# define isShadowTableName(x,y) 0
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index b7d3571..76337f7 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -4407,6 +4407,11 @@ void sqlite3AutoLoadExtensions(sqlite3*);
);
# define sqlite3VtabInSync(db) ((db)->nVTrans>0 && (db)->aVTrans==0)
#endif
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+ int sqlite3IsShadowTableOf(sqlite3*,Table*,const char*);
+#else
+# define sqlite3IsShadowTableOf(A,B,C) 0
+#endif
int sqlite3VtabEponymousTableInit(Parse*,Module*);
void sqlite3VtabEponymousTableClear(sqlite3*,Module*);
void sqlite3VtabMakeWritable(Parse*,Table*);
--
2.24.1

View File

@ -0,0 +1,67 @@
Subject: [PATCH] Fix a null pointer deference that can occur on a strange
matchinfo() query.
---
ext/fts3/fts3_snippet.c | 2 +-
test/fts3matchinfo2.test | 35 +++++++++++++++++++++++++++++++++++
2 files changed, 36 insertions(+), 1 deletion(-)
create mode 100644 test/fts3matchinfo2.test
diff --git a/ext/fts3/fts3_snippet.c b/ext/fts3/fts3_snippet.c
index a0771c0..5778620 100644
--- a/ext/fts3/fts3_snippet.c
+++ b/ext/fts3/fts3_snippet.c
@@ -869,7 +869,7 @@ static void fts3ExprLHits(
iStart = pExpr->iPhrase * ((p->nCol + 31) / 32);
}
- while( 1 ){
+ if( pIter ) while( 1 ){
int nHit = fts3ColumnlistCount(&pIter);
if( (pPhrase->iColumn>=pTab->nColumn || pPhrase->iColumn==iCol) ){
if( p->flag==FTS3_MATCHINFO_LHITS ){
diff --git a/test/fts3matchinfo2.test b/test/fts3matchinfo2.test
new file mode 100644
index 0000000..d6b3ad0
--- /dev/null
+++ b/test/fts3matchinfo2.test
@@ -0,0 +1,35 @@
+# 2020-05-14
+#
+# The author disclaims copyright to this source code. In place of
+# a legal notice, here is a blessing:
+#
+# May you do good and not evil.
+# May you find forgiveness for yourself and forgive others.
+# May you share freely, never taking more than you give.
+#
+#***********************************************************************
+# This file implements regression tests for the FTS3 module. The focus
+# of this file is tables created with the "matchinfo=fts3" option.
+#
+
+set testdir [file dirname $argv0]
+source $testdir/tester.tcl
+
+# If SQLITE_ENABLE_FTS3 is not defined, omit this file.
+ifcapable !fts3 { finish_test ; return }
+
+set sqlite_fts3_enable_parentheses 1
+
+# Crash case found by cyg0810 at gmail.com 2020-05-14. Reported to
+# chromium (which is not vulnerable) who kindly referred it to us.
+#
+do_execsql_test 1.0 {
+ CREATE TABLE t_content(col0 INTEGER);
+ CREATE VIRTUAL TABLE t0 USING fts3(col0 INTEGER PRIMARY KEY,col1 VARCHAR(8),col2 BINARY,col3 BINARY);
+ INSERT INTO t0 VALUES (1, '1234','aaaa','bbbb');
+ SELECT hex(matchinfo(t0,'yxy')) FROM t0 WHERE t0 MATCH x'2b0a312b0a312a312a2a0b5d0a0b0b0a312a0a0b0b0a312a0b310a392a0b0a27312a2a0b5d0a312a0b310a31315d0b310a312a316d2a0b313b15bceaa50a312a0b0a27312a2a0b5d0a312a0b310a312b0b2a310a312a0b2a0b2a0b2e5d0a0bff313336e34a2a312a0b0a3c310b0a0b4b4b0b4b2a4bec40322b2a0b310a0a312a0a0a0a0a0a0a0a0a0b310a312a2a2a0b5d0a0b0b0a312a0b310a312a0b0a4e4541530b310a5df5ced70a0a0a0a0a4f520a0a0a0a0a0a0a312a0b0a4e4541520b310a5d616161610a0a0a0a4f520a0a0a0a0a0a312b0a312a312a0a0a0a0a0a0a004a0b0a310b220a0b0a310a4a22310a0b0a7e6fe0e0e030e0e0e0e0e01176e02000e0e0e0e0e01131320226310a0b0a310a4a22310a0b0a310a766f8b8b4ee0e0300ae0090909090909090909090909090909090909090909090909090909090909090947aaaa540b09090909090909090909090909090909090909090909090909090909090909fae0e0f2f22164e0e0f273e07fefefef7d6dfafafafa6d6d6d6d';
+} {/000000.*0000000/}
+
+
+set sqlite_fts3_enable_parentheses 0
+finish_test
\ No newline at end of file
--
2.24.1

View File

@ -0,0 +1,88 @@
Subject: [PATCH] Fix a defect in the query-flattener optimization
---
src/select.c | 8 ++++----
src/sqliteInt.h | 1 +
test/selectA.test | 22 ++++++++++++++++++++++
3 files changed, 27 insertions(+), 4 deletions(-)
diff --git a/src/select.c b/src/select.c
index 88a43df..a513d36 100644
--- a/src/select.c
+++ b/src/select.c
@@ -2686,9 +2686,7 @@ static int multiSelect(
selectOpName(p->op)));
rc = sqlite3Select(pParse, p, &uniondest);
testcase( rc!=SQLITE_OK );
- /* Query flattening in sqlite3Select() might refill p->pOrderBy.
- ** Be sure to delete p->pOrderBy, therefore, to avoid a memory leak. */
- sqlite3ExprListDelete(db, p->pOrderBy);
+ assert( p->pOrderBy==0 );
pDelete = p->pPrior;
p->pPrior = pPrior;
p->pOrderBy = 0;
@@ -4010,7 +4008,7 @@ static int flattenSubquery(
** We look at every expression in the outer query and every place we see
** "a" we substitute "x*3" and every place we see "b" we substitute "y+10".
*/
- if( pSub->pOrderBy ){
+ if( pSub->pOrderBy && (pParent->selFlags & SF_NoopOrderBy)==0 ){
/* At this point, any non-zero iOrderByCol values indicate that the
** ORDER BY column expression is identical to the iOrderByCol'th
** expression returned by SELECT statement pSub. Since these values
@@ -5633,6 +5631,8 @@ int sqlite3Select(
sqlite3ExprListDelete(db, p->pOrderBy);
p->pOrderBy = 0;
p->selFlags &= ~SF_Distinct;
+ p->selFlags |= SF_NoopOrderBy;
+
}
sqlite3SelectPrep(pParse, p, 0);
if( pParse->nErr || db->mallocFailed ){
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index 76337f7..60b2ebd 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -2874,6 +2874,7 @@ struct Select {
#define SF_Converted 0x10000 /* By convertCompoundSelectToSubquery() */
#define SF_IncludeHidden 0x20000 /* Include hidden columns in output */
#define SF_ComplexResult 0x40000 /* Result contains subquery or function */
+#define SF_NoopOrderBy 0x0400000 /* ORDER BY is ignored for this query */
/*
** The results of a SELECT can be distributed in several ways, as defined
diff --git a/test/selectA.test b/test/selectA.test
index 838e5f4..2626008 100644
--- a/test/selectA.test
+++ b/test/selectA.test
@@ -1446,5 +1446,27 @@ do_execsql_test 6.1 {
SELECT * FROM (SELECT a FROM t1 UNION SELECT b FROM t2) WHERE a=a;
} {12345}
+# 2020-06-15 ticket 8f157e8010b22af0
+#
+reset_db
+do_execsql_test 7.1 {
+ CREATE TABLE t1(c1); INSERT INTO t1 VALUES(12),(123),(1234),(NULL),('abc');
+ CREATE TABLE t2(c2); INSERT INTO t2 VALUES(44),(55),(123);
+ CREATE TABLE t3(c3,c4); INSERT INTO t3 VALUES(66,1),(123,2),(77,3);
+ CREATE VIEW t4 AS SELECT c3 FROM t3;
+ CREATE VIEW t5 AS SELECT c3 FROM t3 ORDER BY c4;
+}
+do_execsql_test 7.2 {
+ SELECT * FROM t1, t2 WHERE c1=(SELECT 123 INTERSECT SELECT c2 FROM t4) AND c1=123;
+} {123 123}
+do_execsql_test 7.3 {
+ SELECT * FROM t1, t2 WHERE c1=(SELECT 123 INTERSECT SELECT c2 FROM t5) AND c1=123;
+} {123 123}
+do_execsql_test 7.4 {
+ CREATE TABLE a(b);
+ CREATE VIEW c(d) AS SELECT b FROM a ORDER BY b;
+ SELECT sum(d) OVER( PARTITION BY(SELECT 0 FROM c JOIN a WHERE b =(SELECT b INTERSECT SELECT d FROM c) AND b = 123)) FROM c;
+} {}
+
finish_test
--
2.24.1

View File

@ -0,0 +1,27 @@
From 1668926bc3c7da0b2870a60382b179a0e3edb5de Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Thu, 26 Mar 2020 08:14:29 +0100
Subject: [PATCH] Do not allow the constant-propagation optimization to apple
to ON/USING clause terms as it does not help and it might cause downstream
problems.
---
src/select.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/select.c b/src/select.c
index bbd13a4..88a43df 100644
--- a/src/select.c
+++ b/src/select.c
@@ -4171,7 +4171,7 @@ static int propagateConstantExprRewrite(Walker *pWalker, Expr *pExpr){
int i;
WhereConst *pConst;
if( pExpr->op!=TK_COLUMN ) return WRC_Continue;
- if( ExprHasProperty(pExpr, EP_FixedCol) ) return WRC_Continue;
+ if( ExprHasProperty(pExpr, EP_FixedCol|EP_FromJoin) ) return WRC_Continue;
pConst = pWalker->u.pConst;
for(i=0; i<pConst->nConst; i++){
Expr *pColumn = pConst->apExpr[i*2];
--
2.24.1

View File

@ -0,0 +1,106 @@
From 2d788539b0018d34d3cabb328387ba6bec41ec42 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Thu, 26 Mar 2020 09:43:43 +0100
Subject: [PATCH] NULL pointer dereference and segmentation fault because of
generated column optimizations
Take care when checking the table of a TK_COLUMN expression node to
see if the table is a virtual table to first ensure that the
Expr.y.pTab pointer is not null due to generated column optimizations.
---
src/expr.c | 13 ++++++++++---
src/sqliteInt.h | 3 +++
src/whereexpr.c | 12 ++++++++----
3 files changed, 21 insertions(+), 7 deletions(-)
diff --git a/src/expr.c b/src/expr.c
index b081ca2..5f98f76 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -4901,18 +4901,25 @@ static int impliesNotNullRow(Walker *pWalker, Expr *pExpr){
case TK_LT:
case TK_LE:
case TK_GT:
- case TK_GE:
+ case TK_GE: {
+ Expr *pLeft = pExpr->pLeft;
+ Expr *pRight = pExpr->pRight;
testcase( pExpr->op==TK_EQ );
testcase( pExpr->op==TK_NE );
testcase( pExpr->op==TK_LT );
testcase( pExpr->op==TK_LE );
testcase( pExpr->op==TK_GT );
testcase( pExpr->op==TK_GE );
- if( (pExpr->pLeft->op==TK_COLUMN && IsVirtual(pExpr->pLeft->y.pTab))
- || (pExpr->pRight->op==TK_COLUMN && IsVirtual(pExpr->pRight->y.pTab))
+ /* The y.pTab=0 assignment in wherecode.c always happens after the
+ ** impliesNotNullRow() test */
+ if( (pLeft->op==TK_COLUMN && ALWAYS(pLeft->y.pTab!=0)
+ && IsVirtual(pLeft->y.pTab))
+ || (pRight->op==TK_COLUMN && ALWAYS(pRight->y.pTab!=0)
+ && IsVirtual(pRight->y.pTab))
){
return WRC_Prune;
}
+ }
default:
return WRC_Continue;
}
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index 051aa40..5f5f3cc 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -2014,8 +2014,11 @@ struct Table {
*/
#ifndef SQLITE_OMIT_VIRTUALTABLE
# define IsVirtual(X) ((X)->nModuleArg)
+# define ExprIsVtab(X) \
+ ((X)->op==TK_COLUMN && (X)->y.pTab!=0 && (X)->y.pTab->nModuleArg)
#else
# define IsVirtual(X) 0
+# define ExprIsVtab(X) 0
#endif
/*
diff --git a/src/whereexpr.c b/src/whereexpr.c
index dbb7f0d..9d2813a 100644
--- a/src/whereexpr.c
+++ b/src/whereexpr.c
@@ -382,7 +382,8 @@ static int isAuxiliaryVtabOperator(
** MATCH(expression,vtab_column)
*/
pCol = pList->a[1].pExpr;
- if( pCol->op==TK_COLUMN && IsVirtual(pCol->y.pTab) ){
+ testcase( pCol->op==TK_COLUMN && pCol->y.pTab==0 );
+ if( ExprIsVtab(pCol) ){
for(i=0; i<ArraySize(aOp); i++){
if( sqlite3StrICmp(pExpr->u.zToken, aOp[i].zOp)==0 ){
*peOp2 = aOp[i].eOp2;
@@ -404,7 +405,8 @@ static int isAuxiliaryVtabOperator(
** with function names in an arbitrary case.
*/
pCol = pList->a[0].pExpr;
- if( pCol->op==TK_COLUMN && IsVirtual(pCol->y.pTab) ){
+ testcase( pCol->op==TK_COLUMN && pCol->y.pTab==0 );
+ if( ExprIsVtab(pCol) ){
sqlite3_vtab *pVtab;
sqlite3_module *pMod;
void (*xNotUsed)(sqlite3_context*,int,sqlite3_value**);
@@ -427,10 +429,12 @@ static int isAuxiliaryVtabOperator(
int res = 0;
Expr *pLeft = pExpr->pLeft;
Expr *pRight = pExpr->pRight;
- if( pLeft->op==TK_COLUMN && IsVirtual(pLeft->y.pTab) ){
+ testcase( pLeft->op==TK_COLUMN && pLeft->y.pTab==0 );
+ if( ExprIsVtab(pLeft) ){
res++;
}
- if( pRight && pRight->op==TK_COLUMN && IsVirtual(pRight->y.pTab) ){
+ testcase( pRight && pRight->op==TK_COLUMN && pRight->y.pTab==0 );
+ if( pRight && ExprIsVtab(pRight) ){
res++;
SWAP(Expr*, pLeft, pRight);
}
--
2.24.1

View File

@ -0,0 +1,89 @@
From eca47c8481b0c2f09a7818ed2bce0ad27b1dae27 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Wed, 26 Jun 2019 12:25:10 +0200
Subject: [PATCH] Fixed out of bounds heap read in function rtreenode()
Enhance the rtreenode() function of rtree (used for
testing) so that it uses the newer sqlite3_str object
for better performance and improved error reporting.
Test cases added to TH3.
Resolves: #1723338
Version: 3.26.0-4
---
ext/rtree/rtree.c | 35 ++++++++++++++++-------------------
1 file changed, 16 insertions(+), 19 deletions(-)
diff --git a/ext/rtree/rtree.c b/ext/rtree/rtree.c
index 4b044cb..87d0de0 100644
--- a/ext/rtree/rtree.c
+++ b/ext/rtree/rtree.c
@@ -3711,49 +3711,46 @@ rtreeInit_fail:
** <num-dimension>*2 coordinates.
*/
static void rtreenode(sqlite3_context *ctx, int nArg, sqlite3_value **apArg){
- char *zText = 0;
RtreeNode node;
Rtree tree;
int ii;
+ int nData;
+ int errCode;
+ sqlite3_str *pOut;
UNUSED_PARAMETER(nArg);
memset(&node, 0, sizeof(RtreeNode));
memset(&tree, 0, sizeof(Rtree));
tree.nDim = (u8)sqlite3_value_int(apArg[0]);
+ if( tree.nDim<1 || tree.nDim>5 ) return;
tree.nDim2 = tree.nDim*2;
tree.nBytesPerCell = 8 + 8 * tree.nDim;
node.zData = (u8 *)sqlite3_value_blob(apArg[1]);
+ nData = sqlite3_value_bytes(apArg[1]);
+ if( nData<4 ) return;
+ if( nData<NCELL(&node)*tree.nBytesPerCell ) return;
+ pOut = sqlite3_str_new(0);
for(ii=0; ii<NCELL(&node); ii++){
- char zCell[512];
- int nCell = 0;
RtreeCell cell;
int jj;
nodeGetCell(&tree, &node, ii, &cell);
- sqlite3_snprintf(512-nCell,&zCell[nCell],"%lld", cell.iRowid);
- nCell = (int)strlen(zCell);
+ if( ii>0 ) sqlite3_str_append(pOut, " ", 1);
+ sqlite3_str_appendf(pOut, "{%lld", cell.iRowid);
for(jj=0; jj<tree.nDim2; jj++){
#ifndef SQLITE_RTREE_INT_ONLY
- sqlite3_snprintf(512-nCell,&zCell[nCell], " %g",
- (double)cell.aCoord[jj].f);
+ sqlite3_str_appendf(pOut, " %g", (double)cell.aCoord[jj].f);
#else
- sqlite3_snprintf(512-nCell,&zCell[nCell], " %d",
- cell.aCoord[jj].i);
+ sqlite3_str_appendf(pOut, " %d", cell.aCoord[jj].i);
#endif
- nCell = (int)strlen(zCell);
- }
-
- if( zText ){
- char *zTextNew = sqlite3_mprintf("%s {%s}", zText, zCell);
- sqlite3_free(zText);
- zText = zTextNew;
- }else{
- zText = sqlite3_mprintf("{%s}", zCell);
}
+ sqlite3_str_append(pOut, "}", 1);
}
- sqlite3_result_text(ctx, zText, -1, sqlite3_free);
+ errCode = sqlite3_str_errcode(pOut);
+ sqlite3_result_text(ctx, sqlite3_str_finish(pOut), -1, sqlite3_free);
+ sqlite3_result_error_code(ctx, errCode);
}
/* This routine implements an SQL function that returns the "depth" parameter
--
2.19.1

View File

@ -0,0 +1,71 @@
From 75525dbdf9b7ed003e343c42710e8b13f73a7607 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Thu, 23 Jan 2020 15:08:13 +0100
Subject: [PATCH] Fix buffer underflows in the zipfile extension associated
with zero-length or NULL filename in the ZIP archive. But report on the
mailing list by Yongheng and Rui.
---
ext/misc/zipfile.c | 14 +++++++++-----
test/zipfile.test | 13 +++++++++++++
2 files changed, 22 insertions(+), 5 deletions(-)
diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c
index e6141ef..7fd4074 100644
--- a/ext/misc/zipfile.c
+++ b/ext/misc/zipfile.c
@@ -1433,8 +1433,8 @@ static int zipfileGetMode(
** identical, ignoring any trailing '/' character in either path. */
static int zipfileComparePath(const char *zA, const char *zB, int nB){
int nA = (int)strlen(zA);
- if( zA[nA-1]=='/' ) nA--;
- if( zB[nB-1]=='/' ) nB--;
+ if( nA>0 && zA[nA-1]=='/' ) nA--;
+ if( nB>0 && zB[nB-1]=='/' ) nB--;
if( nA==nB && memcmp(zA, zB, nA)==0 ) return 0;
return 1;
}
@@ -1628,11 +1628,15 @@ static int zipfileUpdate(
** '/'. This appears to be required for compatibility with info-zip
** (the unzip command on unix). It does not create directories
** otherwise. */
- if( zPath[nPath-1]!='/' ){
+ if( nPath<=0 || zPath[nPath-1]!='/' ){
zFree = sqlite3_mprintf("%s/", zPath);
- if( zFree==0 ){ rc = SQLITE_NOMEM; }
zPath = (const char*)zFree;
- nPath = (int)strlen(zPath);
+ if( zFree==0 ){
+ rc = SQLITE_NOMEM;
+ nPath = 0;
+ }else{
+ nPath = (int)strlen(zPath);
+ }
}
}
diff --git a/test/zipfile.test b/test/zipfile.test
index e4b8088..9f07c0a 100644
--- a/test/zipfile.test
+++ b/test/zipfile.test
@@ -821,4 +821,17 @@ do_execsql_test 14.10 {
PRAGMA integrity_check;
} {3 ok}
+# 2019-12-26 More problems in zipfile from the Yongheng and Rui fuzzer
+#
+do_execsql_test 15.10 {
+ DROP TABLE IF EXISTS t1;
+ CREATE VIRTUAL TABLE t1 USING zipfile(null);
+ REPLACE INTO t1 VALUES(null,null,0,null,null,null,null);
+} {}
+do_execsql_test 15.20 {
+ DROP TABLE IF EXISTS t2;
+ CREATE VIRTUAL TABLE t2 USING zipfile(null);
+ REPLACE INTO t2 values(null,null,null,null,null,10,null);
+} {}
+
finish_test
--
2.19.1

View File

@ -0,0 +1,21 @@
diff -up sqlite-3.6.23/tool/lemon.c.system-template sqlite-3.6.23/tool/lemon.c
--- sqlite-3.6.23/tool/lemon.c.system-template 2010-03-10 16:40:35.000000000 +0200
+++ sqlite-3.6.23/tool/lemon.c 2010-03-10 16:40:39.000000000 +0200
@@ -3363,6 +3363,8 @@ PRIVATE FILE *tplt_open(struct lemon *le
tpltname = buf;
}else if( access(templatename,004)==0 ){
tpltname = templatename;
+ }else if( access("/usr/share/lemon/lempar.c", R_OK)==0){
+ tpltname = "/usr/share/lemon/lempar.c";
}else{
tpltname = pathsearch(lemp->argv0,templatename,0);
}
@@ -3374,7 +3376,7 @@ PRIVATE FILE *tplt_open(struct lemon *le
}
in = fopen(tpltname,"rb");
if( in==0 ){
- fprintf(stderr,"Can't open the template file \"%s\".\n",templatename);
+ fprintf(stderr,"Can't open the template file \"%s\".\n",tpltname);
lemp->errorcnt++;
return 0;
}

View File

@ -0,0 +1,37 @@
--- sqlite-src-3240000/test/oserror.test.old 2018-06-05 08:40:35.656122573 +0200
+++ sqlite-src-3240000/test/oserror.test 2018-06-05 08:40:45.614935197 +0200
@@ -51,20 +51,20 @@
# a call to getcwd() may fail if there are no free file descriptors. So
# an error may be reported for either open() or getcwd() here.
#
-if {![clang_sanitize_address]} {
- do_test 1.1.1 {
- set ::log [list]
- list [catch {
- for {set i 0} {$i < 20000} {incr i} { sqlite3 dbh_$i test.db -readonly 1 }
- } msg] $msg
- } {1 {unable to open database file}}
- do_test 1.1.2 {
- catch { for {set i 0} {$i < 20000} {incr i} { dbh_$i close } }
- } {1}
- do_re_test 1.1.3 {
- lindex $::log 0
- } {^os_unix.c:\d+: \(\d+\) (open|getcwd)\(.*test.db\) - }
-}
+#if {![clang_sanitize_address]} {
+# do_test 1.1.1 {
+# set ::log [list]
+# list [catch {
+# for {set i 0} {$i < 20000} {incr i} { sqlite3 dbh_$i test.db -readonly 1 }
+# } msg] $msg
+# } {1 {unable to open database file}}
+# do_test 1.1.2 {
+# catch { for {set i 0} {$i < 20000} {incr i} { dbh_$i close } }
+# } {1}
+# do_re_test 1.1.3 {
+# lindex $::log 0
+# } {^os_unix.c:\d+: \(\d+\) (open|getcwd)\(.*test.db\) - }
+#}
# Test a failure in open() due to the path being a directory.

View File

@ -0,0 +1,15 @@
# On i686 arch the removed test fails with result 2749999.50004681 instead of expected
# 2749999.5. This patch is temporary workaround and should be dropped as soon as a valid
# fix is found.
diff -up sqlite-src-3080002/test/percentile.test.broken sqlite-src-3080002/test/percentile.test
--- sqlite-src-3080002/test/percentile.test.broken 2013-09-16 13:19:53.406004041 +0200
+++ sqlite-src-3080002/test/percentile.test 2013-09-16 13:20:00.079024945 +0200
@@ -195,7 +195,6 @@ ifcapable vtab {
foreach {in out} {
0 0.0
100 9999990.0
- 50 2749999.5
10 99999.9
} {
do_test percentile-2.1.$in {

View File

@ -0,0 +1,137 @@
This patch disables a test which caused failed assertion in tcl 8.6.3.
According to sqlite upstream[1], this should be fixed in tcl 8.6.5.
[1] http://mailinglists.sqlite.org/cgi-bin/mailman/private/sqlite-users/2015-May/059518.html
diff -up sqlite-src-3130000/test/shell1.test.orig sqlite-src-3130000/test/shell1.test
--- sqlite-src-3140100/test/shell1.test.orig 2016-08-12 02:17:02.000000000 +0200
+++ sqlite-src-3140100/test/shell1.test 2016-08-15 15:00:59.869664051 +0200
@@ -855,67 +855,67 @@ do_test shell1-4.6 {
# Test using arbitrary byte data with the shell via standard input/output.
#
-do_test shell1-5.0 {
- #
- # NOTE: Skip NUL byte because it appears to be incompatible with command
- # shell argument parsing.
- #
- for {set i 1} {$i < 256} {incr i} {
- #
- # NOTE: Due to how the Tcl [exec] command works (i.e. where it treats
- # command channels opened for it as textual ones), the carriage
- # return character (and on Windows, the end-of-file character)
- # cannot be used here.
- #
- if {$i==0x0D || ($tcl_platform(platform)=="windows" && $i==0x1A)} {
- continue
- }
- if {$i>=0xE0 && $tcl_platform(os)=="OpenBSD"} continue
- if {$i>=0xE0 && $i<=0xEF && $tcl_platform(os)=="Linux"} continue
- set hex [format %02X $i]
- set char [subst \\x$hex]; set oldChar $char
- set escapes [list]
- if {$tcl_platform(platform)=="windows"} {
- #
- # NOTE: On Windows, we need to escape all the whitespace characters,
- # the alarm (\a) character, and those with special meaning to
- # the SQLite shell itself.
- #
- set escapes [list \
- \a \\a \b \\b \t \\t \n \\n \v \\v \f \\f \r \\r \
- " " "\" \"" \" \\\" ' \"'\" \\ \\\\]
- } else {
- #
- # NOTE: On Unix, we need to escape most of the whitespace characters
- # and those with special meaning to the SQLite shell itself.
- # The alarm (\a), backspace (\b), and carriage-return (\r)
- # characters do not appear to require escaping on Unix. For
- # the alarm and backspace characters, this is probably due to
- # differences in the command shell. For the carriage-return,
- # it is probably due to differences in how Tcl handles command
- # channel end-of-line translations.
- #
- set escapes [list \
- \t \\t \n \\n \v \\v \f \\f \
- " " "\" \"" \" \\\" ' \"'\" \\ \\\\]
- }
- set char [string map $escapes $char]
- set x [catchcmdex test.db ".print $char\n"]
- set code [lindex $x 0]
- set res [lindex $x 1]
- if {$code ne "0"} {
- error "failed with error: $res"
- }
- if {$res ne "$oldChar\n"} {
- if {[llength $res] > 0} {
- set got [format %02X [scan $res %c]]
- } else {
- set got <empty>
- }
- error "failed with byte $hex mismatch, got $got"
- }
- }
-} {}
+#do_test shell1-5.0 {
+# #
+# # NOTE: Skip NUL byte because it appears to be incompatible with command
+# # shell argument parsing.
+# #
+# for {set i 1} {$i < 256} {incr i} {
+# #
+# # NOTE: Due to how the Tcl [exec] command works (i.e. where it treats
+# # command channels opened for it as textual ones), the carriage
+# # return character (and on Windows, the end-of-file character)
+# # cannot be used here.
+# #
+# if {$i==0x0D || ($tcl_platform(platform)=="windows" && $i==0x1A)} {
+# continue
+# }
+# if {$i>=0xE0 && $tcl_platform(os)=="OpenBSD"} continue
+# if {$i>=0xE0 && $i<=0xEF && $tcl_platform(os)=="Linux"} continue
+# set hex [format %02X $i]
+# set char [subst \\x$hex]; set oldChar $char
+# set escapes [list]
+# if {$tcl_platform(platform)=="windows"} {
+# #
+# # NOTE: On Windows, we need to escape all the whitespace characters,
+# # the alarm (\a) character, and those with special meaning to
+# # the SQLite shell itself.
+# #
+# set escapes [list \
+# \a \\a \b \\b \t \\t \n \\n \v \\v \f \\f \r \\r \
+# " " "\" \"" \" \\\" ' \"'\" \\ \\\\]
+# } else {
+# #
+# # NOTE: On Unix, we need to escape most of the whitespace characters
+# # and those with special meaning to the SQLite shell itself.
+# # The alarm (\a), backspace (\b), and carriage-return (\r)
+# # characters do not appear to require escaping on Unix. For
+# # the alarm and backspace characters, this is probably due to
+# # differences in the command shell. For the carriage-return,
+# # it is probably due to differences in how Tcl handles command
+# # channel end-of-line translations.
+# #
+# set escapes [list \
+# \t \\t \n \\n \v \\v \f \\f \
+# " " "\" \"" \" \\\" ' \"'\" \\ \\\\]
+# }
+# set char [string map $escapes $char]
+# set x [catchcmdex test.db ".print $char\n"]
+# set code [lindex $x 0]
+# set res [lindex $x 1]
+# if {$code ne "0"} {
+# error "failed with error: $res"
+# }
+# if {$res ne "$oldChar\n"} {
+# if {[llength $res] > 0} {
+# set got [format %02X [scan $res %c]]
+# } else {
+# set got <empty>
+# }
+# error "failed with byte $hex mismatch, got $got"
+# }
+# }
+#} {}
# These test cases do not work on MinGW
if 0 {

960
sqlite.spec Normal file
View File

@ -0,0 +1,960 @@
# bcond default logic is nicely backwards...
%bcond_without tcl
%bcond_with static
%bcond_without check
%define realver 3260000
%define docver 3260000
%define rpmver 3.26.0
Summary: Library that implements an embeddable SQL database engine
Name: sqlite
Version: %{rpmver}
Release: 15%{?dist}
License: Public Domain
Group: Applications/Databases
URL: http://www.sqlite.org/
Source0: http://www.sqlite.org/2017/sqlite-src-%{realver}.zip
Source1: http://www.sqlite.org/2017/sqlite-doc-%{docver}.zip
Source2: http://www.sqlite.org/2017/sqlite-autoconf-%{realver}.tar.gz
# Support a system-wide lemon template
Patch1: sqlite-3.6.23-lemon-system-template.patch
# Shut up stupid tests depending on system settings of allowed open fd's
Patch2: sqlite-3.7.7.1-stupid-openfiles-test.patch
# sqlite >= 3.7.10 is buggy if malloc_usable_size() is detected, disable it:
# https://bugzilla.redhat.com/show_bug.cgi?id=801981
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665363
Patch3: sqlite-3.12.2-no-malloc-usable-size.patch
# Temporary workaround for failed percentile test, see patch for details
Patch4: sqlite-3.8.0-percentile-test.patch
# Disable test failing due to tcl regression. Details in patch file.
Patch6: sqlite-3.8.10.1-tcl-regress-tests.patch
# Disable test date-2.2c on i686
Patch7: sqlite-3.16-datetest-2.2c.patch
# Modify sync2.test to pass with DIRSYNC turned off
Patch8: sqlite-3.18.0-sync2-dirsync.patch
# Fix for CVE-2019-8457 (rhbz#1723338)
# https://www.sqlite.org/src/info/90acdbfce9c08858
Patch9: sqlite-3.26.0-out-of-bounds-read.patch
# Fix for CVE-2019-13752
Patch10: sqlite-3.26-CVE-2019-13752.patch
# Fix for CVE-2019-13753
Patch11: sqlite-3.26-CVE-2019-13753.patch
# Fix for CVE-2019-13734
Patch12: sqlite-3.26.0-CVE-2019-13734.patch
# Fix for CVE-2019-19924
Patch13: sqlite-3.26.0-CVE-2019-19924.patch
# Fix for CVE-2019-19923
Patch14: sqlite-3.26.0-CVE-2019-19923.patch
# Fix for CVE-2019-19925
Patch15: sqlite-3.26.0-CVE-2019-19925.patch
# Fix for CVE-2019-19959
Patch16: sqlite-3.26.0-CVE-2019-19959.patch
# Fix for issues found by covscan
Patch17: sqlite-3.26.0-zPath-covscan.patch
# Fix for CVE-2019-20218
Patch18: sqlite-3.26.0-CVE-2019-20218.patch
# Fix for CVE-2020-6405
Patch19: sqlite-3.26.0-CVE-2020-6405.patch
# Fix for CVE-2020-9327
Patch20: sqlite-3.26.0-CVE-2020-9327.patch
# Fix for CVE-2019-16168
Patch21: sqlite-3.26.0-CVE-2019-16168.patch
# Fix for CVE-2019-5018
Patch22: sqlite-3.26.0-CVE-2019-5018.patch
# Fix for CVE-2020-13632
Patch23: sqlite-3.26.0-CVE-2020-13632.patch
# Fix for CVE-2020-13631
Patch24: sqlite-3.26.0-CVE-2020-13631.patch
# Fix for CVE-2020-13630
Patch25: sqlite-3.26.0-CVE-2020-13630.patch
# Fix for CVE-2020-13434
# upstream commit: https://www.sqlite.org/src/info/d08d3405878d394e
Patch26: sqlite-3.26.0-CVE-2020-13434.patch
# Fix for CVE-2020-15358
# upstream commit: https://www.sqlite.org/src/info/10fa79d00f8091e5
Patch27: sqlite-3.26.0-CVE-2020-15358.patch
# Fix for CVE-2019-5827
# https://www.sqlite.org/src/info/0b6ae032c28e7fe3
# https://www.sqlite.org/src/info/07ee06fd390bfebe
Patch28: sqlite-3.26.0-CVE-2019-5827.patch
# Fix for CVE-2019-13750
# https://github.com/sqlite/sqlite/commit/397a78d4a1864111f488a51d296810e7ef037893
# https://www.sqlite.org/src/info/70390bbca49e7066
Patch29: sqlite-3.26.0-CVE-2019-13750.patch
# Fix for CVE-2019-13751
# https://github.com/sqlite/sqlite/commit/70d1a1a3ed64d7bd82fd90268e4c9cf208ca1be0
Patch30: sqlite-3.26.0-CVE-2019-13751.patch
# Fix for CVE-2019-19603
# https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13
Patch31: sqlite-3.26.0-CVE-2019-19603.patch
# Fix for CVE-2020-13435
# https://www.sqlite.org/src/info/ad7bb70af9bb68d1
Patch34: sqlite-3.26.0-CVE-2020-13435.patch
BuildRequires: ncurses-devel readline-devel glibc-devel
BuildRequires: autoconf
%if %{with tcl}
BuildRequires: /usr/bin/tclsh
BuildRequires: tcl-devel
%{!?tcl_version: %global tcl_version 8.6}
%{!?tcl_sitearch: %global tcl_sitearch %{_libdir}/tcl%{tcl_version}}
%endif
Requires: %{name}-libs = %{version}-%{release}
# Ensure updates from pre-split work on multi-lib systems
Obsoletes: %{name} < 3.11.0-1
Conflicts: %{name} < 3.11.0-1
%description
SQLite is a C library that implements an SQL database engine. A large
subset of SQL92 is supported. A complete database is stored in a
single disk file. The API is designed for convenience and ease of use.
Applications that link against SQLite can enjoy the power and
flexibility of an SQL database without the administrative hassles of
supporting a separate database server. Version 2 and version 3 binaries
are named to permit each to be installed on a single host
%package devel
Summary: Development tools for the sqlite3 embeddable SQL database engine
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: %{name}-libs = %{version}-%{release}
Requires: pkgconfig
%description devel
This package contains the header files and development documentation
for %{name}. If you like to develop programs using %{name}, you will need
to install %{name}-devel.
%package libs
Summary: Shared library for the sqlite3 embeddable SQL database engine.
Group: Development/Libraries
# Ensure updates from pre-split work on multi-lib systems
Obsoletes: %{name} < 3.11.0-1
Conflicts: %{name} < 3.11.0-1
%description libs
This package contains the shared library for %{name}.
%package doc
Summary: Documentation for sqlite
Group: Documentation
BuildArch: noarch
%description doc
This package contains most of the static HTML files that comprise the
www.sqlite.org website, including all of the SQL Syntax and the
C/C++ interface specs and other miscellaneous documentation.
%package -n lemon
Summary: A parser generator
Group: Development/Tools
%description -n lemon
Lemon is an LALR(1) parser generator for C or C++. It does the same
job as bison and yacc. But lemon is not another bison or yacc
clone. It uses a different grammar syntax which is designed to reduce
the number of coding errors. Lemon also uses a more sophisticated
parsing engine that is faster than yacc and bison and which is both
reentrant and thread-safe. Furthermore, Lemon implements features
that can be used to eliminate resource leaks, making is suitable for
use in long-running programs such as graphical user interfaces or
embedded controllers.
%if %{with tcl}
%package tcl
Summary: Tcl module for the sqlite3 embeddable SQL database engine
Group: Development/Languages
Requires: %{name} = %{version}-%{release}
Requires: %{name}-libs = %{version}-%{release}
Requires: tcl(abi) = %{tcl_version}
%description tcl
This package contains the tcl modules for %{name}.
%package analyzer
Summary: An analysis program for sqlite3 database files
Group: Development/Tools
Requires: %{name} = %{version}-%{release}
Requires: tcl(abi) = %{tcl_version}
%description analyzer
This package contains the analysis program for %{name}.
%endif
%prep
%setup -q -a1 -n %{name}-src-%{realver}
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch6 -p1
%ifarch %{ix86}
%patch7 -p1
%endif
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch29 -p1
%patch30 -p1
%patch31 -p1
%patch34 -p1
# Remove backup-file
rm -f %{name}-doc-%{docver}/sqlite.css~ || :
autoconf # Rerun with new autoconf to add support for aarm64
%build
export CFLAGS="$RPM_OPT_FLAGS $RPM_LD_FLAGS -DSQLITE_ENABLE_COLUMN_METADATA=1 \
-DSQLITE_DISABLE_DIRSYNC=1 -DSQLITE_ENABLE_FTS3=3 \
-DSQLITE_ENABLE_RTREE=1 -DSQLITE_SECURE_DELETE=1 \
-DSQLITE_ENABLE_UNLOCK_NOTIFY=1 -DSQLITE_ENABLE_DBSTAT_VTAB=1 \
-DSQLITE_ENABLE_FTS3_PARENTHESIS=1 -DSQLITE_ENABLE_JSON1=1 \
-Wall -fno-strict-aliasing"
%configure %{!?with_tcl:--disable-tcl} \
--enable-fts5 \
--enable-threadsafe \
--enable-threads-override-locks \
--enable-load-extension \
%{?with_tcl:TCLLIBDIR=%{tcl_sitearch}/sqlite3}
# rpath removal
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
make %{?_smp_mflags}
# Build sqlite3_analyzer
# depends on tcl
%if %{with tcl}
make %{?_smp_mflags} sqlite3_analyzer
%endif
%install
make DESTDIR=${RPM_BUILD_ROOT} install
install -D -m0644 sqlite3.1 $RPM_BUILD_ROOT/%{_mandir}/man1/sqlite3.1
install -D -m0755 lemon $RPM_BUILD_ROOT/%{_bindir}/lemon
install -D -m0644 tool/lempar.c $RPM_BUILD_ROOT/%{_datadir}/lemon/lempar.c
%if %{with tcl}
# fix up permissions to enable dep extraction
chmod 0755 ${RPM_BUILD_ROOT}/%{tcl_sitearch}/sqlite3/*.so
# Install sqlite3_analyzer
install -D -m0755 sqlite3_analyzer $RPM_BUILD_ROOT/%{_bindir}/sqlite3_analyzer
%endif
%if ! %{with static}
rm -f $RPM_BUILD_ROOT/%{_libdir}/*.{la,a}
%endif
%if %{with check}
%check
# XXX shell tests are broken due to loading system libsqlite3, work around...
export LD_LIBRARY_PATH=`pwd`/.libs
export MALLOC_CHECK_=3
# csv01 hangs on all non-intel archs i've tried
%ifarch x86_64 %{ix86}
%else
rm test/csv01.test
%endif
make test
%endif # with check
%ldconfig_scriptlets libs
%files
%{_bindir}/sqlite3
%{_mandir}/man?/*
%files libs
%doc README.md
%{_libdir}/*.so.*
%files devel
%{_includedir}/*.h
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%if %{with static}
%{_libdir}/*.a
%exclude %{_libdir}/*.la
%endif
%files doc
%doc %{name}-doc-%{docver}/*
%files -n lemon
%{_bindir}/lemon
%{_datadir}/lemon
%if %{with tcl}
%files tcl
%{tcl_sitearch}/sqlite3
%files analyzer
%{_bindir}/sqlite3_analyzer
%endif
%changelog
* Tue May 18 2021 Petr Kubat <pkubat@redhat.com> - 3.26.0-15
- Removing fix for CVE-2019-19645 (unaffected)
- Removing fix for CVE-2019-19880 (unaffected)
* Thu Apr 15 2021 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-14
- Fixed CVE-2019-5827 (#1710184)
- Fixed CVE-2019-13750 (#1786510)
- Fixed CVE-2019-13751 (#1786522)
- Fixed CVE-2019-19603 (#1792013)
- Fixed CVE-2020-13435 (#1841233)
* Tue Dec 01 2020 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-13
- enabled fts3conf.test on s390x and ppc64 architectures
* Mon Aug 17 2020 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-12
- Fixed CVE-2020-13434 (#1845843)
- Fixed CVE-2020-15358 (#1855208)
* Fri Aug 07 2020 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-11
- Fixed bug in CVE-2019-20218 (#1791592)
* Wed Jun 10 2020 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-10
- Fixed CVE-2020-13632 (#1845572)
- Fixed CVE-2020-13631 (#1845474)
- Fixed CVE-2020-13630 (#1845153)
* Tue Jun 02 2020 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-9
- Fixed CVE-2019-5018 (#1721509)
* Thu Apr 23 2020 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-8
- Fixed CVE-2019-16168 (#1826897)
* Tue Mar 24 2020 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-7
- Fixed CVE-2019-20218 (#1791592)
- Fixed CVE-2020-6405 (#1804823)
- Fixed CVE-2020-0327 (#1816572)
* Thu Jan 23 2020 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-6
- Fixed issues found by covscan
* Thu Jan 02 2020 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-5
- Fixed CVE-2019-13752 (#1786529)
- Fixed CVE-2019-13753 (#1786535)
- Fixed CVE-2019-13734 (#1786509)
- Fixed CVE-2019-19924 (#1789776)
- Fixed CVE-2019-19923 (#1789812)
- Fixed CVE-2019-19925 (#1789808)
- Fixed CVE-2019-19959 (#1789823)
* Wed Jun 26 2019 Ondrej Dubaj <odubaj@redhat.com> - 3.26.0-4
- Fixed CVE-2019-8457 (#1723338)
* Thu Jan 03 2019 Petr Kubat <pkubat@redhat.com> - 3.26.0-3
- Rebuild to pick up latest test sources by the CI
* Thu Jan 03 2019 Petr Kubat <pkubat@redhat.com> - 3.26.0-2
- Add explicit sqlite-libs requires to tcl and devel subpackages
* Mon Dec 17 2018 Petr Kubat <pkubat@redhat.com> - 3.26.0-1
- Updated to version 3.26.0 (https://sqlite.org/releaselog/3_26_0.html)
Fixes fts3/4 corrupt database exploit (#1659684)
* Tue Jun 05 2018 Petr Kubat <pkubat@redhat.com> - 3.24.0-1
- Updated to version 3.24.0 (https://sqlite.org/releaselog/3_24_0.html)
* Wed Apr 11 2018 Petr Kubat <pkubat@redhat.com> - 3.23.1-1
- Updated to version 3.23.1 (https://sqlite.org/releaselog/3_23_1.html)
* Tue Apr 03 2018 Petr Kubat <pkubat@redhat.com> - 3.23.0-1
- Updated to version 3.23.0 (https://sqlite.org/releaselog/3_23_0.html)
* Wed Mar 21 2018 Petr Kubat <pkubat@redhat.com> - 3.22.0-4
- Fixed CVE-2018-8740 (#1558809)
* Fri Feb 9 2018 Florian Weimer <fweimer@redhat.com> - 3.22.0-3
- Use LDFLAGS from redhat-rpm-config for building lemon, too
* Mon Feb 05 2018 Petr Kubat <pkubat@redhat.com> - 3.22.0-2
- Fixed issue with some walro2 tests failing on ppc64
* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 3.22.0-2
- Switch to %%ldconfig_scriptlets
* Thu Jan 25 2018 Petr Kubat <pkubat@redhat.com> - 3.22.0-1
- Fixed issue with some e_expr tests failing i686
- Fixed issue with a fts3rank test failing on big-endian systems
* Tue Jan 23 2018 Petr Kubat <pkubat@redhat.com> - 3.22.0-1
- Updated to version 3.22.0 (https://sqlite.org/releaselog/3_22_0.html)
* Wed Nov 01 2017 Petr Kubat <pkubat@redhat.com> - 3.21.0-1
- Updated to version 3.21.0 (https://sqlite.org/releaselog/3_21_0.html)
* Mon Aug 28 2017 Petr Kubat <pkubat@redhat.com> - 3.20.1-1
- Updated to version 3.20.1 (https://sqlite.org/releaselog/3_20_1.html)
* Tue Aug 22 2017 Kalev Lember <klember@redhat.com> - 3.20.0-2
- Build with --enable-fts5
* Wed Aug 02 2017 Petr Kubat <pkubat@redhat.com> - 3.20.0-1
- Updated to version 3.20.0 (https://sqlite.org/releaselog/3_20_0.html)
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.19.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Wed Jul 12 2017 Petr Kubat <pkubat@redhat.com> - 3.19.3-1
- Updated to version 3.19.3 (https://sqlite.org/releaselog/3_19_3.html)
- Better detection of CVE-2017-10989 (#1469673)
* Thu May 25 2017 Petr Kubat <pkubat@redhat.com> - 3.19.1-1
- Updated to version 3.19.1 (https://sqlite.org/releaselog/3_19_1.html)
* Mon Apr 03 2017 Petr Kubat <pkubat@redhat.com> - 3.18.0-1
- Updated to version 3.18.0 (https://sqlite.org/releaselog/3_18_0.html)
- Modify sync2.test to pass with DIRSYNC turned off
* Thu Mar 02 2017 Petr Kubat <pkubat@redhat.com> - 3.17.0-2
- Rebuild using newest gcc (#1428286)
* Tue Feb 21 2017 Petr Kubat <pkubat@redhat.com> - 3.17.0-1
- Updated to version 3.17.0 (https://sqlite.org/releaselog/3_17_0.html)
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.16.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Thu Jan 12 2017 Igor Gnatenko <ignatenko@redhat.com> - 3.16.2-2
- Rebuild for readline 7.x
* Sat Jan 7 2017 Jakub Dorňák <jakub.dornak@misli.cz> - 3.16.2-1
- Updated to version 3.16.2 (https://sqlite.org/releaselog/3_16_2.html)
* Wed Jan 4 2017 Jakub Dorňák <jakub.dornak@misli.cz> - 3.16.1-1
- Updated to version 3.16.1 (https://sqlite.org/releaselog/3_16_1.html)
* Tue Jan 3 2017 Jakub Dorňák <jakub.dornak@misli.cz> - 3.16.0-1
- Updated to version 3.16.0 (https://sqlite.org/releaselog/3_16_0.html)
* Wed Sep 21 2016 Jakub Dorňák <jdornak@redhat.com> - 3.14.2-1
- Updated to version 3.14.2 (https://sqlite.org/releaselog/3_14_2.html)
* Mon Aug 15 2016 Jakub Dorňák <jdornak@redhat.com> - 3.14.1-1
- Updated to version 3.14.1 (https://sqlite.org/releaselog/3_14_1.html)
* Tue May 24 2016 Jakub Dorňák <jdornak@redhat.com> - 3.13.0-1
- Updated to version 3.13.0 (https://sqlite.org/releaselog/3_13_0.html)
* Mon Apr 25 2016 Jakub Dorňák <jdornak@redhat.com> - 3.12.2-1
- Updated to version 3.12.2 (https://sqlite.org/releaselog/3_12_2.html)
* Wed Mar 02 2016 Jan Stanek <jstanek@redhat.com> - 3.11.0-3
- Release bump for #1312506
* Tue Feb 23 2016 Nils Philippsen <nils@redhat.com> - 3.11.0-2
- add obsoletes/conflicts to make updates on multi-lib systems work (#1310441)
- make -devel package depend on arch-specific -libs (not main) package
* Wed Feb 17 2016 Jan Stanek <jstanek@redhat.com> - 3.11.0-1
- Updated to version 3.11.0 (https://sqlite.org/releaselog/3_11_0.html)
* Mon Feb 08 2016 Jan Stanek <jstanek@redhat.com> - 3.10.2-3
- Split the shared libraries to standalone subpackage
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.10.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Jan 22 2016 Jan Stanek <jstanek@redhat.com> - 3.10.2-1
- Updated to version 3.10.2 (http://sqlite.org/releaselog/3_10_2.html)
- Enabled JSON1 Extension (rhbz#1277387)
- Made test failure nonfatal on MIPS (rhbz#1294888)
* Wed Jan 13 2016 Jan Stanek <jstanek@redhat.com> - 3.10.0-1
- Updated to version 3.10.0 (http://sqlite.org/releaselog/3_10_0.html)
* Mon Dec 21 2015 Jan Stanek <jstanek@redhat.com> - 3.9.2-1
- Updated to version 3.9.2 (http://sqlite.org/releaselog/3_9_2.html)
* Thu Dec 10 2015 Jan Stanek <jstanek@redhat.com> - 3.9.0-2
- Add autoconf amalgamation for stage2 builds.
* Thu Oct 15 2015 Jan Stanek <jstanek@redhat.com> - 3.9.0-1
- Updated to version 3.9.0 (https://sqlite.org/releaselog/3_9_0.html)
* Tue Sep 22 2015 Jan Stanek <jstanek@redhat.com> - 3.8.11.1-1
- Updated to version 3.8.11.1
* Tue Jul 28 2015 Jan Stanek <jstanek@redhat.com> - 3.8.11-1
- Updated to version 3.8.11 (https://sqlite.org/releaselog/3_8_11.html)
* Fri Jun 19 2015 Jan Stanek <jstanek@redhat.com> - 3.8.10.2-3
- Enabled SQLITE_ENABLE_FTS3_PARENTHESIS extension (rhbz#1232301)
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.8.10.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Fri May 29 2015 Jan Stanek <jstanek@redhat.com> - 3.8.10.2-1
- Updated to version 3.8.10.2 (https://sqlite.org/releaselog/3_8_10_2.html)
* Mon May 18 2015 Jan Stanek <jstanek@redhat.com> - 3.8.10.1-1
- Updated to version 3.8.10.1 (https://www.sqlite.org/releaselog/3_8_10_1.html)
* Tue Apr 14 2015 Jan Stanek <jstanek@redhat.com> - 3.8.9-1
- Updated to version 3.8.9 (https://www.sqlite.org/releaselog/3_8_9.html)
* Thu Feb 26 2015 Jan Stanek <jstanek@redhat.com> - 3.8.8.3-1
- Updated to version 3.8.8.3 (https://sqlite.org/releaselog/3_8_8_3.html)
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.8.8-3
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Tue Feb 03 2015 Jan Stanek <jstanek@redhat.com> - 3.8.8-2
- Fixed out-of-date source URLs (rhbz#1188092)
* Tue Jan 20 2015 Jan Stanek <jstanek@redhat.com> - 3.8.8-1
- Updated to version 3.8.8 (https://sqlite.org/releaselog/3_8_8.html)
- Recreated patches to work on current version.
* Fri Dec 12 2014 Jan Stanek <jstanek@redhat.com> - 3.8.7.4-1
- Updated to version 3.8.7.4 (http://www.sqlite.org/releaselog/3_8_7_4.html)
* Tue Nov 25 2014 Jan Stanek <jstanek@redhat.com> - 3.8.7.2-1
- Updated to version 3.8.7.2 (http://sqlite.org/releaselog/3_8_7_2.html)
* Tue Oct 21 2014 Jan Stanek <jstanek@redhat.com> - 3.8.7-1
- Updated to version 3.8.7 (http://sqlite.org/releaselog/3_8_7.html)
- Dropped patch for problem fixed upstream
* Tue Aug 19 2014 Jan Stanek <jstanek@redhat.com> - 3.8.6-2
- Added auto-selection of Tcl version based on Fedora version
* Tue Aug 19 2014 Jan Stanek <jstanek@redhat.com> - 3.8.6-1
- Updated to version 3.8.6 (http://www.sqlite.org/releaselog/3_8_6.html)
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.8.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Jun 11 2014 Peter Robinson <pbrobinson@fedoraproject.org> 3.8.5-2
- Re-enable tests on aarch64 now they pass again
* Tue Jun 10 2014 Jan Stanek <jstanek@redhat.com> - 3.8.5-1
- Update to version 3.8.5 (http://www.sqlite.org/releaselog/3_8_5.html)
- Dropped patch already included upstream
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.8.4.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Jun 5 2014 Peter Robinson <pbrobinson@fedoraproject.org> 3.8.4.3-4
- Don't make tests fail the build on aarch64 like some of the other arches
* Wed May 28 2014 Jan Stanek <jstanek@redhat.com> - 3.8.4.3-3
- Rebuilt for https://fedoraproject.org/wiki/Changes/f21tcl86 with correct tcl_version
* Wed May 21 2014 Jaroslav Škarvada <jskarvad@redhat.com> - 3.8.4.3-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/f21tcl86
* Tue Apr 29 2014 Jan Stanek <jstanek@redhat.com> - 3.8.4.3-1
- Update to version 3.8.4.3 (http://www.sqlite.org/releaselog/3_8_4_3.html)
- Changed patch for rhbz#1075889 to upstream version
Related: #1075889
* Fri Apr 25 2014 Honza Horak <hhorak@redhat.com> - 3.8.4.2-3
- Revert part of the upstream commit dca1945aeb3fb005, since it causes
nautilus to crash
Related: #1075889
* Wed Apr 02 2014 Jan Stanek <jstanek@redhat.com> 3.8.4.2-2
- Added building and shipping of sqlite3_analyzer (#1007159)
* Fri Mar 28 2014 Jan Stanek <jstanek@redhat.com> 3.8.4.2-1
- Update to 3.8.4 (http://www.sqlite.org/releaselog/3_8_4_2.html)
* Tue Mar 11 2014 Jan Stanek <jstanek@redhat.com> 3.8.4-1
- Update to 3.8.4 (http://www.sqlite.org/releaselog/3_8_4.html)
* Sun Feb 23 2014 Peter Robinson <pbrobinson@fedoraproject.org> 3.8.3-2
- Re-enable check on ARM/aarch64 as failing test fixed upstream for non x86 arches
- Modernise spec
* Tue Feb 11 2014 Jan Stanek <jstanek@redhat.com> 3.8.3-1
- Update to 3.8.3 (http://www.sqlite.org/releaselog/3_8_3.html)
- Dropped man-page patch - included upstream
* Mon Jan 6 2014 Peter Robinson <pbrobinson@fedoraproject.org> 3.8.2-2
- Add aarch64 to all the other arch excludes for tests
* Tue Dec 10 2013 Jan Stanek <jstanek@redhat.com> - 3.8.2-1
- Update to 3.8.2 (http://www.sqlite.org/releaselog/3_8_2.html)
* Tue Nov 26 2013 Debarshi Ray <rishi@fedoraproject.org> - 3.8.1-2
- Do not use transitive WHERE-clause constraints on LEFT JOINs (#1034714)
* Tue Oct 22 2013 Jan Stanek <jstanek@redhat.com> - 3.8.1-1
- Update to 3.8.1 (http://www.sqlite.org/releaselog/3_8_1.html)
* Thu Sep 26 2013 Jan Stanek <jstanek@redhat.com> - 3.8.0.2-4
- Removed fullversioned provides and start using full version for rpm version
* Mon Sep 23 2013 Jan Stanek <jstanek@redhat.com> - 3.8.0-3
- Added fullversioned Provides to fix broken dependency
* Mon Sep 16 2013 Jan Stanek <jstanek@redhat.com> - 3.8.0-2
- Dropped problematic percentile-2.1.50 test
* Thu Sep 05 2013 Jan Stanek <jstanek@redhat.com> - 3.8.0-1
- Update to 3.8.0.2 (http://sqlite.org/releaselog/3_8_0_2.html)
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.7.17-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed May 22 2013 Jan Stanek <jstanek@redhat.com> - 3.7.17-1
- Update to 3.7.17 (http://www.sqlite.org/releaselog/3_7_17.html)
* Thu May 16 2013 Jan Stanek <jstanek@redhat.com> - 3.7.16.2-2
- Added missing options to man page (#948862)
* Mon Apr 29 2013 Jan Stanek <jstanek@redhat.com> - 3.7.16.2-1
- update to 3.7.16.2 (http://www.sqlite.org/releaselog/3_7_16_2.html)
- add support for aarch64 (rerunning autoconf) (#926568)
* Sun Mar 31 2013 Panu Matilainen <pmatilai@redhat.com> - 3.7.16.1-1
- update to 3.7.16.1 (https://www.sqlite.org/releaselog/3_7_16_1.html)
* Wed Mar 20 2013 Panu Matilainen <pmatilai@redhat.com> - 3.7.16-1
- update to 3.7.16 (http://www.sqlite.org/releaselog/3_7_16.html)
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.7.15.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Thu Jan 10 2013 Panu Matilainen <pmatilai@redhat.com> - 3.7.15.2-1
- update to 3.7.15.2 (http://www.sqlite.org/releaselog/3_7_15_2.html)
* Thu Dec 13 2012 Panu Matilainen <pmatilai@redhat.com> - 3.7.15-1
- update to 3.7.15 (http://www.sqlite.org/releaselog/3_7_15.html)
- fix an old incorrect date in spec changelog
* Tue Nov 06 2012 Panu Matilainen <pmatilai@redhat.com> - 3.7.14.1-1
- update to 3.7.14.1 (http://www.sqlite.org/releaselog/3_7_14_1.html)
* Wed Oct 03 2012 Panu Matilainen <pmatilai@redhat.com> - 3.7.14-1
- update to 3.7.14 (http://www.sqlite.org/releaselog/3_7_14.html)
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.7.13-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jun 25 2012 Panu Matilainen <pmatilai@redhat.com> - 3.7.13-1
- update to 3.7.13 (http://www.sqlite.org/releaselog/3_7_13.html)
- drop no longer needed savepoint relase patch
* Fri Jun 01 2012 Panu Matilainen <pmatilai@redhat.com> - 3.7.11-3
- don't abort pending queries on release of nested savepoint (#821642)
* Wed Apr 25 2012 Panu Matilainen <pmatilai@redhat.com> - 3.7.11-2
- run test-suite with MALLOC_CHECK_=3
- disable buggy malloc_usable_size code (#801981)
* Mon Mar 26 2012 Panu Matilainen <pmatilai@redhat.com> - 3.7.11-1
- update to 3.7.11 (http://www.sqlite.org/releaselog/3_7_11.html)
* Wed Mar 07 2012 Panu Matilainen <pmatilai@redhat.com> - 3.7.10-1
- update to 3.7.10 (http://www.sqlite.org/releaselog/3_7_10.html)
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.7.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Nov 22 2011 Panu Matilainen <pmatilai@redhat.com> - 3.7.9-1
- update to 3.7.9 (http://www.sqlite.org/releaselog/3_7_9.html)
* Fri Oct 28 2011 Panu Matilainen <pmatilai@redhat.com> - 3.7.8-1
- update to 3.7.8 (http://www.sqlite.org/releaselog/3_7_8.html)
* Wed Jul 13 2011 Panu Matilainen <pmatilai@redhat.com> - 3.7.7.1-1
- update to 3.7.7.1 (http://www.sqlite.org/releaselog/3_7_7_1.html)
- autoconf no longer needed for build, libdl check finally upstreamed
* Wed May 25 2011 Panu Matilainen <pmatilai@redhat.com> - 3.7.6.3-1
- update to 3.7.6.3 (http://www.sqlite.org/releaselog/3_7_6_3.html)
* Sat May 21 2011 Peter Robinson <pbrobinson@gmail.com> - 3.7.6.2-3
- add arm to the exclude from tests list
* Fri Apr 29 2011 Panu Matilainen <pmatilai@redhat.com> - 3.7.6.2-2
- comment out stupid tests causing very bogus build failure on koji
* Thu Apr 21 2011 Panu Matilainen <pmatilai@redhat.com> - 3.7.6.2-1
- update to 3.7.6.2 (http://www.sqlite.org/releaselog/3_7_6_2.html)
* Fri Feb 25 2011 Dennis Gilmore <dennis@ausil.us> - 3.7.5-4
- build tests on sparc expecting failures same as the other big endian arches
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.7.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Feb 2 2011 Panu Matilainen <pmatilai@redhat.com> - 3.7.5-2
- unwanted cgi-script in docs creating broken dependencies, remove it
- make doc sub-package noarch
* Tue Feb 1 2011 Panu Matilainen <pmatilai@redhat.com> - 3.7.5-1
- update to 3.7.5 (http://www.sqlite.org/releaselog/3_7_5.html)
* Thu Dec 9 2010 Panu Matilainen <pmatilai@redhat.com> - 3.7.4-1
- update to 3.7.4 (http://www.sqlite.org/releaselog/3_7_4.html)
- deal with upstream source naming, versioning and format changing
- fixup wal2-test expections wrt SQLITE_DISABLE_DIRSYNC use
* Fri Nov 5 2010 Dan Horák <dan[at]danny.cz> - 3.7.3-2
- expect test failures also on s390x
* Mon Nov 1 2010 Panu Matilainen <pmatilai@redhat.com> - 3.7.3-1
- update to 3.7.3 (http://www.sqlite.org/releaselog/3_7_3.html)
* Thu Sep 2 2010 Tom "spot" Callaway <tcallawa@redhat.com> - 3.7.0.1-2
- enable SQLITE_SECURE_DELETE, SQLITE_ENABLE_UNLOCK_NOTIFY for firefox 4
* Fri Aug 13 2010 Panu Matilainen <pmatilai@redhat.com> - 3.7.0.1-1
- update to 3.7.0.1 (http://www.sqlite.org/releaselog/3_7_0_1.html)
* Sat Jul 3 2010 Dan Horák <dan[at]danny.cz> - 3.6.23.1-2
- some tests are failing on s390 and ppc/ppc64 so don't fail the whole build there
* Mon Apr 19 2010 Panu Matilainen <pmatilai@redhat.com> - 3.6.23.1-1
- update to 3.6.23.1 (http://www.sqlite.org/releaselog/3_6_23_1.html)
* Wed Mar 10 2010 Panu Matilainen <pmatilai@redhat.com> - 3.6.23-1
- update to 3.6.23 (http://www.sqlite.org/releaselog/3_6_23.html)
- drop the lemon sprintf patch, upstream doesn't want it
- make test-suite errors fail build finally
* Mon Jan 18 2010 Panu Matilainen <pmatilai@redhat.com> - 3.6.22-1
- update to 3.6.22 (http://www.sqlite.org/releaselog/3_6_22.html)
* Tue Dec 08 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.21-1
- update to 3.6.21 (http://www.sqlite.org/releaselog/3_6_21.html)
* Tue Nov 17 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.20-1
- update to 3.6.20 (http://www.sqlite.org/releaselog/3_6_20.html)
* Tue Oct 06 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.18-1
- update to 3.6.18 (http://www.sqlite.org/releaselog/3_6_18.html)
- drop no longer needed test-disabler patches
* Fri Aug 21 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.17-1
- update to 3.6.17 (http://www.sqlite.org/releaselog/3_6_17.html)
- disable to failing tests until upstream fixes
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.6.14.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Fri Jun 12 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.14.2-1
- update to 3.6.14.2 (#505229)
* Mon May 18 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.14-2
- disable rpath
- add -doc subpackage instead of patching out reference to it
* Thu May 14 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.14-1
- update to 3.6.14 (http://www.sqlite.org/releaselog/3_6_14.html)
- merge-review cosmetics (#226429)
- drop ancient sqlite3 obsoletes
- fix tab vs space whitespace issues
- remove commas from summaries
- fixup io-test fsync expectations wrt SQLITE_DISABLE_DIRSYNC
* Wed Apr 15 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.13-1
- update to 3.6.13
* Thu Apr 09 2009 Dennis Gilmore <dennis@ausil.us> - 3.6.12-3
- apply upstream patch for memory alignment issue (#494906)
* Tue Apr 07 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.12-2
- disable strict aliasing to work around brokenness on 3.6.12 (#494266)
- run test-suite on build but let it fail for now
* Fri Apr 03 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.12-1
- update to 3.6.12 (#492662)
- remove reference to non-existent sqlite-doc from manual (#488883)
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.6.10-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Wed Feb 04 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.10-3
- enable RTREE and FTS3 extensions (#481417)
* Thu Jan 22 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.10-2
- upstream fix yum breakage caused by new keywords (#481189)
* Thu Jan 22 2009 Panu Matilainen <pmatilai@redhat.com> - 3.6.10-1
- update to 3.6.10
* Wed Dec 31 2008 Panu Matilainen <pmatilai@redhat.com> - 3.6.7-1
- update to 3.6.7
- avoid lemon ending up in main sqlite package too
* Fri Dec 05 2008 Panu Matilainen <pmatilai@redhat.com> - 3.6.6.2-4
- add lemon subpackage
* Thu Dec 4 2008 Matthias Clasen <mclasen@redhat.com> - 3.6.6.2-3
- Rebuild for pkg-config provides
* Tue Dec 02 2008 Panu Matilainen <pmatilai@redhat.com> - 3.6.6.2-2
- require tcl(abi) in sqlite-tcl subpackage (#474034)
- move tcl extensions to arch-specific location
- enable dependency extraction on the tcl dso
- require pkgconfig in sqlite-devel
* Sat Nov 29 2008 Panu Matilainen <pmatilai@redhat.com> - 3.6.6.2-1
- update to 3.6.6.2
* Sat Nov 08 2008 Panu Matilainen <pmatilai@redhat.com> - 3.6.4-1
- update to 3.6.4
- drop patches already upstream
* Mon Sep 22 2008 Panu Matilainen <pmatilai@redhat.com> - 3.5.9-2
- Remove references to temporary registers from cache on release (#463061)
- Enable loading of external extensions (#457433)
* Tue Jun 17 2008 Stepan Kasal <skasal@redhat.com> - 3.5.9-1
- update to 3.5.9
* Wed Apr 23 2008 Panu Matilainen <pmatilai@redhat.com> - 3.5.8-1
- update to 3.5.8
- provide full version in pkg-config (#443692)
* Mon Mar 31 2008 Panu Matilainen <pmatilai@redhat.com> - 3.5.6-2
- remove reference to static libs from -devel description (#439376)
* Tue Feb 12 2008 Panu Matilainen <pmatilai@redhat.com> - 3.5.6-1
- update to 3.5.6
- also fixes #432447
* Fri Jan 25 2008 Panu Matilainen <pmatilai@redhat.com> - 3.5.4-3
- enable column metadata API (#430258)
* Tue Jan 08 2008 Panu Matilainen <pmatilai@redhat.com> - 3.5.4-2
- avoid packaging CVS directory as documentation (#427755)
* Fri Dec 21 2007 Panu Matilainen <pmatilai@redhat.com> - 3.5.4-1
- Update to 3.5.4 (#413801)
* Fri Sep 28 2007 Panu Matilainen <pmatilai@redhat.com> - 3.4.2-3
- Add another build conditional for enabling %%check
* Fri Sep 28 2007 Panu Matilainen <pmatilai@redhat.com> - 3.4.2-2
- Use bconds for the spec build conditionals
- Enable -tcl subpackage again (#309041)
* Wed Aug 15 2007 Paul Nasrat <pnasrat@redhat.com> - 3.4.2-1
- Update to 3.4.2
* Sat Jul 21 2007 Paul Nasrat <pnasrat@redhat.com> - 3.4.1-1
- Update to 3.4.1
* Sun Jun 24 2007 Paul Nasrat <pnsarat@redhat.com> - 3.4.0-2
- Disable load for now (#245486)
* Tue Jun 19 2007 Paul Nasrat <pnasrat@redhat.com> - 3.4.0-1
- Update to 3.4.0
* Fri Jun 01 2007 Paul Nasrat <pnasrat@redhat.com> - 3.3.17-2
- Enable load
- Build fts1 and fts2
- Don't sync on dirs (#237427)
* Tue May 29 2007 Paul Nasrat <pnasrat@redhat.com> - 3.3.17-1
- Update to 3.3.17
* Mon Mar 19 2007 Paul Nasrat <pnasrat@redhat.com> - 3.3.13-1
- Update to 3.3.13
* Fri Aug 11 2006 Paul Nasrat <pnasrat@redhat.com> - 3.3.6-2
- Fix conditional typo (patch from Gareth Armstrong)
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 3.3.6-1.1
- rebuild
* Mon Jun 26 2006 Paul Nasrat <pnasrat@redhat.com> - 3.3.6-1
- Update to 3.3.6
- Fix typo (#189647)
- Enable threading fixes (#181298)
- Conditionalize static library
* Mon Apr 17 2006 Paul Nasrat <pnasrat@redhat.com> - 3.3.5-1
- Update to 3.3.5
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 3.3.3-1.2
- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 3.3.3-1.1
- rebuilt for new gcc4.1 snapshot and glibc changes
* Tue Jan 31 2006 Christopher Aillon <caillon@redhat.com> - 3.3.3-1
- Update to 3.3.3
* Tue Jan 31 2006 Christopher Aillon <caillon@redhat.com> - 3.3.2-1
- Update to 3.3.2
* Tue Jan 24 2006 Paul Nasrat <pnasrat@redhat.com> - 3.2.8-1
- Add --enable-threadsafe (Nicholas Miell)
- Update to 3.2.8
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Tue Oct 4 2005 Jeremy Katz <katzj@redhat.com> - 3.2.7-2
- no more static file or libtool archive (#169874)
* Wed Sep 28 2005 Florian La Roche <laroche@redhat.com>
- Upgrade to 3.2.7 release.
* Thu Sep 22 2005 Florian La Roche <laroche@redhat.com>
- Upgrade to 3.2.6 release.
* Sun Sep 11 2005 Florian La Roche <laroche@redhat.com>
- Upgrade to 3.2.5 release.
* Fri Jul 8 2005 Roland McGrath <roland@redhat.com> - 3.2.2-1
- Upgrade to 3.2.2 release.
* Sat Apr 9 2005 Warren Togami <wtogami@redhat.com> - 3.1.2-3
- fix buildreqs (#154298)
* Mon Apr 4 2005 Jeremy Katz <katzj@redhat.com> - 3.1.2-2
- disable tcl subpackage
* Wed Mar 9 2005 Jeff Johnson <jbj@redhat.com> 3.1.2-1
- rename to "sqlite" from "sqlite3" (#149719, #150012).
* Wed Feb 16 2005 Jeff Johnson <jbj@jbj.org> 3.1.2-1
- upgrade to 3.1.2.
- add sqlite3-tcl sub-package.
* Sat Feb 5 2005 Jeff Johnson <jbj@jbj.org> 3.0.8-3
- repackage for fc4.
* Mon Jan 17 2005 R P Herrold <info@owlriver.com> 3.0.8-2orc
- fix a man page nameing conflict when co-installed with sqlite-2, as
is permissible