blob: c28bf10e37bbd582768de807c062c183030c102a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
From 219b8e7e7587df8669d96ce867cdd61ca1c05730 Mon Sep 17 00:00:00 2001
From: drh <drh@noemail.net>
Date: Thu, 14 May 2020 23:59:24 +0000
Subject: [PATCH] Fix a null pointer deference that can occur on a strange
matchinfo() query.
FossilOrigin-Name: a4dd148928ea65bd4e1654dfacc3d8057d1f85b8c9939416991d50722e5a720e
Upstream-Status: Backport
CVE: CVE-2020-13632
Reference to upstream patch:
https://github.com/sqlite/sqlite/commit/219b8e7e7587df8669d96ce867cdd61ca1c05730
Patch converted to amalgamation format
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
sqlite3.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sqlite3.c b/sqlite3.c
index 282e106..5ae8c8b 100644
--- a/sqlite3.c
+++ b/sqlite3.c
@@ -181820,7 +181820,7 @@ static int fts3ExprLHits(
iStart = pExpr->iPhrase * ((p->nCol + 31) / 32);
}
- while( 1 ){
+ if( pIter ) while( 1 ){
int nHit = fts3ColumnlistCount(&pIter);
if( (pPhrase->iColumn>=pTab->nColumn || pPhrase->iColumn==iCol) ){
if( p->flag==FTS3_MATCHINFO_LHITS ){
|
