On 24 Jun 2017, at 2:29am, Ryan Whitworth <m...@ryanwhitworth.com> wrote:
> GDB backtrace details and input files can be found here: > https://github.com/rwhitworth/sqlite-fuzz/tree/master/2017-06-23-sqlite3. For those interested, all the faults found seem to concern dot commands. Here is an example command which was found to cause problems: .m i 000\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\0000\\00000000000000\\0\\\\\\\\\\\\\\\\\\\\\\\\\\\\0\\\\\\\\\\000000"0 The next two lines constitute another example: .h 0 .m i 0""""""""""0 I think it’s worth repeating that, as Ryan himself wrote, these faults were found in the SQLite command shell tool, not in SQLite itself. SQLite does not recognise the dot commands found here so it would not crash trying to process them. Although there’s an opportunity to examine the command-line shell here, those using the SQLite API should not be alarmed purely on the basis of this report. Simon. _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
