Dear all,
I've found a small fix point in shell.c
In process_sqliterc() function, zBuf from sqlite3_mprintf() is used as
parameters of fopen() without any null value check.
if (sqliterc == NULL) {
home_dir = find_home_dir();
if( home_dir==0 ){
#if !defined(__RTP__) && !defined(_WRS_KERNEL)
fprintf(stderr,"%s: Error: cannot locate your home directory\n",
Argv0);
#endif
return 1;
}
sqlite3_initialize();
* zBuf = sqlite3_mprintf("%s/.sqliterc",home_dir);*
sqliterc = zBuf;
}
* in = fopen(sqliterc,"rb"); <-- sqliterc can be null*
Regards,
Yongil Jang.
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
