Hi guys,
I found this crash in SQLite. Tested with latest amalgamation (
sqlite-autoconf-307160 ). Please assist.
Thanks,
Jerome
--------------------------------
#include <stdlib.h>
#include <stdio.h>
#include <sqlite3.h>
int main()
{
sqlite3_stmt * stmt = NULL;
sqlite3 * db = NULL;
sqlite3_open_v2("test.sqlite", &db, SQLITE_OPEN_READWRITE, NULL);
if(db)
{
printf("Database opened\n");
sqlite3_prepare_v2(db, "UPDATE `Contacts` SET ROWID = ? WHERE
ROWID = ?", -1, &stmt, NULL);
sqlite3_close(db);
}
return 0;
}
----------------------------------
Simply put create test.sqlite with:
*CREATE TABLE `Contacts`(*
* `Id` INTEGER PRIMARY KEY,*
* `Name` TEXT COLLATE NOCASE,*
* `OfficePhoneNumber` TEXT COLLATE NOCASE,*
* `CellPhoneNumber` TEXT COLLATE NOCASE,*
* `SecondCellPhoneNumber` TEXT COLLATE NOCASE,*
* `PagerNumber` TEXT COLLATE NOCASE,*
* `Email` TEXT COLLATE NOCASE,*
* `Active` INTEGER*
*);*
You'll get this Valgrind output:
==26691== Memcheck, a memory error detector
==26691== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==26691== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==26691== Command: ./a.out
==26691==
Database opened
==26691== *Invalid read of size 8*
==26691== at 0x4EB1896: sqlite3Update (sqlite3.c:101044)
==26691== by 0x4EC1816: yy_reduce (sqlite3.c:111245)
==26691== by 0x4EC3F63: sqlite3Parser (sqlite3.c:112035)
==26691== by 0x4EC4DAD: sqlite3RunParser (sqlite3.c:112872)
==26691== by 0x4EA4B43: sqlite3Prepare (sqlite3.c:94461)
==26691== by 0x4EA4E7F: sqlite3LockAndPrepare (sqlite3.c:94553)
==26691== by 0x4EA5036: sqlite3_prepare_v2 (sqlite3.c:94629)
==26691== by 0x4007E4: main (in /home/jerome/sqlite-autoconf-3071602/a.out)
==26691== Address 0x5906f58 is 0 bytes after a block of size 392 alloc'd
==26691== at 0x4C2C73C: malloc (vg_replace_malloc.c:270)
==26691== by 0x4E4219A: sqlite3MemMalloc (sqlite3.c:15581)
==26691== by 0x4E42BD5: mallocWithAlarm (sqlite3.c:18879)
==26691== by 0x4E42C70: sqlite3Malloc (sqlite3.c:18912)
==26691== by 0x4E4346C: sqlite3DbMallocRaw (sqlite3.c:19248)
==26691== by 0x4E434CF: sqlite3DbRealloc (sqlite3.c:19267)
==26691== by 0x4E8E14E: sqlite3AddColumn (sqlite3.c:81948)
==26691== by 0x4EC04A4: yy_reduce (sqlite3.c:110843)
==26691== by 0x4EC3F63: sqlite3Parser (sqlite3.c:112035)
==26691== by 0x4EC4D17: sqlite3RunParser (sqlite3.c:112860)
==26691== by 0x4EA4B43: sqlite3Prepare (sqlite3.c:94461)
==26691== by 0x4EA4E7F: sqlite3LockAndPrepare (sqlite3.c:94553)
The problematic line is:
*rc = sqlite3AuthCheck(pParse, SQLITE_UPDATE, pTab->zName,
pTab->aCol[j].zName, db->aDb[iDb].zName);*
It looks like an invalid pointer read (4 bytes on 32 bit, 8 bytes on
64) on *pTab->aCol[j].zName*
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
