Skip to content

Tags: nalgeon/sqlean

Tags

0.24.1

Toggle 0.24.1's commit message 
build: 0.24.1

0.24.0

Toggle 0.24.0's commit message 
build: manual win32 workflow

0.23.0

Toggle 0.23.0's commit message 
build: version 0.23.0

0.22.0

Toggle 0.22.0's commit message 
build: version 0.22.0

0.21.10

Toggle 0.21.10's commit message 
impr: regexp - print the actual error message if compilation fails (#104

)

0.21.9

Toggle 0.21.9's commit message 
build: version 0.21.9

0.21.8

Toggle 0.21.8's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode 
fix: define - incorporate upstream fixes from statement_vtab (#94)

* Encode parameter indexes to a printable string in idxStr

This resolves a potential vulnerability on platforms with uncommon
integer widths (see below.)

Per the discussion in sqlite.org/forum/info/853f5b586ecbf11c idxStr is
strictly intended to reference valid string memory. statement_vtab uses
idxStr to supply parameter indexes to xFilter, previously passing these
as integer memory directly. It now serializes indexes using a fixed-
length 6 bit encoding, which for speed and simplicity is printable but
not necessarily readable.

idxStr is currently included in EXPLAIN query results as well as in
debug output from SQLite. On typical platforms where int is larger than
SQLite's column maximum of 32767, previous buffers were incidentally
valid for these only due to what amounts to several technicalities in
the C standard.

On platforms with less common integer widths -- such as those with 16
bit ints or where sizeof(int) is 1 -- there is a risk of overread and
disclosure of subsequent memory if an untrusted user is able to execute
an EXPLAIN query on a statement_vtab with a sufficient number of
columns.

Application of this fix can be verified at runtime with the following
SQL:
> CREATE VIRTUAL TABLE x USING statement((SELECT ?42, ?46));
> EXPLAIN SELECT * FROM x WHERE [46] = 0 AND [42] = 0;
In the output of EXPLAIN, the VFilter opcode's P4 register will read
"O!!!!!K!!!!!" (without quotes).

Corresponds to
0x09/sqlite-statement-vtab@400bea1

* Handle conflicting AND constraints on columns

Constraints such as `WHERE ColumnA = 1 AND ColumnA = 2` now result in an
empty set rather than an error, which is consistent with the behavior of
these queries against normal (non-virtual) SQLite tables.

Purely redundant constraints (where ColumnA = 1 AND ColumnA = 1)
likewise no longer result in an error.

Corresponds to
0x09/sqlite-statement-vtab@e8f20f3

* Clarify shallow copy of argv in xFilter

Corresponds to
0x09/sqlite-statement-vtab@77d338e

0.21.7

Toggle 0.21.7's commit message 
refactor: utf8_lookup disambiguation

0.21.6

Toggle 0.21.6's commit message 
build: use ubuntu 20.04 instead of 22.04

0.21.5

Toggle 0.21.5's commit message 
fix: disable symlink on windows