On Fri, 27 Dec 2019 at 06:11, Jens Alfke wrote:
>
> > On Dec 25, 2019, at 2:53 PM, Doug wrote:
> >
> > I wrote an application in Qt which uses SQLite. Therefore, I invoke
> SQLite functions with some wrapper. For a 9% performance improvement in
> SQLite using the direct call versus indirect
On 12/26/19, Yongheng Chen wrote:
> Hi,
>
> We found a global buffer overflow and a heap buffer overflow in sqlite.
Thanks for the report. Now fixed on trunk.
Just to be clear to on-lookers, these problems are in the "zipfile"
extension (https://www.sqlite.org/zipfile.html) not in the SQLite
> -Original Message-
> From: sqlite-users
> On Behalf Of Jens Alfke
> Sent: Thursday, December 26, 2019 3:11 PM
> To: SQLite mailing list
> Subject: Re: [sqlite] Causal profiling
>
>
>
> > On Dec 25, 2019, at 2:53 PM, Doug wrote:
> >
> > I wrote an application in Qt which uses
> On Dec 25, 2019, at 2:53 PM, Doug wrote:
>
> I wrote an application in Qt which uses SQLite. Therefore, I invoke SQLite
> functions with some wrapper. For a 9% performance improvement in SQLite using
> the direct call versus indirect call (as discussed in the talk), cannot the
> wrapper
Hi,
We found a global buffer overflow and a heap buffer overflow in sqlite. Here’s
the POC (trigger with asan):
Global buffer overflow:
—
CREATE TABLE v0 ( v6 INTEGER UNIQUE , v5 , v3 , v4 , v2 , v7 , v1 ) ; INSERT
INTO v0 ( v3 ) VALUES ( 0 ) ,( 10 ) ,( 10.10 ) ,( 10 ) ,( 10 ) ,( 10 ) ,(
Is SQLITE_MAX_EXPR_DEPTH=0 still a recommended compiler option?
According to https://www.sqlite.org/draft/compile.html
SQLITE_MAX_EXPR_DEPTH=0. Setting the maximum expression parse-tree depth
to
zero disables all checking of the expression parse-tree depth, which
simplifies the code
6 matches
Mail list logo
