Thanks a lot for the prompt response,
As far as I found in Fossil repository fixes for all CVE's , excepting
erroneously submitted CVE-2019-19646, were merged to Fossil.
Can you please estimate next official release of SQLite including these fixes?
Regards,
Alex
-Original Message-
Max Vlasov wrote:
> bcc 5.5 compiler ... didn't like long long constants
>such as -2251799813685248LL
If you want to make this particular compiler happy, use -2251799813685248i64.
Regards,
Clemens
___
sqlite-users mailing list
On Tue, 24 Dec 2019 at 23:58, Warren Young wrote:
> On Dec 24, 2019, at 12:32 PM, Max Vlasov wrote:
> >
> > I didn't mention it was for sqlite
> > static compiling with Delphi 32 bit, that supports (also quite old) OMF
> > static libraries format
>
> Would it be out of the question to compile
On Dec 24, 2019, at 12:32 PM, Max Vlasov wrote:
>
> I didn't mention it was for sqlite
> static compiling with Delphi 32 bit, that supports (also quite old) OMF
> static libraries format
Would it be out of the question to compile SQLite to a DLL? Then you can use
any Windows C compiler. You
On 12/24/19, Yongheng Chen wrote:
> Hi,
>
> We found a crash bug in sqlite.
Introduced yesterday afternoon by check-in
https://sqlite.org/src/info/eb95dac7f6482c36
--
D. Richard Hipp
d...@sqlite.org
___
sqlite-users mailing list
Hi,
We found a crash bug in sqlite. Here’s the PoC:
—
CREATE TABLE v0 ( v1 INTEGER PRIMARY KEY ) ; INSERT INTO v0 ( v1 ) VALUES ( 0 )
,( 1 ) ,( 10 ) ON CONFLICT DO NOTHING ;
CREATE VIRTUAL TABLE v2 USING rtree ( v5 UNIQUE ON CONFLICT ABORT , v4 , v3 ) ;
SELECT 'MED BOX' - 'a' FROM v0 LEFT JOIN
On Tue, 24 Dec 2019 at 21:37, Warren Young wrote:
> On Dec 24, 2019, at 3:19 AM, Max Vlasov wrote:
> >
> > an "ancient" bcc 5.5 compiler
>
> Yes, [almost 20 years old][1] now. Even in these times of slowing
> technology, that’s still a very long time in computing.
>
> ...
>
> If you need a
I'd lean towards speed being preferable in the default. Reasoning:
* People who use SQLite in low-RAM (i.e. embedded) scenarios compile it
themselves.
* People who use it on PCs (like me) almost never compile it, they just
use whatever the distro/sqlite.org/language-of-choice provides, and
On Dec 24, 2019, at 3:19 AM, Max Vlasov wrote:
>
> an "ancient" bcc 5.5 compiler
Yes, [almost 20 years old][1] now. Even in these times of slowing technology,
that’s still a very long time in computing.
To put things into perspective, that compiler is about as old as SQLite itself!
It’s a
Yongheng Chen wrote:
> This seems a problem of gcc(Ubuntu 5.5.0-12ubuntu5~16.04). When
> I use this specific version to compile sqlite, the problem can be repro.
Unlikely to be a compiler issue.
I can reproduce the bug with valgrind with
SQLite shell built with:
* gcc (Ubuntu
On Tue, Dec 24, 2019 at 5:48 PM Richard Hipp wrote:
>
> On 12/24/19, Yongheng Chen wrote:
> >
> > When we run it with sqlite compiled with asan, we got a heap overflow crash.
> >
> > The bug exists in the latest development code.
>
> Unable to repro. Tried tip of trunk and release, using gcc
This seems a problem of gcc(Ubuntu 5.5.0-12ubuntu5~16.04). When I use this
specific version to compile sqlite, the problem can be repro.
Just in case you need it, here’s the log I got:
—
SQLite version 3.31.0 2019-12-24 15:35:53
Enter ".help" for usage hints.
Connected to a transient in-memory
On 12/24/19, Yongheng Chen wrote:
>
> When we run it with sqlite compiled with asan, we got a heap overflow crash.
>
> The bug exists in the latest development code.
Unable to repro. Tried tip of trunk and release, using gcc and clang,
all with various combinations of -fsanitize=memory,
On 12/24/19, Raitses, Alex wrote:
> Hi,
> Can you please update on status of the following CVE’s submitted on 3.30.1?
> CVE’s link to patches references GitHub branch, however I could find
> corresponding submits to Fossil repository.
> CVE’s list:
>
Hi,
We found a oob read in sqlite. Here’s the PoC:
—
CREATE TABLE v0 ( v2 NOT NULL PRIMARY KEY , v1 ) ;
CREATE TEMP TRIGGER y AFTER INSERT ON v0 BEGIN DELETE FROM v0 ; END ;
CREATE TRIGGER x DELETE ON v0 BEGIN INSERT INTO v0 ( v2 ) VALUES ( 10.1 ) ,( ''
) ,('') ,( 1) ,( 1) ,( 1) ,( 1 ) ON
Hi,
Can you please update on status of the following CVE’s submitted on 3.30.1?
CVE’s link to patches references GitHub branch, however I could find
corresponding submits to Fossil repository.
CVE’s list:
https://nvd.nist.gov/vuln/detail/CVE-2019-19244
In a specific case, we have to use such a scenario.
I'm aware it is contrary to traditional way, but for this specific "mounted
drive" situation, is there a reasonable solution? Any way to avoid this
kind of database file corruption?
Thanks in advance,
Best Regards,
On Tue, Dec 24, 2019 at
Hi,
an "ancient" bcc 5.5 compiler perfectly compiled sqlite to win32 until
3.28.00, but starting 3.29.00 it appears it didn't like long long constants
such as -2251799813685248LL , mentioned at least in sqlite3RealSameAsInt
and sqlite3VdbeExec. The errors tells unrelated error messages, like [ )
On 2019-12-22 10:48 p.m., Keith Medcalf wrote:
On Sunday, 22 December, 2019 23:20, Aydin Ozgur Yagmur
wrote:
I have experienced a weird problem. I have been using sqlite database in
linux by mounting.
Can you give some clues what "using sqlite database in linux by mounting" means?
My
19 matches
Mail list logo