date:20200101

[sqlite] Assertion `memIsValid(pRec)' failed

2020-01-01 Thread Yongheng Chen

Hi,

We found an assertion failed in sqlite. And this assertion seems not to be 
fixed completely. Here’s the POC:
—
CREATE TABLE v0 ( v1 ) ;
INSERT INTO v0 ( v1 ) VALUES ( 10 ) ,( 10 ) ;
UPDATE v0 SET v1 = ( SELECT coalesce ( quote ( NULL ) , quote ( v1 ) , ( SELECT 
1 FROM v0 AS v WHERE ( SELECT v1 FROM v0 WHERE v1 > v1 ) ) , 10 ) FROM v0 ORDER 
BY zeroblob ( v1 ) ) ;
—-

This exists in the latest development code built with debug flag.

Yongheng & Rui
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

[sqlite] Assertion `(mFlags_Str)==0 || (pMem->n==pX->n && pMem->z==pX->z)' failed.

2020-01-01 Thread Yongheng Chen

Hi,

We found an assertion failed in sqlite. Here’s the POC:
—
CREATE TABLE v0 ( v1 VARCHAR(15) ) ;
INSERT INTO v0 ( v1 ) VALUES ( 10 ) ,( 10 ) ;
UPDATE v0 SET v1 = ( SELECT coalesce ( quote ( NULL ) , quote ( v1 ) , quote ( 
v1 ) , 0 ) FROM v0 ORDER BY substr ( v1 , v1 , 10 ) ) ;
—-

This exists in release version and the latest development code built with debug 
flag.

Yongheng & Rui
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] Causal profiling

2020-01-01 Thread Peter da Silva

Also spaghetti inheritance is a thing.

On Wed, Jan 1, 2020, 19:19 D Burgess  wrote:

> > I’ve spent too much time lately trying to figure out or debug hellacious
> C spaghetti code
>
> And I’ve spent too much time lately trying to figure out or debug
> hellacious C++ spaghetti code
>
> Someone who writes bad C,   will write even worse C++
> ___
> sqlite-users mailing list
> sqlite-users@mailinglists.sqlite.org
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
>
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] Causal profiling

2020-01-01 Thread D Burgess

> I’ve spent too much time lately trying to figure out or debug hellacious C 
> spaghetti code

And I’ve spent too much time lately trying to figure out or debug
hellacious C++ spaghetti code

Someone who writes bad C,   will write even worse C++
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

[sqlite] Assertion `memIsValid(pRec)' failed

2020-01-01 Thread Yongheng Chen

Hi,

We found an assertion failed in sqlite. Here’s the POC:
—
CREATE TABLE v0 ( v1 CHAR(25) ) ;
CREATE TRIGGER myname AFTER INSERT ON v0 BEGIN INSERT INTO v0 SELECT ( SELECT 
ifnull ( count ( DISTINCT ( SELECT v1 FROM v0 ) ) , 10 ) ) FROM v0 AS d WHERE 
v1 = v1 AND v1 <= v1 GROUP BY v1 , v1 ORDER BY v1 , v1 ;
END ;
INSERT INTO v0 ( v1 ) VALUES ( 10 ) ,( 0 ) ;
—-

This exists in the latest development code built with debug flag.

Yongheng & Rui
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] New SQL functions available for testing only.

2020-01-01 Thread Richard Hipp

On 1/1/20, Manuel Rigger  wrote:
> Thanks for adding these functions! My test generator/fuzzer is written in
> Java and uses the JDBC interface. In order to call the C function, I would
> probably need to modify the driver code or use JNI, which would both be a
> bit hacky. Is there a compile-time option that can be set to provide
> internal functions by default?

-DSQLITE_ENABLE_INTERNAL_FUNCTIONS

NB:  Do NOT enable this on a production build.  The
-DSQLITE_ENABLE_INTERNAL_FUNCTIONS compile-time option is for testing
purposes only.

-- 
D. Richard Hipp
d...@sqlite.org
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] New SQL functions available for testing only.

2020-01-01 Thread Manuel Rigger

Thanks for adding these functions! My test generator/fuzzer is written in
Java and uses the JDBC interface. In order to call the C function, I would
probably need to modify the driver code or use JNI, which would both be a
bit hacky. Is there a compile-time option that can be set to provide
internal functions by default?

Best,
Manuel

On Wed, Jan 1, 2020 at 7:26 PM Jens Alfke  wrote:

>
> > On Jan 1, 2020, at 8:03 AM, Richard Hipp  wrote:
> >
> > expr_implies_expr(A,B)
> >
> > Return non-zero if expression A implies expression B.  See
> > https://www.sqlite.org/src/artifact/971e442fd5?ln=5277-5299 for
> > details.  This routine is used to determine if a partial index is
> > usable.
>
> Thanks! This is also likely useful for programs that create their own
> synthetic indexes out of secondary tables. (I do this, partly because I
> need to index multiple values per row, e.g. indexing the elements of a JSON
> array.) If such an ‘index’ is partial, I need to figure out when it’s
> applicable to a query.
>
> —Jens
> ___
> sqlite-users mailing list
> sqlite-users@mailinglists.sqlite.org
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
>
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] New SQL functions available for testing only.

2020-01-01 Thread Jens Alfke

> On Jan 1, 2020, at 8:03 AM, Richard Hipp  wrote:
> 
> expr_implies_expr(A,B)
> 
> Return non-zero if expression A implies expression B.  See
> https://www.sqlite.org/src/artifact/971e442fd5?ln=5277-5299 for
> details.  This routine is used to determine if a partial index is
> usable.

Thanks! This is also likely useful for programs that create their own synthetic 
indexes out of secondary tables. (I do this, partly because I need to index 
multiple values per row, e.g. indexing the elements of a JSON array.) If such 
an ‘index’ is partial, I need to figure out when it’s applicable to a query.

—Jens
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

[sqlite] New SQL functions available for testing only.

2020-01-01 Thread Richard Hipp

Fuzzers and testers:

I've created some new built-in SQL functions for SQLite that provide
direct access to some of the internal code-generator routines that
have historically given trouble:

 expr_compare(A,B)

This function returns non-zero if expressions A and B are different.
See https://www.sqlite.org/src/artifact/971e442fd5?ln=5049-5075 for
details.

 expr_implies_expr(A,B)

Return non-zero if expression A implies expression B.  See
https://www.sqlite.org/src/artifact/971e442fd5?ln=5277-5299 for
details.  This routine is used to determine if a partial index is
usable.

 implies_nonnull_row(E,C)

C must be the name of a column in one of the tables of the SELECT
statement.  E is an arbitrary expression.  Return non-zero if
expression E can only be true if the row of which C is a member has
some non-NULL column.  This routine is used to help determine if a
LEFT JOIN can be simplified into an ordinary JOIN.

These new SQL functions are only accessible if you activate "internal
functions" using C code like this:

 sqlite3_test_control(SQLITE_TESTCTRL_INTERNAL_FUNCTIONS, db);

Or in the CLI like this:

 .testctrl internal_functions

In other words, these SQL functions are not available to ordinary
applications.  An application would need to take special steps to
activate these routines.  And those special steps include making calls
to C-code, which means that an attacker who is submitting SQL text
and/or database files is unable to exploit any weaknesses that may
turn up in these SQL functions.

Fuzzer authors:  I recommend that you enable these functions in your
fuzzers.  Doing so might help your fuzzersto find bugs that would
otherwise be difficult to reach.

Happy hunting.
-- 
D. Richard Hipp
d...@sqlite.org
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

[sqlite] Assertion `memIsValid([p1+idx])' failed.

2020-01-01 Thread Yongheng Chen

Hi,

We found an assertion failed in sqlite. Here’s the POC:
—
CREATE TABLE v0 ( v1 DOUBLE PRIMARY KEY ) ;
INSERT INTO v0 VALUES ( 10 ) ;
SELECT * FROM v0 NATURAL JOIN v0 NATURAL JOIN v0 WHERE v1 = 9223372036854775807 
OR ( ( v1 = ( SELECT 10 + sum ( v1 LIKE 'LG PACK' ) OVER( ORDER BY v1 ) ) AND 
16 ) OR v1 = 10 ) AND v1 <= 10 + 10 AND v1 BETWEEN 10 AND 10 ;
—-

This exists in the latest development code built with debug flag.

Yongheng & Rui
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

[sqlite] Assertion `pRes->iTable==pSrc->a[0].iCursor'

2020-01-01 Thread Yongheng Chen

Hi,

We found an assertion failed in sqlite. Here’s the POC:
—
CREATE TABLE v0 ( v2 INTEGER PRIMARY KEY , v1 AS( 10.10 ) UNIQUE ) ;
SELECT * FROM v0 WHERE v1 + 10 IN ( SELECT v2 FROM v0 NATURAL JOIN v0 WHERE v2 
IN ( SELECT v1 FROM v0 ORDER BY v1 ) ) ;
—-

This exists in the latest development code built with debug flag.

Yongheng & Rui
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

[sqlite] Assertion `memIsValid(pRec)' failed

[sqlite] Assertion `(mFlags_Str)==0 || (pMem->n==pX->n && pMem->z==pX->z)' failed.

Re: [sqlite] Causal profiling

Re: [sqlite] Causal profiling

[sqlite] Assertion `memIsValid(pRec)' failed

Re: [sqlite] New SQL functions available for testing only.

Re: [sqlite] New SQL functions available for testing only.

Re: [sqlite] New SQL functions available for testing only.

[sqlite] New SQL functions available for testing only.

[sqlite] Assertion `memIsValid([p1+idx])' failed.

[sqlite] Assertion `pRes->iTable==pSrc->a[0].iCursor'

11 matches

Site Navigation

Mail list logo

Footer information