Subsystem: Shell Title: Incorrect handling of some BLOBs.
Type: Code_Defect Severity: Important Priority: Unknown Affected: All SQLite versions containing output_hex_blob() up to 3.7.9. Environment: Tested on various FreeBSD 8.x versions, both i386 and amd64. Probably, other operating systems would be affected as well. How-to-reproduce: Obtain FreeBSD and install sqlite3 by some of the standard ways (from a package, port, etc.). Then see screenshot (shell output indented for clarity): $ sqlite3 /tmp/db.tmp SQLite version 3.7.9 2011-11-01 00:52:41 Enter ".help" for instructions Enter SQL statements terminated with a ";" sqlite> create table t(v blob); sqlite> insert into t values(X'0123456789'); sqlite> .mode insert sqlite> select * from t; INSERT INTO table VALUES(X'01234567ffffff89'); sqlite> Description: In some circumstances (for example, when .mode insert is set and select results contain BLOBs) the shell calls internal function output_hex_blob(). This function uses wrong data types which could result in an implicit sign extension and thus data corruption. Suggested-fix: Following patch helps. Perhaps there might be better solution, such as reimplementing of the necessary fprintf(3) functionality without relying on the operation system libraries. --- src/shell.c.orig 2011-11-01 16:31:18.000000000 +0400 +++ src/shell.c 2011-11-10 22:45:11.000000000 +0400 @@ -490,7 +490,7 @@ */ static void output_hex_blob(FILE *out, const void *pBlob, int nBlob){ int i; - char *zBlob = (char *)pBlob; + unsigned char *zBlob = (unsigned char *)pBlob; fprintf(out,"X'"); for(i=0; i<nBlob; i++){ fprintf(out,"%02x",zBlob[i]); } fprintf(out,"'"); Comment: 1. Thanks for the code clarity and straightforwardness. It was rather easy to trace this bug (once it has been encountered) even for non-programmer. 2. There are quite a few of other places in the code where signed datatypes are used to store semantically non-negative data. I can't judge whether these are just mistakes or some policy. _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users