Re: [sqlite] sqlite bug report
On Thu, Nov 13, 2014 at 4:41 PM, Hinrichsen, Johnwrote: > In this example, bad data is returned. There is no assert. valgrind does > not complain either. > It asserts if you recompile with -DSQLITE_DEBUG > > Is there an ETA on when 3.8.7.2 will be released? > Next week sometime. Why not just pull the latest code from the source tree? > > > On Thu, Nov 13, 2014 at 1:12 PM, Richard Hipp wrote: > > > This is https://www.sqlite.org/src/info/094d39a4c95ee4 which has been > > fixed > > in trunk and will be fixed in 3.8.7.2. > > > > On Thu, Nov 13, 2014 at 1:05 PM, Hinrichsen, John > > wrote: > > > > > The following SQL produces an incorrect result with sqlite-3.8.7.1: > > > > > > CREATE TABLE A( > > > symbol TEXT, > > > type TEXT > > > ); > > > INSERT INTO A VALUES('ABCDEFG','chars'); > > > INSERT INTO A VALUES('1234567890','num'); > > > CREATE TABLE B( > > > chars TEXT, > > > num TEXT > > > ); > > > > > > CREATE TABLE IF NOT EXISTS C AS > > > SELECT A.symbol AS symbol,A.type, > > > CASE A.type > > > WHEN 'chars' THEN A.symbol > > > WHEN 'num' THEN B.chars > > > ELSE NULL > > > END AS chars > > > FROM A LEFT OUTER JOIN B ON A.type='num' AND B.num=A.symbol; > > > > > > SELECT * FROM C; > > > > > > with 3.8.7.1: > > > > > > sqlite> SELECT * FROM C; > > > ABCDEFG|chars|ABCDEFG > > > 1234567890|num|1234567 > > > > > > with 3.8.6: > > > > > > sqlite> SELECT * FROM C; > > > ABCDEFG|chars|ABCDEFG > > > 1234567890|num| > > > > > > -- > > > > > > This message contains confidential information and is intended only for > > the > > > individual named. If you are not the named addressee, you should not > > > disseminate, distribute, alter or copy this e-mail. Please notify the > > > sender immediately by e-mail if you have received this e-mail by > mistake > > > and delete this e-mail from your system. E-mail transmissions cannot be > > > guaranteed to be secure or without error as information could be > > > intercepted, corrupted, lost, destroyed, or arrive late or incomplete. > > The > > > sender, therefore, does not accept liability for any errors or > omissions > > in > > > the contents of this message which arise during or as a result of > e-mail > > > transmission. If verification is required, please request a hard-copy > > > version. This message is provided for information purposes and should > not > > > be construed as a solicitation or offer to buy or sell any securities > or > > > related financial instruments in any jurisdiction. > > > ___ > > > sqlite-users mailing list > > > sqlite-users@sqlite.org > > > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > > > > > > > > > > > -- > > D. Richard Hipp > > d...@sqlite.org > > ___ > > sqlite-users mailing list > > sqlite-users@sqlite.org > > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > > > > -- > > This message contains confidential information and is intended only for the > individual named. If you are not the named addressee, you should not > disseminate, distribute, alter or copy this e-mail. Please notify the > sender immediately by e-mail if you have received this e-mail by mistake > and delete this e-mail from your system. E-mail transmissions cannot be > guaranteed to be secure or without error as information could be > intercepted, corrupted, lost, destroyed, or arrive late or incomplete. The > sender, therefore, does not accept liability for any errors or omissions in > the contents of this message which arise during or as a result of e-mail > transmission. If verification is required, please request a hard-copy > version. This message is provided for information purposes and should not > be construed as a solicitation or offer to buy or sell any securities or > related financial instruments in any jurisdiction. > ___ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > -- D. Richard Hipp d...@sqlite.org ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] sqlite bug report
In this example, bad data is returned. There is no assert. valgrind does not complain either. Is there an ETA on when 3.8.7.2 will be released? On Thu, Nov 13, 2014 at 1:12 PM, Richard Hippwrote: > This is https://www.sqlite.org/src/info/094d39a4c95ee4 which has been > fixed > in trunk and will be fixed in 3.8.7.2. > > On Thu, Nov 13, 2014 at 1:05 PM, Hinrichsen, John > wrote: > > > The following SQL produces an incorrect result with sqlite-3.8.7.1: > > > > CREATE TABLE A( > > symbol TEXT, > > type TEXT > > ); > > INSERT INTO A VALUES('ABCDEFG','chars'); > > INSERT INTO A VALUES('1234567890','num'); > > CREATE TABLE B( > > chars TEXT, > > num TEXT > > ); > > > > CREATE TABLE IF NOT EXISTS C AS > > SELECT A.symbol AS symbol,A.type, > > CASE A.type > > WHEN 'chars' THEN A.symbol > > WHEN 'num' THEN B.chars > > ELSE NULL > > END AS chars > > FROM A LEFT OUTER JOIN B ON A.type='num' AND B.num=A.symbol; > > > > SELECT * FROM C; > > > > with 3.8.7.1: > > > > sqlite> SELECT * FROM C; > > ABCDEFG|chars|ABCDEFG > > 1234567890|num|1234567 > > > > with 3.8.6: > > > > sqlite> SELECT * FROM C; > > ABCDEFG|chars|ABCDEFG > > 1234567890|num| > > > > -- > > > > This message contains confidential information and is intended only for > the > > individual named. If you are not the named addressee, you should not > > disseminate, distribute, alter or copy this e-mail. Please notify the > > sender immediately by e-mail if you have received this e-mail by mistake > > and delete this e-mail from your system. E-mail transmissions cannot be > > guaranteed to be secure or without error as information could be > > intercepted, corrupted, lost, destroyed, or arrive late or incomplete. > The > > sender, therefore, does not accept liability for any errors or omissions > in > > the contents of this message which arise during or as a result of e-mail > > transmission. If verification is required, please request a hard-copy > > version. This message is provided for information purposes and should not > > be construed as a solicitation or offer to buy or sell any securities or > > related financial instruments in any jurisdiction. > > ___ > > sqlite-users mailing list > > sqlite-users@sqlite.org > > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > > > > > > -- > D. Richard Hipp > d...@sqlite.org > ___ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > -- This message contains confidential information and is intended only for the individual named. If you are not the named addressee, you should not disseminate, distribute, alter or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmissions cannot be guaranteed to be secure or without error as information could be intercepted, corrupted, lost, destroyed, or arrive late or incomplete. The sender, therefore, does not accept liability for any errors or omissions in the contents of this message which arise during or as a result of e-mail transmission. If verification is required, please request a hard-copy version. This message is provided for information purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments in any jurisdiction. ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] sqlite bug report
This is https://www.sqlite.org/src/info/094d39a4c95ee4 which has been fixed in trunk and will be fixed in 3.8.7.2. On Thu, Nov 13, 2014 at 1:05 PM, Hinrichsen, Johnwrote: > The following SQL produces an incorrect result with sqlite-3.8.7.1: > > CREATE TABLE A( > symbol TEXT, > type TEXT > ); > INSERT INTO A VALUES('ABCDEFG','chars'); > INSERT INTO A VALUES('1234567890','num'); > CREATE TABLE B( > chars TEXT, > num TEXT > ); > > CREATE TABLE IF NOT EXISTS C AS > SELECT A.symbol AS symbol,A.type, > CASE A.type > WHEN 'chars' THEN A.symbol > WHEN 'num' THEN B.chars > ELSE NULL > END AS chars > FROM A LEFT OUTER JOIN B ON A.type='num' AND B.num=A.symbol; > > SELECT * FROM C; > > with 3.8.7.1: > > sqlite> SELECT * FROM C; > ABCDEFG|chars|ABCDEFG > 1234567890|num|1234567 > > with 3.8.6: > > sqlite> SELECT * FROM C; > ABCDEFG|chars|ABCDEFG > 1234567890|num| > > -- > > This message contains confidential information and is intended only for the > individual named. If you are not the named addressee, you should not > disseminate, distribute, alter or copy this e-mail. Please notify the > sender immediately by e-mail if you have received this e-mail by mistake > and delete this e-mail from your system. E-mail transmissions cannot be > guaranteed to be secure or without error as information could be > intercepted, corrupted, lost, destroyed, or arrive late or incomplete. The > sender, therefore, does not accept liability for any errors or omissions in > the contents of this message which arise during or as a result of e-mail > transmission. If verification is required, please request a hard-copy > version. This message is provided for information purposes and should not > be construed as a solicitation or offer to buy or sell any securities or > related financial instruments in any jurisdiction. > ___ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > -- D. Richard Hipp d...@sqlite.org ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite bug report: type mismatch security issue in sqlite3.c version 3.7.13
On Fri, Jul 25, 2014 at 9:50 AM, Yunjiao Xuewrote: > To whom it may concern, > > We are using SQLite 3.7.13 with an amalgamation version of sqlite3.c. We > discovered a type mismatch security issue with a recent Fortify scan. The > problem is on lines 22407, 51807, 63005, 93150 of sqlite3.c. > Thank you for reporting compiler warnings. All of the warnings above are completely benign and harmless. > > For example, the function strHash() in sqlite3.c is declared to return an > unsigned value on line 22400, but on line 22407 it returns a signed value. > This would cause a type mismatch security issue ( > http://www.hpenterprisesecurity.com/vulncat/en/vulncat/cpp/type_mismatch_signed_to_unsigned.html > ). > Hype and bluster. Please see also: http://www.sqlite.org/mark/testing.html?Static+analysis+has*static+analysis.#staticanalysis http://www.sqlite.org/faq.html#q17 > > We are not sure if the problem still exists in the latest version but most > probably it's still there. It would be much appreciated if you could fix it. > > Thanks, > > Jay Xue > > ___ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > -- D. Richard Hipp d...@sqlite.org ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] Sqlite Bug Report!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > When I compile sqlite3 in VC++6.0, it does not work, but in VS2010 it > can work. http://www.beiww.com/doc/oss/smart-questions.html Roger -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk9Q/kIACgkQmOOfHg372QTAsQCgz126gE6l6fJPFolDA7CROFhi EhQAnidLD7eg4Zgh9Iyfo9iFJnKGJY4W =IICY -END PGP SIGNATURE- ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite bug report - large databases only - 'database or disk is full'
Apologies for not answering earlier, I* was away. I've never used Process Monitor - the whole setup you describing is new to me - but I will try to do something about it in the coming week. It has to be a background project for me - I do not use SQLite in production. -Original Message- From: Filip Navara <filip.nav...@gmail.com> To: General Discussion of SQLite Database <sqlite-users@sqlite.org> Sent: Thu, Dec 10, 2009 1:35 am Subject: Re: [sqlite] SQLite bug report - large databases only - 'database or disk is full' On Mon, Dec 7, 2009 at 10:21 PM, <p...@mail.com> wrote: SQLite bug report Summary: -- error message: Error: near line 2: database or disk is full It happens with plenty of disk space available and with 'unlimited' database ize. It does not happen on all systems. It does not happen on small databases. I run your scripts with SQLite 3.6.21 on Windows 7 64-bit on NTFS rive and unfortunately I run out of disk space before the problem anifested. Would it be possible for you to setup Process Monitor with ilter on the database path (just the path, so both journal and the ain database file are in the log) and history depth set to 1 million the lowest value) and then capture the file accesses during the run f the reproduction scripts? It is possible to save and export the ata then for further analysis and hopefully it will give a clue on hy it happens. Best regards, ilip Navara __ qlite-users mailing list qlite-us...@sqlite.org ttp://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite bug report - large databases only - 'database or disk is full'
On Mon, Dec 7, 2009 at 10:21 PM,wrote: > > SQLite bug report > > Summary: > -- > > error message: > > Error: near line 2: database or disk is full > > It happens with plenty of disk space available and with 'unlimited' database > size. > It does not happen on all systems. It does not happen on small databases. > I run your scripts with SQLite 3.6.21 on Windows 7 64-bit on NTFS drive and unfortunately I run out of disk space before the problem manifested. Would it be possible for you to setup Process Monitor with filter on the database path (just the path, so both journal and the main database file are in the log) and history depth set to 1 million (the lowest value) and then capture the file accesses during the run of the reproduction scripts? It is possible to save and export the data then for further analysis and hopefully it will give a clue on why it happens. Best regards, Filip Navara ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite bug report - large databases only - 'database or disk is full'
On Mon, Dec 7, 2009 at 10:21 PM,wrote: > > SQLite bug report > > Summary: > -- > > error message: > > Error: near line 2: database or disk is full > > It happens with plenty of disk space available and with 'unlimited' database > size. > It does not happen on all systems. It does not happen on small databases. > > > Details: > -- > > > The error occurs on > - windows server 2003 SP2 64bit, windows server 2009 64bit > - windows vista, windows 7 rc1, windows 7 - all 64-bit > > The error does _not_ occur on > - windows server 2003 SP2 32bit, windows xp sp3 32 bit Just a short note, we experience very similar problem with our program and the symptoms match exactly. So far we were unable to reproduce it reliably on our systems, but we have plenty of bug reports from production systems. I will post more details soon. Our database files have page size 4Kb and all of the affected systems are running Windows. We use incremental vacuum mode and the file sizes are commonly over 1 Gb large, file system is NTFS (afaik). Best regards, Filip Navara ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users