On 10/06/2017 11:58 PM, Richard Hipp wrote:
On 10/6/17, Jens Alfke <j...@mooseyard.com> wrote:
Thanks for posting this — my adaptation of that sample code in my project
had the same bug.
I’m not sure how the SQL in your application gets generated, but if you
allow untrusted SQL, it’s still possible to create a query that can cause
the rank function to crash.
We (developers) have already made a note to update the code example in
the documentation to include lots of validity checking on the
matchinfo() blob.
New version on the draft website here:
http://sqlite.org/draft/fts3.html#appendix_a
Any further bug reports or feedback welcome!
Dan.
_______________________________________________
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
