[email protected]
________________________________
From: Hegde, Deepakakumar (D.)
Sent: Tuesday, November 13, 2018 3:48 PM
To: 'SQLite mailing list'; General Discussion of SQLite Database
Subject: Sqlite Crash in sqlite3DbMallocRawNN.
Hi All,
We are facing a problem in which sqlite library function sqlite3DbMallocRawNN()
is getting crashed inside the sqlite3_prepare_v2() function to prepare the
statement.
As per the analysis "n" value input to this seems to have a big value causing
the crash. checked the input value to sqlite3_prepare_v2() and this seems fine.
input query statement is well within the max size allocated for the buffer.
Sqlite version in use: 3.16.1
Checked the internet for this specific function crash and can see some reported
this. but could not find any solution particular to this. Please can I know is
this issue is reported before and is there any counter measure any any of the
higher version?
Also it will be helpful anyone point out any error in the input causing this
issue.
Also this issue is seen only once and not able to see the issue again.
coredump back trace:
(gdb) bt
#0 sqlite3DbMallocRawNN (db=db@entry=0x1dea20, n=176093659143) at
/workspace/workspace/Trigger-Build-Host_Job/host/yunos6.0/third_party/sqlite/sqlite3.c:24732
#1 0xa49ad05a in sqlite3DbStrNDup (db=db@entry=0x1dea20,
z=0x26c981
"SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
VIDEO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
IMAGE UNION SELECT ID,SORTID,NAME,OBJECT_FORMAT,8 AS CONTENT_TYPE
,STRFRMT,PPID,3 as is_invalid,0 AS FILESIZE FROM PLAYLIST) AS TEMP WHERE
Content_Type &1 AND PPID=2", n=<optimized out>)
at
/workspace/workspace/Trigger-Build-Host_Job/host/yunos6.0/third_party/sqlite/sqlite3.c:24834
#2 0xa49eceba in sqlite3ExprListSetSpan (pParse=<optimized out>,
pSpan=<optimized out>, pSpan=<optimized out>, pList=<optimized out>)
at
/workspace/workspace/Trigger-Build-Host_Job/host/yunos6.0/third_party/sqlite/sqlite3.c:91967
#3 yy_reduce (yyruleno=92, yypParser=0xa0de4b00) at
/workspace/workspace/Trigger-Build-Host_Job/host/yunos6.0/third_party/sqlite/sqlite3.c:5598
#4 sqlite3Parser (pParse=<optimized out>, yyminor=..., yymajor=7,
yymajor@entry=-1596044280, yyp=<optimized out>)
at
/workspace/workspace/Trigger-Build-Host_Job/host/yunos6.0/third_party/sqlite/sqlite3.c:6592
#5 sqlite3RunParser (pParse=pParse@entry=0x9d3fdce4,
zSql=zSql@entry=0x26c8f8 "SELECT COUNT(TEMP.ID) FROM (SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
AUDIO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
VIDEO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
IMAGE UNION SELECT ID,SORTID,NAME,OBJECT_FORMAT,8 AS CONTENT_TYPE
,STRFRMT,PPID,3 as is_invalid,0 AS FILESIZE FROM PLAYLIST) AS TEMP WHERE
Content_Type &1 AND PPID=2", pzErrMsg=pzErrMsg@entry=0x9d3fdcdc)
at
/workspace/workspace/Trigger-Build-Host_Job/host/yunos6.0/third_party/sqlite/sqlite3.c:7538
#6 0xa49f08cc in sqlite3Prepare (db=db@entry=0x1dea20,
zSql=zSql@entry=0x26c8f8 "SELECT COUNT(TEMP.ID) FROM (SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
AUDIO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
VIDEO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
IMAGE UNION SELECT ID,SORTID,NAME,OBJECT_FORMAT,8 AS CONTENT_TYPE
,STRFRMT,PPID,3 as is_invalid,0 AS FILESIZE FROM PLAYLIST) AS TEMP WHERE
Content_Type &1 AND PPID=2", nBytes=nBytes@entry=-1,
saveSqlFlag=saveSqlFlag@entry=1, pReprepare=pReprepare@entry=0x0,
ppStmt=ppStmt@entry=0x25cf00, pzTail=pzTail@entry=0x0) at
/workspace/workspace/Trigger-Build-Host_Job/host/yunos6.0/third_party/sqlite/sqlite3.c:115300
#7 0xa49f0bee in sqlite3LockAndPrepare (db=0x1dea20,
zSql=0x26c8f8 "SELECT COUNT(TEMP.ID) FROM (SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
AUDIO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
VIDEO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
IMAGE UNION SELECT ID,SORTID,NAME,OBJECT_FORMAT,8 AS CONTENT_TYPE
,STRFRMT,PPID,3 as is_invalid,0 AS FILESIZE FROM PLAYLIST) AS TEMP WHERE
Content_Type &1 AND PPID=2", nBytes=-1, saveSqlFlag=1, pOld=0x0,
ppStmt=0x25cf00, pzTail=0x0)
at
/workspace/workspace/Trigger-Build-Host_Job/host/yunos6.0/third_party/sqlite/sqlite3.c:115391
#8 0xa49f0db4 in sqlite3_prepare_v2 (db=db@entry=0x1dea20,
zSql=zSql@entry=0x26c8f8 "SELECT COUNT(TEMP.ID) FROM (SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
AUDIO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
VIDEO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
IMAGE UNION SELECT ID,SORTID,NAME,OBJECT_FORMAT,8 AS CONTENT_TYPE
,STRFRMT,PPID,3 as is_invalid,0 AS FILESIZE FROM PLAYLIST) AS TEMP WHERE
Content_Type &1 AND PPID=2", nBytes=nBytes@entry=-1,
ppStmt=ppStmt@entry=0x25cf00, pzTail=pzTail@entry=0x0)
at
/workspace/workspace/Trigger-Build-Host_Job/host/yunos6.0/third_party/sqlite/sqlite3.c:115467
#9 0xa4114462 in dbm_sqlite_get_integer_value
(psSqlite=psSqlite@entry=0x25cefc,
pcQuery=pcQuery@entry=0x26c8f8 "SELECT COUNT(TEMP.ID) FROM (SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
AUDIO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
VIDEO UNION SELECT
ID,SORTID,NAME,Object_Format,Content_Type,STRFRMT,PPID,is_invalid,FILESIZE FROM
IMAGE UNION SELECT ID,SORTID,NAME,OBJECT_FORMAT,8 AS CONTENT_TYPE
,STRFRMT,PPID,3 as is_invalid,0 AS FILESIZE FROM PLAYLIST) AS TEMP WHERE
Content_Type &1 AND PPID=2", puiReturnCount=puiReturnCount@entry=0x26e100) at
src/race_dbm_common.c:5044
#10 0xa42364fa in race_dbm_query_get_num_entries (uiDBMHandle=2477816,
uiQueryHandle=2539768, puiNumEntries=0x9d3fe838) at
src/race_dbm_interface.c:10289
Thanks and Regards
Deepak
_______________________________________________
sqlite-users mailing list
[email protected]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
