Subsystem: Shell
Title: Incorrect handling of some BLOBs.
Type: Code_Defect
Severity: Important
Priority: Unknown
Affected: All SQLite versions containing output_hex_blob() up to 3.7.9.
Environment: Tested on various FreeBSD 8.x versions, both i386 and amd64.
Probably, other operating systems would be affected as well.
How-to-reproduce: Obtain FreeBSD and install sqlite3 by some of the standard
ways (from a package, port, etc.). Then see screenshot (shell output indented
for clarity):
$ sqlite3 /tmp/db.tmp
SQLite version 3.7.9 2011-11-01 00:52:41
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> create table t(v blob);
sqlite> insert into t values(X'0123456789');
sqlite> .mode insert
sqlite> select * from t;
INSERT INTO table VALUES(X'01234567ffffff89');
sqlite>
Description: In some circumstances (for example, when .mode insert is set
and select results contain BLOBs) the shell calls internal function
output_hex_blob(). This function uses wrong data types which could result
in an implicit sign extension and thus data corruption.
Suggested-fix: Following patch helps. Perhaps there might be better solution,
such as reimplementing of the necessary fprintf(3) functionality without
relying on the operation system libraries.
--- src/shell.c.orig 2011-11-01 16:31:18.000000000 +0400
+++ src/shell.c 2011-11-10 22:45:11.000000000 +0400
@@ -490,7 +490,7 @@
*/
static void output_hex_blob(FILE *out, const void *pBlob, int nBlob){
int i;
- char *zBlob = (char *)pBlob;
+ unsigned char *zBlob = (unsigned char *)pBlob;
fprintf(out,"X'");
for(i=0; i<nBlob; i++){ fprintf(out,"%02x",zBlob[i]); }
fprintf(out,"'");
Comment: 1. Thanks for the code clarity and straightforwardness. It was rather
easy to trace this bug (once it has been encountered) even for non-programmer.
2. There are quite a few of other places in the code where signed datatypes
are used to store semantically non-negative data. I can't judge whether these
are just mistakes or some policy.
_______________________________________________
sqlite-users mailing list
[email protected]
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
