On 7/23/15, Viktor Jancik <vjancik at redhat.com> wrote: > Hi, I am trying to create a patch for sqlite in RHEL6 to backport a security > fix: > https://www.sqlite.org/src/info/aeca95ac77f6f320 > > That is to sqlite version 3.6.20, and I can't understand why the expected > result of do_test printf-1.17.4 is /.*/
The result of mprintf in that test case is undefined. The test is merely to show that the hostile input does not cause an assertion fault or trigger a run-time error detectable using valgrind or -fsanitize=undefined or -fsanitized=memory. -- D. Richard Hipp drh at sqlite.org
