Home | History | Annotate | Download | only in sqlite 
      1 http://crbug.com/178677 refers to potential buffer overruns in ASAN
      2 due to memcmp() being used instead of strcmp() in SQLite.  Reported to
      3 SQLite team, resulting in http://www.sqlite.org/src/info/d73435587b .
      4 This was backported into Chromium's version of SQLite, then this file
      5 was generated using:
      6   git diff --relative=third_party/sqlite/src --src-prefix='' --dst-prefix='' > third_party/sqlite/memcmp.patch
      7 
      8 
      9 diff --git src/analyze.c src/analyze.c
     10 index 17c1de8..2444e74 100644
     11 --- src/analyze.c
     12 +++ src/analyze.c
     13 @@ -142,7 +142,7 @@ static void analyzeOneTable(
     14      /* Do not gather statistics on views or virtual tables */
     15      return;
     16    }
     17 -  if( memcmp(pTab->zName, "sqlite_", 7)==0 ){
     18 +  if( sqlite3_strnicmp(pTab->zName, "sqlite_", 7)==0 ){
     19      /* Do not gather statistics on system tables */
     20      return;
     21    }
     22 @@ -548,7 +548,7 @@ static int analysisLoader(void *pData, int argc, char **argv, char **NotUsed){
     23      if( pIndex==0 ) break;
     24      pIndex->aiRowEst[i] = v;
     25      if( *z==' ' ) z++;
     26 -    if( memcmp(z, "unordered", 10)==0 ){
     27 +    if( strcmp(z, "unordered")==0 ){
     28        pIndex->bUnordered = 1;
     29        break;
     30      }
     31 diff --git src/build.c src/build.c
     32 index 323a616..4f4f8ed 100644
     33 --- src/build.c
     34 +++ src/build.c
     35 @@ -2480,7 +2480,7 @@ Index *sqlite3CreateIndex(
     36    assert( pTab!=0 );
     37    assert( pParse->nErr==0 );
     38    if( sqlite3StrNICmp(pTab->zName, "sqlite_", 7)==0 
     39 -       && memcmp(&pTab->zName[7],"altertab_",9)!=0 ){
     40 +       && sqlite3StrNICmp(&pTab->zName[7],"altertab_",9)!=0 ){
     41      sqlite3ErrorMsg(pParse, "table %s may not be indexed", pTab->zName);
     42      goto exit_create_index;
     43    }
     44 diff --git src/expr.c src/expr.c
     45 index 2699ae1..9d1193b 100644
     46 --- src/expr.c
     47 +++ src/expr.c
     48 @@ -578,12 +578,10 @@ void sqlite3ExprAssignVarNumber(Parse *pParse, Expr *pExpr){
     49      ** has never appeared before, reuse the same variable number
     50      */
     51      int i;
     52 -    u32 n;
     53 -    n = sqlite3Strlen30(z);
     54      for(i=0; i<pParse->nVarExpr; i++){
     55        Expr *pE = pParse->apVarExpr[i];
     56        assert( pE!=0 );
     57 -      if( memcmp(pE->u.zToken, z, n)==0 && pE->u.zToken[n]==0 ){
     58 +      if( strcmp(pE->u.zToken, z)==0 ){
     59          pExpr->iColumn = pE->iColumn;
     60          break;
     61        }
     62 diff --git src/os_unix.c src/os_unix.c
     63 index 804c588..77ffd8a 100644
     64 --- src/os_unix.c
     65 +++ src/os_unix.c
     66 @@ -4506,7 +4506,7 @@ int fillInUnixFile(
     67    OSTRACE(("OPEN    %-3d %s\n", h, zFilename));
     68    pNew->h = h;
     69    pNew->zPath = zFilename;
     70 -  if( memcmp(pVfs->zName,"unix-excl",10)==0 ){
     71 +  if( strcmp(pVfs->zName,"unix-excl")==0 ){
     72      pNew->ctrlFlags = UNIXFILE_EXCL;
     73    }else{
     74      pNew->ctrlFlags = 0;
     75 diff --git src/vdbeapi.c src/vdbeapi.c
     76 index 90baacc..80ceb9f 100644
     77 --- src/vdbeapi.c
     78 +++ src/vdbeapi.c
     79 @@ -1222,7 +1222,7 @@ int sqlite3VdbeParameterIndex(Vdbe *p, const char *zName, int nName){
     80    if( zName ){
     81      for(i=0; i<p->nVar; i++){
     82        const char *z = p->azVar[i];
     83 -      if( z && memcmp(z,zName,nName)==0 && z[nName]==0 ){
     84 +      if( z && strncmp(z,zName,nName)==0 && z[nName]==0 ){
     85          return i+1;
     86        }
     87      }
     88