| From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 |
| From: Victor Costan <pwnall@chromium.org> |
| Date: Fri, 11 Jan 2019 04:21:21 -0800 |
| Subject: [PATCH 14/17] Fix another problem found by Matthew Denton's new |
| fuzzer. |
| |
| This backports https://sqlite.org/src/info/2b690dbdffe144bd |
| |
| Bug: 911253 |
| --- |
| third_party/sqlite/src/src/expr.c | 6 +++--- |
| 1 file changed, 3 insertions(+), 3 deletions(-) |
| |
| diff --git a/third_party/sqlite/src/src/expr.c b/third_party/sqlite/src/src/expr.c |
| index 05c9521b2030..c61528288baf 100644 |
| --- a/third_party/sqlite/src/src/expr.c |
| +++ b/third_party/sqlite/src/src/expr.c |
| @@ -141,8 +141,8 @@ CollSeq *sqlite3ExprCollSeq(Parse *pParse, Expr *pExpr){ |
| while( p ){ |
| int op = p->op; |
| if( p->flags & EP_Generic ) break; |
| - if( (op==TK_AGG_COLUMN || op==TK_COLUMN |
| - || op==TK_REGISTER || op==TK_TRIGGER) |
| + if( op==TK_REGISTER ) op = p->op2; |
| + if( (op==TK_AGG_COLUMN || op==TK_COLUMN || op==TK_TRIGGER) |
| && p->y.pTab!=0 |
| ){ |
| /* op==TK_REGISTER && p->y.pTab!=0 happens when pExpr was originally |
| @@ -158,7 +158,7 @@ CollSeq *sqlite3ExprCollSeq(Parse *pParse, Expr *pExpr){ |
| p = p->pLeft; |
| continue; |
| } |
| - if( op==TK_COLLATE || (op==TK_REGISTER && p->op2==TK_COLLATE) ){ |
| + if( op==TK_COLLATE ){ |
| pColl = sqlite3GetCollSeq(pParse, ENC(db), 0, p->u.zToken); |
| break; |
| } |
| -- |
| 2.18.0 |
| |
