Extra defense against problems following an OOM. dbsqlfuzz find. Also import the latest dbsqlfuzz test cases. FossilOrigin-Name: 0a70f5ddaf3567f335cc0fd0fcd5303e2afb5e38a6388faddf5cab1f2a74e3dd

commit: 4eac5f04ab996fc5bf262edfcead84bc4e8a3ccb [log] [tgz]
author: drh <drh@noemail.net> Tue Dec 24 15:01:17 2019 +0000
committer: drh <drh@noemail.net> Tue Dec 24 15:01:17 2019 +0000
tree: 465d52b9c766fde176c5cd5655ab2f0796fc7a42
parent: c26e78d275134213fa35956b969efa9d5834a664 [diff] [blame]
diff --git a/src/expr.c b/src/expr.c
index 617fcf0..601574e 100644
--- a/src/expr.c
+++ b/src/expr.c

@@ -2207,7 +2207,9 @@
     case TK_COLUMN:
       return ExprHasProperty(p, EP_CanBeNull) ||
              p->y.pTab==0 ||  /* Reference to column of index on expression */
-             (p->iColumn>=0 && p->y.pTab->aCol[p->iColumn].notNull==0);
+             (p->iColumn>=0
+              && ALWAYS(p->y.pTab->aCol!=0) /* Defense against OOM problems */
+              && p->y.pTab->aCol[p->iColumn].notNull==0);
     default:
       return 1;
   }
@@ -3224,6 +3226,7 @@
   }else{
     destStep2 = destStep6 = sqlite3VdbeMakeLabel(pParse);
   }
+  if( pParse->nErr ) goto sqlite3ExprCodeIN_finished;
   for(i=0; i<nVector; i++){
     Expr *p = sqlite3VectorFieldSubexpr(pExpr->pLeft, i);
     if( sqlite3ExprCanBeNull(p) ){
commit	4eac5f04ab996fc5bf262edfcead84bc4e8a3ccb	[log] [tgz]
author	drh <drh@noemail.net>	Tue Dec 24 15:01:17 2019 +0000
committer	drh <drh@noemail.net>	Tue Dec 24 15:01:17 2019 +0000
tree	465d52b9c766fde176c5cd5655ab2f0796fc7a42
parent	c26e78d275134213fa35956b969efa9d5834a664 [diff] [blame]