Fix three crash problems discovered by afl-fuzz.
Ticket [a59ae93ee990a55].
FossilOrigin-Name: fe5788633131281a0f27c5b75993ce2ff958bfeb
diff --git a/src/expr.c b/src/expr.c
index 817975a..32adedf 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -515,7 +515,7 @@
const Token *pToken /* Argument token */
){
Expr *p;
- if( op==TK_AND && pLeft && pRight ){
+ if( op==TK_AND && pLeft && pRight && pParse->nErr==0 ){
/* Take advantage of short-circuit false optimization for AND */
p = sqlite3ExprAnd(pParse->db, pLeft, pRight);
}else{
@@ -4069,10 +4069,11 @@
int i;
struct SrcCount *p = pWalker->u.pSrcCount;
SrcList *pSrc = p->pSrc;
- for(i=0; i<pSrc->nSrc; i++){
+ int nSrc = pSrc ? pSrc->nSrc : 0;
+ for(i=0; i<nSrc; i++){
if( pExpr->iTable==pSrc->a[i].iCursor ) break;
}
- if( i<pSrc->nSrc ){
+ if( i<nSrc ){
p->nThis++;
}else{
p->nOther++;