From 1986c6384122947b10804cbc5c4d7af85e097404 Mon Sep 17 00:00:00 2001

From: Ondrej Dubaj <odubaj@redhat.com>

Date: Mon, 20 Jan 2020 10:09:55 +0100

Subject: [PATCH] Fix the zipfile extension so that INSERT works even if the

 pathname of

the file being inserted is a NULL.  Bug discovered by the

Yongheng and Rui fuzzer.

---

 ext/misc/zipfile.c |  1 +

 test/zipfile.test  | 13 +++++++++++++

 2 files changed, 14 insertions(+)

diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c

index e57dc38..6f48d0f 100644

--- a/ext/misc/zipfile.c

+++ b/ext/misc/zipfile.c

@@ -1618,6 +1618,7 @@ static int zipfileUpdate(

     if( rc==SQLITE_OK ){

       zPath = (const char*)sqlite3_value_text(apVal[2]);

+      if( zPath==0 ) zPath = "";

       nPath = (int)strlen(zPath);

       mTime = zipfileGetTime(apVal[4]);

     }

diff --git a/test/zipfile.test b/test/zipfile.test

index 2bab066..5bca10b 100644

--- a/test/zipfile.test

+++ b/test/zipfile.test

@@ -795,4 +795,17 @@ if {$tcl_platform(platform)!="windows"} {

   } {. ./x1.txt ./x2.txt}

 }

+# 2019-12-18 Yongheng and Rui fuzzer

+#

+do_execsql_test 13.10 {

+  DROP TABLE IF EXISTS t0;

+  DROP TABLE IF EXISTS t1;

+  CREATE TABLE t0(a,b,c,d,e,f,g);

+  REPLACE INTO t0(c,b,f) VALUES(10,10,10);

+  CREATE VIRTUAL TABLE t1 USING zipfile('h.zip');

+  REPLACE INTO t1 SELECT * FROM t0;

+  SELECT quote(name),quote(mode),quote(mtime),quote(sz),quote(rawdata),

+         quote(data),quote(method) FROM t1;

+} {'' 10 10 2 X'3130' X'3130' 0}

+

 finish_test

-- 

2.19.1