Fossil SCM

Merged in trunk for SSL improvements and deployment to test server.

stephan 2021-06-15 03:00 chat-user-last-seen merge

Commit 422323618ecbba813c0d04882730d4619b6305caabba2e6c11c134e53e3f7427

Parent c7ee6f4ef19a3b1…

13 files changed +4 -1 +13 +13 +34 -1 +4 +4 +14 -3 +5 -1 +6 -6 +147 -80 +1 -1 +23 -2 +15 -4

~ skins/xekri/css.txt ~ src/chat.js ~ src/chat.js ~ src/db.c ~ src/default.css ~ src/default.css ~ src/http_ssl.c ~ src/report.c ~ src/shell.c ~ src/sqlite3.c ~ src/sqlite3.h ~ src/tkt.c ~ www/changes.wiki

M skins/xekri/css.txt

+4 -1

		--- skins/xekri/css.txt
		+++ skins/xekri/css.txt
		@@ -1124,11 +1124,14 @@
1124	1124	.fossil-PopupWidget,
1125	1125	.fossil-tooltip.help-buttonlet-content {
1126	1126	background-color: #111;
1127	1127	border: 1px solid rgba(255,255,255,0.5);
1128	1128	}
1129		-
	1129	+.fossil-PopupWidget a,
	1130	+.fossil-PopupWidget a:visited {
	1131	+ color: white;
	1132	+}
1130	1133	div.forumSel {
1131	1134	background-color: #663399;
1132	1135	}
1133	1136	div.forumPostBody blockquote {
1134	1137	border-width: 1pt;
1135	1138

	--- skins/xekri/css.txt
	+++ skins/xekri/css.txt
	@@ -1124,11 +1124,14 @@
1124	.fossil-PopupWidget,
1125	.fossil-tooltip.help-buttonlet-content {
1126	background-color: #111;
1127	border: 1px solid rgba(255,255,255,0.5);
1128	}
1129



1130	div.forumSel {
1131	background-color: #663399;
1132	}
1133	div.forumPostBody blockquote {
1134	border-width: 1pt;
1135

	--- skins/xekri/css.txt
	+++ skins/xekri/css.txt
	@@ -1124,11 +1124,14 @@
1124	.fossil-PopupWidget,
1125	.fossil-tooltip.help-buttonlet-content {
1126	background-color: #111;
1127	border: 1px solid rgba(255,255,255,0.5);
1128	}
1129	.fossil-PopupWidget a,
1130	.fossil-PopupWidget a:visited {
1131	color: white;
1132	}
1133	div.forumSel {
1134	background-color: #663399;
1135	}
1136	div.forumPostBody blockquote {
1137	border-width: 1pt;
1138

M src/chat.js

+13

		--- src/chat.js
		+++ src/chat.js
		@@ -785,10 +785,23 @@
785	785	btnDeleteGlobal.addEventListener('click', function(){
786	786	self.hide();
787	787	Chat.deleteMessage(eMsg);
788	788	});
789	789	}
	790	+ if(eMsg.dataset.xfrom){
	791	+ /* Add a link to the /timeline filtered on this user. */
	792	+ const toolbar2 = D.addClass(D.div(), 'toolbar');
	793	+ D.append(this.e, toolbar2);
	794	+ const timelineLink = D.attr(
	795	+ D.a(F.repoUrl('timeline',{
	796	+ u: eMsg.dataset.xfrom,
	797	+ y: 'a'
	798	+ }), "User's Timeline"),
	799	+ 'target', '_blank'
	800	+ );
	801	+ D.append(toolbar2, timelineLink);
	802	+ }
790	803	}/refresh()/
791	804	});
792	805	f.popup.installHideHandlers();
793	806	f.popup.hide = function(){
794	807	delete this._eMsg;
795	808

	--- src/chat.js
	+++ src/chat.js
	@@ -785,10 +785,23 @@
785	btnDeleteGlobal.addEventListener('click', function(){
786	self.hide();
787	Chat.deleteMessage(eMsg);
788	});
789	}













790	}/refresh()/
791	});
792	f.popup.installHideHandlers();
793	f.popup.hide = function(){
794	delete this._eMsg;
795

	--- src/chat.js
	+++ src/chat.js
	@@ -785,10 +785,23 @@
785	btnDeleteGlobal.addEventListener('click', function(){
786	self.hide();
787	Chat.deleteMessage(eMsg);
788	});
789	}
790	if(eMsg.dataset.xfrom){
791	/* Add a link to the /timeline filtered on this user. */
792	const toolbar2 = D.addClass(D.div(), 'toolbar');
793	D.append(this.e, toolbar2);
794	const timelineLink = D.attr(
795	D.a(F.repoUrl('timeline',{
796	u: eMsg.dataset.xfrom,
797	y: 'a'
798	}), "User's Timeline"),
799	'target', '_blank'
800	);
801	D.append(toolbar2, timelineLink);
802	}
803	}/refresh()/
804	});
805	f.popup.installHideHandlers();
806	f.popup.hide = function(){
807	delete this._eMsg;
808

M src/chat.js

+13

		--- src/chat.js
		+++ src/chat.js
		@@ -785,10 +785,23 @@
785	785	btnDeleteGlobal.addEventListener('click', function(){
786	786	self.hide();
787	787	Chat.deleteMessage(eMsg);
788	788	});
789	789	}
	790	+ if(eMsg.dataset.xfrom){
	791	+ /* Add a link to the /timeline filtered on this user. */
	792	+ const toolbar2 = D.addClass(D.div(), 'toolbar');
	793	+ D.append(this.e, toolbar2);
	794	+ const timelineLink = D.attr(
	795	+ D.a(F.repoUrl('timeline',{
	796	+ u: eMsg.dataset.xfrom,
	797	+ y: 'a'
	798	+ }), "User's Timeline"),
	799	+ 'target', '_blank'
	800	+ );
	801	+ D.append(toolbar2, timelineLink);
	802	+ }
790	803	}/refresh()/
791	804	});
792	805	f.popup.installHideHandlers();
793	806	f.popup.hide = function(){
794	807	delete this._eMsg;
795	808

	--- src/chat.js
	+++ src/chat.js
	@@ -785,10 +785,23 @@
785	btnDeleteGlobal.addEventListener('click', function(){
786	self.hide();
787	Chat.deleteMessage(eMsg);
788	});
789	}













790	}/refresh()/
791	});
792	f.popup.installHideHandlers();
793	f.popup.hide = function(){
794	delete this._eMsg;
795

	--- src/chat.js
	+++ src/chat.js
	@@ -785,10 +785,23 @@
785	btnDeleteGlobal.addEventListener('click', function(){
786	self.hide();
787	Chat.deleteMessage(eMsg);
788	});
789	}
790	if(eMsg.dataset.xfrom){
791	/* Add a link to the /timeline filtered on this user. */
792	const toolbar2 = D.addClass(D.div(), 'toolbar');
793	D.append(this.e, toolbar2);
794	const timelineLink = D.attr(
795	D.a(F.repoUrl('timeline',{
796	u: eMsg.dataset.xfrom,
797	y: 'a'
798	}), "User's Timeline"),
799	'target', '_blank'
800	);
801	D.append(toolbar2, timelineLink);
802	}
803	}/refresh()/
804	});
805	f.popup.installHideHandlers();
806	f.popup.hide = function(){
807	delete this._eMsg;
808

M src/db.c

+34 -1

		--- src/db.c
		+++ src/db.c
		@@ -864,23 +864,56 @@
864	864	db_exec(&err);
865	865	}
866	866
867	867	/*
868	868	** COMMAND: test-db-prepare
869		-** Usage: %fossil test-db-prepare ?OPTIONS? SQL
	869	+** Usage: %fossil test-db-prepare ?OPTIONS? SQL-STATEMENT
	870	+**
	871	+** Options:
	872	+**
	873	+** --auth-report Enable the ticket report query authorizer.
	874	+** --auth-ticket Enable the ticket schema query authorizer.
870	875	**
871	876	** Invoke db_prepare() on the SQL input. Report any errors encountered.
872	877	** This command is used to verify error detection logic in the db_prepare()
873	878	** utility routine.
874	879	*/
875	880	void db_test_db_prepare(void){
	881	+ const int fAuthReport = find_option("auth-report",0,0)!=0;
	882	+ const int fAuthSchema = find_option("auth-ticket",0,0)!=0;
	883	+ const int fAuth = fAuthReport + fAuthSchema;
	884	+ char * zReportErr = 0; /* auth-report error string. */
	885	+ int nSchemaErr = 0; /* Number of auth-ticket errors. */
876	886	Stmt err;
	887	+
	888	+ if(fAuth>1){
	889	+ fossil_fatal("Only one of --auth-report or --auth-ticket "
	890	+ "may be used.");
	891	+ }
877	892	db_find_and_open_repository(0,0);
878	893	verify_all_options();
879	894	if( g.argc!=3 ) usage("?OPTIONS? SQL");
	895	+ if(fAuthReport){
	896	+ report_restrict_sql(&zReportErr);
	897	+ }else if(fAuthSchema){
	898	+ ticket_restrict_sql(&nSchemaErr);
	899	+ }
880	900	db_prepare(&err, "%s", g.argv[2]/safe-for-%s/);
881	901	db_finalize(&err);
	902	+ if(fAuthReport){
	903	+ report_unrestrict_sql();
	904	+ if(zReportErr){
	905	+ fossil_warning("Report authorizer error: %s\n", zReportErr);
	906	+ fossil_free(zReportErr);
	907	+ }
	908	+ }else if(fAuthSchema){
	909	+ ticket_unrestrict_sql();
	910	+ if(nSchemaErr){
	911	+ fossil_warning("Ticket schema authorizer error count: %d\n",
	912	+ nSchemaErr);
	913	+ }
	914	+ }
882	915	}
883	916
884	917	/*
885	918	** Print the output of one or more SQL queries on standard output.
886	919	** This routine is used for debugging purposes only.
887	920

	--- src/db.c
	+++ src/db.c
	@@ -864,23 +864,56 @@
864	db_exec(&err);
865	}
866
867	/*
868	** COMMAND: test-db-prepare
869	** Usage: %fossil test-db-prepare ?OPTIONS? SQL





870	**
871	** Invoke db_prepare() on the SQL input. Report any errors encountered.
872	** This command is used to verify error detection logic in the db_prepare()
873	** utility routine.
874	*/
875	void db_test_db_prepare(void){





876	Stmt err;





877	db_find_and_open_repository(0,0);
878	verify_all_options();
879	if( g.argc!=3 ) usage("?OPTIONS? SQL");





880	db_prepare(&err, "%s", g.argv[2]/safe-for-%s/);
881	db_finalize(&err);













882	}
883
884	/*
885	** Print the output of one or more SQL queries on standard output.
886	** This routine is used for debugging purposes only.
887

	--- src/db.c
	+++ src/db.c
	@@ -864,23 +864,56 @@
864	db_exec(&err);
865	}
866
867	/*
868	** COMMAND: test-db-prepare
869	** Usage: %fossil test-db-prepare ?OPTIONS? SQL-STATEMENT
870	**
871	** Options:
872	**
873	** --auth-report Enable the ticket report query authorizer.
874	** --auth-ticket Enable the ticket schema query authorizer.
875	**
876	** Invoke db_prepare() on the SQL input. Report any errors encountered.
877	** This command is used to verify error detection logic in the db_prepare()
878	** utility routine.
879	*/
880	void db_test_db_prepare(void){
881	const int fAuthReport = find_option("auth-report",0,0)!=0;
882	const int fAuthSchema = find_option("auth-ticket",0,0)!=0;
883	const int fAuth = fAuthReport + fAuthSchema;
884	char * zReportErr = 0; /* auth-report error string. */
885	int nSchemaErr = 0; /* Number of auth-ticket errors. */
886	Stmt err;
887
888	if(fAuth>1){
889	fossil_fatal("Only one of --auth-report or --auth-ticket "
890	"may be used.");
891	}
892	db_find_and_open_repository(0,0);
893	verify_all_options();
894	if( g.argc!=3 ) usage("?OPTIONS? SQL");
895	if(fAuthReport){
896	report_restrict_sql(&zReportErr);
897	}else if(fAuthSchema){
898	ticket_restrict_sql(&nSchemaErr);
899	}
900	db_prepare(&err, "%s", g.argv[2]/safe-for-%s/);
901	db_finalize(&err);
902	if(fAuthReport){
903	report_unrestrict_sql();
904	if(zReportErr){
905	fossil_warning("Report authorizer error: %s\n", zReportErr);
906	fossil_free(zReportErr);
907	}
908	}else if(fAuthSchema){
909	ticket_unrestrict_sql();
910	if(nSchemaErr){
911	fossil_warning("Ticket schema authorizer error count: %d\n",
912	nSchemaErr);
913	}
914	}
915	}
916
917	/*
918	** Print the output of one or more SQL queries on standard output.
919	** This routine is used for debugging purposes only.
920

M src/default.css

		--- src/default.css
		+++ src/default.css
		@@ -1287,10 +1287,14 @@
1287	1287	/* problem: if we inherit the color it may either be
1288	1288	transparent or inherit translucency via the
1289	1289	skin, leaving it unreadable. Since we set the bg
1290	1290	color we must also set the fg color. */;
1291	1291	color: rgba(235, 235, 235, 0.9);
	1292	+}
	1293	+.fossil-PopupWidget a,
	1294	+.fossil-PopupWidget a:visited {
	1295	+ color: initial;
1292	1296	}
1293	1297	.fossil-toast-message.error,
1294	1298	.fossil-toast-message.warning {
1295	1299	background: yellow;
1296	1300	}
1297	1301

	--- src/default.css
	+++ src/default.css
	@@ -1287,10 +1287,14 @@
1287	/* problem: if we inherit the color it may either be
1288	transparent or inherit translucency via the
1289	skin, leaving it unreadable. Since we set the bg
1290	color we must also set the fg color. */;
1291	color: rgba(235, 235, 235, 0.9);




1292	}
1293	.fossil-toast-message.error,
1294	.fossil-toast-message.warning {
1295	background: yellow;
1296	}
1297

	--- src/default.css
	+++ src/default.css
	@@ -1287,10 +1287,14 @@
1287	/* problem: if we inherit the color it may either be
1288	transparent or inherit translucency via the
1289	skin, leaving it unreadable. Since we set the bg
1290	color we must also set the fg color. */;
1291	color: rgba(235, 235, 235, 0.9);
1292	}
1293	.fossil-PopupWidget a,
1294	.fossil-PopupWidget a:visited {
1295	color: initial;
1296	}
1297	.fossil-toast-message.error,
1298	.fossil-toast-message.warning {
1299	background: yellow;
1300	}
1301

M src/default.css

		--- src/default.css
		+++ src/default.css
		@@ -1287,10 +1287,14 @@
1287	1287	/* problem: if we inherit the color it may either be
1288	1288	transparent or inherit translucency via the
1289	1289	skin, leaving it unreadable. Since we set the bg
1290	1290	color we must also set the fg color. */;
1291	1291	color: rgba(235, 235, 235, 0.9);
	1292	+}
	1293	+.fossil-PopupWidget a,
	1294	+.fossil-PopupWidget a:visited {
	1295	+ color: initial;
1292	1296	}
1293	1297	.fossil-toast-message.error,
1294	1298	.fossil-toast-message.warning {
1295	1299	background: yellow;
1296	1300	}
1297	1301

	--- src/default.css
	+++ src/default.css
	@@ -1287,10 +1287,14 @@
1287	/* problem: if we inherit the color it may either be
1288	transparent or inherit translucency via the
1289	skin, leaving it unreadable. Since we set the bg
1290	color we must also set the fg color. */;
1291	color: rgba(235, 235, 235, 0.9);




1292	}
1293	.fossil-toast-message.error,
1294	.fossil-toast-message.warning {
1295	background: yellow;
1296	}
1297

	--- src/default.css
	+++ src/default.css
	@@ -1287,10 +1287,14 @@
1287	/* problem: if we inherit the color it may either be
1288	transparent or inherit translucency via the
1289	skin, leaving it unreadable. Since we set the bg
1290	color we must also set the fg color. */;
1291	color: rgba(235, 235, 235, 0.9);
1292	}
1293	.fossil-PopupWidget a,
1294	.fossil-PopupWidget a:visited {
1295	color: initial;
1296	}
1297	.fossil-toast-message.error,
1298	.fossil-toast-message.warning {
1299	background: yellow;
1300	}
1301

M src/http_ssl.c

+14 -3

		--- src/http_ssl.c
		+++ src/http_ssl.c
		@@ -252,10 +252,11 @@
252	252	**
253	253	** Return the number of errors.
254	254	*/
255	255	int ssl_open(UrlData *pUrlData){
256	256	X509 *cert;
	257	+ const char *zRemoteHost;
257	258
258	259	ssl_global_init();
259	260	if( pUrlData->useProxy ){
260	261	int rc;
261	262	char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port);
		@@ -276,30 +277,40 @@
276	277
277	278	pUrlData->path = pUrlData->proxyUrlPath;
278	279
279	280	iBio = BIO_new_ssl(sslCtx, 1);
280	281	BIO_push(iBio, sBio);
	282	+ zRemoteHost = pUrlData->hostname;
281	283	}else{
282	284	iBio = BIO_new_ssl_connect(sslCtx);
	285	+ zRemoteHost = pUrlData->name;
283	286	}
284	287	if( iBio==NULL ) {
285	288	ssl_set_errmsg("SSL: cannot open SSL (%s)",
286	289	ERR_reason_error_string(ERR_get_error()));
287	290	return 1;
288	291	}
289	292	BIO_get_ssl(iBio, &ssl);
290	293
291	294	#if (SSLEAY_VERSION_NUMBER >= 0x00908070) && !defined(OPENSSL_NO_TLSEXT)
292		- if( !SSL_set_tlsext_host_name(ssl,
293		- (pUrlData->useProxy?pUrlData->hostname:pUrlData->name))
294		- ){
	295	+ if( !SSL_set_tlsext_host_name(ssl, zRemoteHost)){
295	296	fossil_warning("WARNING: failed to set server name indication (SNI), "
296	297	"continuing without it.\n");
297	298	}
298	299	#endif
299	300
300	301	SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
	302	+#if OPENSSL_VERSION_NUMBER >= 0x010002000
	303	+ if( !sslNoCertVerify ){
	304	+ X509_VERIFY_PARAM *param = 0;
	305	+ param = SSL_get0_param(ssl);
	306	+ if( !X509_VERIFY_PARAM_set1_host(param, zRemoteHost, strlen(zRemoteHost)) ){
	307	+ fossil_fatal("failed to set hostname.");
	308	+ }
	309	+ /* SSL_set_verify(ssl, SSL_VERIFY_PEER, 0); */
	310	+ }
	311	+#endif
301	312
302	313	if( !pUrlData->useProxy ){
303	314	char *connStr = mprintf("%s:%d", pUrlData->name, pUrlData->port);
304	315	BIO_set_conn_hostname(iBio, connStr);
305	316	free(connStr);
306	317

	--- src/http_ssl.c
	+++ src/http_ssl.c
	@@ -252,10 +252,11 @@
252	**
253	** Return the number of errors.
254	*/
255	int ssl_open(UrlData *pUrlData){
256	X509 *cert;

257
258	ssl_global_init();
259	if( pUrlData->useProxy ){
260	int rc;
261	char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port);
	@@ -276,30 +277,40 @@
276
277	pUrlData->path = pUrlData->proxyUrlPath;
278
279	iBio = BIO_new_ssl(sslCtx, 1);
280	BIO_push(iBio, sBio);

281	}else{
282	iBio = BIO_new_ssl_connect(sslCtx);

283	}
284	if( iBio==NULL ) {
285	ssl_set_errmsg("SSL: cannot open SSL (%s)",
286	ERR_reason_error_string(ERR_get_error()));
287	return 1;
288	}
289	BIO_get_ssl(iBio, &ssl);
290
291	#if (SSLEAY_VERSION_NUMBER >= 0x00908070) && !defined(OPENSSL_NO_TLSEXT)
292	if( !SSL_set_tlsext_host_name(ssl,
293	(pUrlData->useProxy?pUrlData->hostname:pUrlData->name))
294	){
295	fossil_warning("WARNING: failed to set server name indication (SNI), "
296	"continuing without it.\n");
297	}
298	#endif
299
300	SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);










301
302	if( !pUrlData->useProxy ){
303	char *connStr = mprintf("%s:%d", pUrlData->name, pUrlData->port);
304	BIO_set_conn_hostname(iBio, connStr);
305	free(connStr);
306

	--- src/http_ssl.c
	+++ src/http_ssl.c
	@@ -252,10 +252,11 @@
252	**
253	** Return the number of errors.
254	*/
255	int ssl_open(UrlData *pUrlData){
256	X509 *cert;
257	const char *zRemoteHost;
258
259	ssl_global_init();
260	if( pUrlData->useProxy ){
261	int rc;
262	char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port);
	@@ -276,30 +277,40 @@
277
278	pUrlData->path = pUrlData->proxyUrlPath;
279
280	iBio = BIO_new_ssl(sslCtx, 1);
281	BIO_push(iBio, sBio);
282	zRemoteHost = pUrlData->hostname;
283	}else{
284	iBio = BIO_new_ssl_connect(sslCtx);
285	zRemoteHost = pUrlData->name;
286	}
287	if( iBio==NULL ) {
288	ssl_set_errmsg("SSL: cannot open SSL (%s)",
289	ERR_reason_error_string(ERR_get_error()));
290	return 1;
291	}
292	BIO_get_ssl(iBio, &ssl);
293
294	#if (SSLEAY_VERSION_NUMBER >= 0x00908070) && !defined(OPENSSL_NO_TLSEXT)
295	if( !SSL_set_tlsext_host_name(ssl, zRemoteHost)){


296	fossil_warning("WARNING: failed to set server name indication (SNI), "
297	"continuing without it.\n");
298	}
299	#endif
300
301	SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
302	#if OPENSSL_VERSION_NUMBER >= 0x010002000
303	if( !sslNoCertVerify ){
304	X509_VERIFY_PARAM *param = 0;
305	param = SSL_get0_param(ssl);
306	if( !X509_VERIFY_PARAM_set1_host(param, zRemoteHost, strlen(zRemoteHost)) ){
307	fossil_fatal("failed to set hostname.");
308	}
309	/* SSL_set_verify(ssl, SSL_VERIFY_PEER, 0); */
310	}
311	#endif
312
313	if( !pUrlData->useProxy ){
314	char *connStr = mprintf("%s:%d", pUrlData->name, pUrlData->port);
315	BIO_set_conn_hostname(iBio, connStr);
316	free(connStr);
317

M src/report.c

+5 -1

		--- src/report.c
		+++ src/report.c
		@@ -161,10 +161,13 @@
161	161	/*
162	162	** This is the SQLite authorizer callback used to make sure that the
163	163	** SQL statements entered by users do not try to do anything untoward.
164	164	** If anything suspicious is tried, set (char*)pError to an error
165	165	** message obtained from malloc.
	166	+**
	167	+** Use the "fossil test-db-prepare --auth-report SQL" command to perform
	168	+** manual testing of this authorizer.
166	169	*/
167	170	static int report_query_authorizer(
168	171	void *pError,
169	172	int code,
170	173	const char *zArg1,
		@@ -240,11 +243,12 @@
240	243	}
241	244	return rc;
242	245	}
243	246
244	247	/*
245		-** Activate the query authorizer
	248	+** Activate the ticket report query authorizer. Must be followed by an
	249	+** eventual call to report_unrestrict_sql().
246	250	*/
247	251	void report_restrict_sql(char **pzErr){
248	252	db_set_authorizer(report_query_authorizer,(void*)pzErr,"Ticket-Report");
249	253	sqlite3_limit(g.db, SQLITE_LIMIT_VDBE_OP, 10000);
250	254	}
251	255

	--- src/report.c
	+++ src/report.c
	@@ -161,10 +161,13 @@
161	/*
162	** This is the SQLite authorizer callback used to make sure that the
163	** SQL statements entered by users do not try to do anything untoward.
164	** If anything suspicious is tried, set (char*)pError to an error
165	** message obtained from malloc.



166	*/
167	static int report_query_authorizer(
168	void *pError,
169	int code,
170	const char *zArg1,
	@@ -240,11 +243,12 @@
240	}
241	return rc;
242	}
243
244	/*
245	** Activate the query authorizer

246	*/
247	void report_restrict_sql(char **pzErr){
248	db_set_authorizer(report_query_authorizer,(void*)pzErr,"Ticket-Report");
249	sqlite3_limit(g.db, SQLITE_LIMIT_VDBE_OP, 10000);
250	}
251

	--- src/report.c
	+++ src/report.c
	@@ -161,10 +161,13 @@
161	/*
162	** This is the SQLite authorizer callback used to make sure that the
163	** SQL statements entered by users do not try to do anything untoward.
164	** If anything suspicious is tried, set (char*)pError to an error
165	** message obtained from malloc.
166	**
167	** Use the "fossil test-db-prepare --auth-report SQL" command to perform
168	** manual testing of this authorizer.
169	*/
170	static int report_query_authorizer(
171	void *pError,
172	int code,
173	const char *zArg1,
	@@ -240,11 +243,12 @@
243	}
244	return rc;
245	}
246
247	/*
248	** Activate the ticket report query authorizer. Must be followed by an
249	** eventual call to report_unrestrict_sql().
250	*/
251	void report_restrict_sql(char **pzErr){
252	db_set_authorizer(report_query_authorizer,(void*)pzErr,"Ticket-Report");
253	sqlite3_limit(g.db, SQLITE_LIMIT_VDBE_OP, 10000);
254	}
255

M src/shell.c

+6 -6

		--- src/shell.c
		+++ src/shell.c
		@@ -6204,11 +6204,11 @@
6204	6204	}
6205	6205	}
6206	6206	}
6207	6207	if( pRe->aOp[x]==RE_OP_CC_EXC ) hit = !hit;
6208	6208	if( hit ) re_add_state(pNext, x+n);
6209		- break;
	6209	+ break;
6210	6210	}
6211	6211	}
6212	6212	}
6213	6213	}
6214	6214	for(i=0; i<pNext->nState; i++){
		@@ -6365,11 +6365,11 @@
6365	6365	const char *zErr;
6366	6366	while( (c = p->xNextChar(&p->sIn))!=0 ){
6367	6367	iStart = p->nState;
6368	6368	switch( c ){
6369	6369	case '\|':
6370		- case '$':
	6370	+ case '$':
6371	6371	case ')': {
6372	6372	p->sIn.i--;
6373	6373	return 0;
6374	6374	}
6375	6375	case '(': {
		@@ -6381,11 +6381,11 @@
6381	6381	}
6382	6382	case '.': {
6383	6383	if( rePeek(p)=='*' ){
6384	6384	re_append(p, RE_OP_ANYSTAR, 0);
6385	6385	p->sIn.i++;
6386		- }else{
	6386	+ }else{
6387	6387	re_append(p, RE_OP_ANY, 0);
6388	6388	}
6389	6389	break;
6390	6390	}
6391	6391	case '*': {
		@@ -6590,12 +6590,12 @@
6590	6590	** A REGEXP B
6591	6591	**
6592	6592	** is implemented as regexp(B,A).
6593	6593	*/
6594	6594	static void re_sql_func(
6595		- sqlite3_context *context,
6596		- int argc,
	6595	+ sqlite3_context *context,
	6596	+ int argc,
6597	6597	sqlite3_value **argv
6598	6598	){
6599	6599	ReCompiled pRe; / Compiled regular expression */
6600	6600	const char zPattern; / The regular expression */
6601	6601	const unsigned char zStr;/ String being searched */
		@@ -14815,11 +14815,11 @@
14815	14815	" Examples:",
14816	14816	" .ar -cf ARCHIVE foo bar # Create ARCHIVE from files foo and bar",
14817	14817	" .ar -tf ARCHIVE # List members of ARCHIVE",
14818	14818	" .ar -xvf ARCHIVE # Verbosely extract files from ARCHIVE",
14819	14819	" See also:",
14820		- " http://sqlite.org/cli.html#sqlar_archive_support",
	14820	+ " http://sqlite.org/cli.html#sqlite_archive_support",
14821	14821	#endif
14822	14822	#ifndef SQLITE_OMIT_AUTHORIZATION
14823	14823	".auth ON\|OFF Show authorizer callbacks",
14824	14824	#endif
14825	14825	".backup ?DB? FILE Backup DB (default \"main\") to FILE",
14826	14826

	--- src/shell.c
	+++ src/shell.c
	@@ -6204,11 +6204,11 @@
6204	}
6205	}
6206	}
6207	if( pRe->aOp[x]==RE_OP_CC_EXC ) hit = !hit;
6208	if( hit ) re_add_state(pNext, x+n);
6209	break;
6210	}
6211	}
6212	}
6213	}
6214	for(i=0; i<pNext->nState; i++){
	@@ -6365,11 +6365,11 @@
6365	const char *zErr;
6366	while( (c = p->xNextChar(&p->sIn))!=0 ){
6367	iStart = p->nState;
6368	switch( c ){
6369	case '\|':
6370	case '$':
6371	case ')': {
6372	p->sIn.i--;
6373	return 0;
6374	}
6375	case '(': {
	@@ -6381,11 +6381,11 @@
6381	}
6382	case '.': {
6383	if( rePeek(p)=='*' ){
6384	re_append(p, RE_OP_ANYSTAR, 0);
6385	p->sIn.i++;
6386	}else{
6387	re_append(p, RE_OP_ANY, 0);
6388	}
6389	break;
6390	}
6391	case '*': {
	@@ -6590,12 +6590,12 @@
6590	** A REGEXP B
6591	**
6592	** is implemented as regexp(B,A).
6593	*/
6594	static void re_sql_func(
6595	sqlite3_context *context,
6596	int argc,
6597	sqlite3_value **argv
6598	){
6599	ReCompiled pRe; / Compiled regular expression */
6600	const char zPattern; / The regular expression */
6601	const unsigned char zStr;/ String being searched */
	@@ -14815,11 +14815,11 @@
14815	" Examples:",
14816	" .ar -cf ARCHIVE foo bar # Create ARCHIVE from files foo and bar",
14817	" .ar -tf ARCHIVE # List members of ARCHIVE",
14818	" .ar -xvf ARCHIVE # Verbosely extract files from ARCHIVE",
14819	" See also:",
14820	" http://sqlite.org/cli.html#sqlar_archive_support",
14821	#endif
14822	#ifndef SQLITE_OMIT_AUTHORIZATION
14823	".auth ON\|OFF Show authorizer callbacks",
14824	#endif
14825	".backup ?DB? FILE Backup DB (default \"main\") to FILE",
14826

	--- src/shell.c
	+++ src/shell.c
	@@ -6204,11 +6204,11 @@
6204	}
6205	}
6206	}
6207	if( pRe->aOp[x]==RE_OP_CC_EXC ) hit = !hit;
6208	if( hit ) re_add_state(pNext, x+n);
6209	break;
6210	}
6211	}
6212	}
6213	}
6214	for(i=0; i<pNext->nState; i++){
	@@ -6365,11 +6365,11 @@
6365	const char *zErr;
6366	while( (c = p->xNextChar(&p->sIn))!=0 ){
6367	iStart = p->nState;
6368	switch( c ){
6369	case '\|':
6370	case '$':
6371	case ')': {
6372	p->sIn.i--;
6373	return 0;
6374	}
6375	case '(': {
	@@ -6381,11 +6381,11 @@
6381	}
6382	case '.': {
6383	if( rePeek(p)=='*' ){
6384	re_append(p, RE_OP_ANYSTAR, 0);
6385	p->sIn.i++;
6386	}else{
6387	re_append(p, RE_OP_ANY, 0);
6388	}
6389	break;
6390	}
6391	case '*': {
	@@ -6590,12 +6590,12 @@
6590	** A REGEXP B
6591	**
6592	** is implemented as regexp(B,A).
6593	*/
6594	static void re_sql_func(
6595	sqlite3_context *context,
6596	int argc,
6597	sqlite3_value **argv
6598	){
6599	ReCompiled pRe; / Compiled regular expression */
6600	const char zPattern; / The regular expression */
6601	const unsigned char zStr;/ String being searched */
	@@ -14815,11 +14815,11 @@
14815	" Examples:",
14816	" .ar -cf ARCHIVE foo bar # Create ARCHIVE from files foo and bar",
14817	" .ar -tf ARCHIVE # List members of ARCHIVE",
14818	" .ar -xvf ARCHIVE # Verbosely extract files from ARCHIVE",
14819	" See also:",
14820	" http://sqlite.org/cli.html#sqlite_archive_support",
14821	#endif
14822	#ifndef SQLITE_OMIT_AUTHORIZATION
14823	".auth ON\|OFF Show authorizer callbacks",
14824	#endif
14825	".backup ?DB? FILE Backup DB (default \"main\") to FILE",
14826

M src/sqlite3.c

+147 -80

		--- src/sqlite3.c
		+++ src/sqlite3.c
		@@ -1205,11 +1205,11 @@
1205	1205	** [sqlite3_libversion_number()], [sqlite3_sourceid()],
1206	1206	** [sqlite_version()] and [sqlite_source_id()].
1207	1207	*/
1208	1208	#define SQLITE_VERSION "3.36.0"
1209	1209	#define SQLITE_VERSION_NUMBER 3036000
1210		-#define SQLITE_SOURCE_ID "2021-06-07 00:41:18 2aa9368b63b42ac7c700516f109edcc6098c12b850eae591afed4e51a3f41819"
	1210	+#define SQLITE_SOURCE_ID "2021-06-14 20:41:20 e5a5acd6006133c5da4a7dd79726dbaa41c0d60ebeda890f848a6aafe5f9ef70"
1211	1211
1212	1212	/*
1213	1213	** CAPI3REF: Run-Time Library Version Numbers
1214	1214	** KEYWORDS: sqlite3_version sqlite3_sourceid
1215	1215	**
		@@ -16558,10 +16558,16 @@
16558	16558	*/
16559	16559	#ifndef SET_FULLSYNC
16560	16560	# define SET_FULLSYNC(x,y)
16561	16561	#endif
16562	16562
	16563	+/* Maximum pathname length. Note: FILENAME_MAX defined by stdio.h
	16564	+*/
	16565	+#ifndef SQLITE_MAX_PATHLEN
	16566	+# define SQLITE_MAX_PATHLEN FILENAME_MAX
	16567	+#endif
	16568	+
16563	16569	/*
16564	16570	** The default size of a disk sector
16565	16571	*/
16566	16572	#ifndef SQLITE_DEFAULT_SECTOR_SIZE
16567	16573	# define SQLITE_DEFAULT_SECTOR_SIZE 4096
		@@ -18795,10 +18801,11 @@
18795	18801	#define SF_View 0x0200000 /* SELECT statement is a view */
18796	18802	#define SF_NoopOrderBy 0x0400000 /* ORDER BY is ignored for this query */
18797	18803	#define SF_UpdateFrom 0x0800000 /* Statement is an UPDATE...FROM */
18798	18804	#define SF_PushDown 0x1000000 /* SELECT has be modified by push-down opt */
18799	18805	#define SF_MultiPart 0x2000000 /* Has multiple incompatible PARTITIONs */
	18806	+#define SF_CopyCte 0x4000000 /* SELECT statement is a copy of a CTE */
18800	18807
18801	18808	/*
18802	18809	** The results of a SELECT can be distributed in several ways, as defined
18803	18810	** by one of the following macros. The "SRT" prefix means "SELECT Result
18804	18811	** Type".
		@@ -20158,10 +20165,11 @@
20158	20165	SQLITE_PRIVATE void sqlite3RegisterDateTimeFunctions(void);
20159	20166	SQLITE_PRIVATE void sqlite3RegisterPerConnectionBuiltinFunctions(sqlite3*);
20160	20167	SQLITE_PRIVATE int sqlite3SafetyCheckOk(sqlite3*);
20161	20168	SQLITE_PRIVATE int sqlite3SafetyCheckSickOrOk(sqlite3*);
20162	20169	SQLITE_PRIVATE void sqlite3ChangeCookie(Parse*, int);
	20170	+SQLITE_PRIVATE With sqlite3WithDup(sqlite3 db, With *p);
20163	20171
20164	20172	#if !defined(SQLITE_OMIT_VIEW) && !defined(SQLITE_OMIT_TRIGGER)
20165	20173	SQLITE_PRIVATE void sqlite3MaterializeView(Parse, Table, Expr, ExprList,Expr*,int);
20166	20174	#endif
20167	20175
		@@ -20568,11 +20576,11 @@
20568	20576	#ifndef SQLITE_OMIT_CTE
20569	20577	SQLITE_PRIVATE Cte sqlite3CteNew(Parse,Token,ExprList,Select*,u8);
20570	20578	SQLITE_PRIVATE void sqlite3CteDelete(sqlite3,Cte);
20571	20579	SQLITE_PRIVATE With sqlite3WithAdd(Parse,With,Cte);
20572	20580	SQLITE_PRIVATE void sqlite3WithDelete(sqlite3,With);
20573		-SQLITE_PRIVATE void sqlite3WithPush(Parse, With, u8);
	20581	+SQLITE_PRIVATE With sqlite3WithPush(Parse, With*, u8);
20574	20582	#else
20575	20583	# define sqlite3CteNew(P,T,E,S) ((void*)0)
20576	20584	# define sqlite3CteDelete(D,C)
20577	20585	# define sqlite3CteWithAdd(P,W,C) ((void*)0)
20578	20586	# define sqlite3WithDelete(x,y)
		@@ -21670,11 +21678,11 @@
21670	21678	SQLITE_PRIVATE int sqlite3VdbeMemTooBig(Mem*);
21671	21679	SQLITE_PRIVATE int sqlite3VdbeMemCopy(Mem, const Mem);
21672	21680	SQLITE_PRIVATE void sqlite3VdbeMemShallowCopy(Mem, const Mem, int);
21673	21681	SQLITE_PRIVATE void sqlite3VdbeMemMove(Mem, Mem);
21674	21682	SQLITE_PRIVATE int sqlite3VdbeMemNulTerminate(Mem*);
21675		-SQLITE_PRIVATE int sqlite3VdbeMemSetStr(Mem, const char, int, u8, void()(void));
	21683	+SQLITE_PRIVATE int sqlite3VdbeMemSetStr(Mem, const char, i64, u8, void()(void));
21676	21684	SQLITE_PRIVATE void sqlite3VdbeMemSetInt64(Mem*, i64);
21677	21685	#ifdef SQLITE_OMIT_FLOATING_POINT
21678	21686	# define sqlite3VdbeMemSetDouble sqlite3VdbeMemSetInt64
21679	21687	#else
21680	21688	SQLITE_PRIVATE void sqlite3VdbeMemSetDouble(Mem*, double);
		@@ -23667,10 +23675,12 @@
23667	23675	zPathOut[0] = 0;
23668	23676	return pVfs->xFullPathname(pVfs, zPath, nPathOut, zPathOut);
23669	23677	}
23670	23678	#ifndef SQLITE_OMIT_LOAD_EXTENSION
23671	23679	SQLITE_PRIVATE void sqlite3OsDlOpen(sqlite3_vfs pVfs, const char *zPath){
	23680	+ assert( zPath!=0 );
	23681	+ assert( strlen(zPath)<=SQLITE_MAX_PATHLEN ); /* tag-20210611-1 */
23672	23682	return pVfs->xDlOpen(pVfs, zPath);
23673	23683	}
23674	23684	SQLITE_PRIVATE void sqlite3OsDlError(sqlite3_vfs pVfs, int nByte, char zBufOut){
23675	23685	pVfs->xDlError(pVfs, nByte, zBufOut);
23676	23686	}
		@@ -66965,11 +66975,11 @@
66965	66975	testcase( pc+size==usableSize );
66966	66976	put2byte(pAddr, cbrk);
66967	66977	if( temp==0 ){
66968	66978	if( cbrk==pc ) continue;
66969	66979	temp = sqlite3PagerTempSpace(pPage->pBt->pPager);
66970		- memcpy(&temp[iCellStart], &data[iCellStart], (cbrk+size) - iCellStart);
	66980	+ memcpy(&temp[iCellStart], &data[iCellStart], usableSize - iCellStart);
66971	66981	src = temp;
66972	66982	}
66973	66983	memcpy(&data[cbrk], &src[pc], size);
66974	66984	}
66975	66985	data[hdr+7] = 0;
		@@ -78047,15 +78057,15 @@
78047	78057	** either case, SQLITE_TOOBIG is returned.
78048	78058	*/
78049	78059	SQLITE_PRIVATE int sqlite3VdbeMemSetStr(
78050	78060	Mem pMem, / Memory cell to set to string value */
78051	78061	const char z, / String pointer */
78052		- int n, /* Bytes in string, or negative */
	78062	+ i64 n, /* Bytes in string, or negative */
78053	78063	u8 enc, /* Encoding of z. 0 for BLOBs */
78054	78064	void (xDel)(void) /* Destructor function */
78055	78065	){
78056		- int nByte = n; /* New value for pMem->n */
	78066	+ i64 nByte = n; /* New value for pMem->n */
78057	78067	int iLimit; /* Maximum allowed string or blob size */
78058	78068	u16 flags = 0; /* New value for pMem->flags */
78059	78069
78060	78070	assert( pMem->db==0 \|\| sqlite3_mutex_held(pMem->db->mutex) );
78061	78071	assert( !sqlite3VdbeMemIsRowSet(pMem) );
		@@ -78073,11 +78083,11 @@
78073	78083	}
78074	78084	flags = (enc==0?MEM_Blob:MEM_Str);
78075	78085	if( nByte<0 ){
78076	78086	assert( enc!=0 );
78077	78087	if( enc==SQLITE_UTF8 ){
78078		- nByte = 0x7fffffff & (int)strlen(z);
	78088	+ nByte = strlen(z);
78079	78089	}else{
78080	78090	for(nByte=0; nByte<=iLimit && (z[nByte] \| z[nByte+1]); nByte+=2){}
78081	78091	}
78082	78092	flags \|= MEM_Term;
78083	78093	}
		@@ -78085,11 +78095,11 @@
78085	78095	/* The following block sets the new values of Mem.z and Mem.xDel. It
78086	78096	** also sets a flag in local variable "flags" to indicate the memory
78087	78097	** management (one of MEM_Dyn or MEM_Static).
78088	78098	*/
78089	78099	if( xDel==SQLITE_TRANSIENT ){
78090		- u32 nAlloc = nByte;
	78100	+ i64 nAlloc = nByte;
78091	78101	if( flags&MEM_Term ){
78092	78102	nAlloc += (enc==SQLITE_UTF8?1:2);
78093	78103	}
78094	78104	if( nByte>iLimit ){
78095	78105	return sqlite3ErrorToParser(pMem->db, SQLITE_TOOBIG);
		@@ -78111,11 +78121,11 @@
78111	78121	pMem->xDel = xDel;
78112	78122	flags \|= ((xDel==SQLITE_STATIC)?MEM_Static:MEM_Dyn);
78113	78123	}
78114	78124	}
78115	78125
78116		- pMem->n = nByte;
	78126	+ pMem->n = (int)(nByte & 0x7fffffff);
78117	78127	pMem->flags = flags;
78118	78128	if( enc ){
78119	78129	pMem->enc = enc;
78120	78130	#ifdef SQLITE_ENABLE_SESSION
78121	78131	}else if( pMem->db==0 ){
		@@ -78131,11 +78141,11 @@
78131	78141	return SQLITE_NOMEM_BKPT;
78132	78142	}
78133	78143	#endif
78134	78144
78135	78145	if( nByte>iLimit ){
78136		- return SQLITE_TOOBIG;
	78146	+ return sqlite3ErrorToParser(pMem->db, SQLITE_TOOBIG);
78137	78147	}
78138	78148
78139	78149	return SQLITE_OK;
78140	78150	}
78141	78151
		@@ -84527,11 +84537,11 @@
84527	84537	}else if( xDel==SQLITE_TRANSIENT ){
84528	84538	/* noop */
84529	84539	}else{
84530	84540	xDel((void*)p);
84531	84541	}
84532		- if( pCtx ) sqlite3_result_error_toobig(pCtx);
	84542	+ sqlite3_result_error_toobig(pCtx);
84533	84543	return SQLITE_TOOBIG;
84534	84544	}
84535	84545	SQLITE_API void sqlite3_result_blob(
84536	84546	sqlite3_context *pCtx,
84537	84547	const void *z,
		@@ -85509,11 +85519,11 @@
85509	85519	*/
85510	85520	static int bindText(
85511	85521	sqlite3_stmt pStmt, / The statement to bind against */
85512	85522	int i, /* Index of the parameter to bind */
85513	85523	const void zData, / Pointer to the data to be bound */
85514		- int nData, /* Number of bytes of data to be bound */
	85524	+ i64 nData, /* Number of bytes of data to be bound */
85515	85525	void (xDel)(void), /* Destructor for the data */
85516	85526	u8 encoding /* Encoding for the data */
85517	85527	){
85518	85528	Vdbe p = (Vdbe )pStmt;
85519	85529	Mem *pVar;
		@@ -85561,15 +85571,11 @@
85561	85571	const void *zData,
85562	85572	sqlite3_uint64 nData,
85563	85573	void (xDel)(void)
85564	85574	){
85565	85575	assert( xDel!=SQLITE_DYNAMIC );
85566		- if( nData>0x7fffffff ){
85567		- return invokeValueDestructor(zData, xDel, 0);
85568		- }else{
85569		- return bindText(pStmt, i, zData, (int)nData, xDel, 0);
85570		- }
	85576	+ return bindText(pStmt, i, zData, nData, xDel, 0);
85571	85577	}
85572	85578	SQLITE_API int sqlite3_bind_double(sqlite3_stmt *pStmt, int i, double rValue){
85573	85579	int rc;
85574	85580	Vdbe p = (Vdbe )pStmt;
85575	85581	rc = vdbeUnbind(p, i);
		@@ -85635,16 +85641,12 @@
85635	85641	sqlite3_uint64 nData,
85636	85642	void (xDel)(void),
85637	85643	unsigned char enc
85638	85644	){
85639	85645	assert( xDel!=SQLITE_DYNAMIC );
85640		- if( nData>0x7fffffff ){
85641		- return invokeValueDestructor(zData, xDel, 0);
85642		- }else{
85643		- if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
85644		- return bindText(pStmt, i, zData, (int)nData, xDel, enc);
85645		- }
	85646	+ if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
	85647	+ return bindText(pStmt, i, zData, nData, xDel, enc);
85646	85648	}
85647	85649	#ifndef SQLITE_OMIT_UTF16
85648	85650	SQLITE_API int sqlite3_bind_text16(
85649	85651	sqlite3_stmt *pStmt,
85650	85652	int i,
		@@ -90957,11 +90959,12 @@
90957	90959	assert( pOp[1].opcode==OP_SeekGE );
90958	90960
90959	90961	/* pOp->p2 points to the first instruction past the OP_IdxGT that
90960	90962	** follows the OP_SeekGE. */
90961	90963	assert( pOp->p2>=(int)(pOp-aOp)+2 );
90962		- assert( aOp[pOp->p2-1].opcode==OP_IdxGT );
	90964	+ assert( aOp[pOp->p2-1].opcode==OP_IdxGT \|\| aOp[pOp->p2-1].opcode==OP_IdxGE );
	90965	+ testcase( aOp[pOp->p2-1].opcode==OP_IdxGE );
90963	90966	assert( pOp[1].p1==aOp[pOp->p2-1].p1 );
90964	90967	assert( pOp[1].p2==aOp[pOp->p2-1].p2 );
90965	90968	assert( pOp[1].p3==aOp[pOp->p2-1].p3 );
90966	90969
90967	90970	assert( pOp->p1>0 );
		@@ -92847,11 +92850,13 @@
92847	92850	}
92848	92851	#endif
92849	92852
92850	92853	iDb = pOp->p1;
92851	92854	assert( iDb>=0 && iDb<db->nDb );
92852		- assert( DbHasProperty(db, iDb, DB_SchemaLoaded) \|\| db->mallocFailed );
	92855	+ assert( DbHasProperty(db, iDb, DB_SchemaLoaded)
	92856	+ \|\| db->mallocFailed
	92857	+ \|\| (CORRUPT_DB && (db->flags & SQLITE_NoSchemaError)!=0) );
92853	92858
92854	92859	#ifndef SQLITE_OMIT_ALTERTABLE
92855	92860	if( pOp->p4.z==0 ){
92856	92861	sqlite3SchemaClear(db->aDb[iDb].pSchema);
92857	92862	db->mDbFlags &= ~DBFLAG_SchemaKnownOk;
		@@ -102622,11 +102627,11 @@
102622	102627	** Create and return a deep copy of the object passed as the second
102623	102628	** argument. If an OOM condition is encountered, NULL is returned
102624	102629	** and the db->mallocFailed flag set.
102625	102630	*/
102626	102631	#ifndef SQLITE_OMIT_CTE
102627		-static With withDup(sqlite3 db, With *p){
	102632	+SQLITE_PRIVATE With sqlite3WithDup(sqlite3 db, With *p){
102628	102633	With *pRet = 0;
102629	102634	if( p ){
102630	102635	sqlite3_int64 nByte = sizeof(p) + sizeof(p->a[0]) (p->nCte-1);
102631	102636	pRet = sqlite3DbMallocZero(db, nByte);
102632	102637	if( pRet ){
		@@ -102640,11 +102645,11 @@
102640	102645	}
102641	102646	}
102642	102647	return pRet;
102643	102648	}
102644	102649	#else
102645		-# define withDup(x,y) 0
	102650	+# define sqlite3WithDup(x,y) 0
102646	102651	#endif
102647	102652
102648	102653	#ifndef SQLITE_OMIT_WINDOWFUNC
102649	102654	/*
102650	102655	** The gatherSelectWindows() procedure and its helper routine
		@@ -102844,11 +102849,11 @@
102844	102849	pNew->iOffset = 0;
102845	102850	pNew->selFlags = p->selFlags & ~SF_UsesEphemeral;
102846	102851	pNew->addrOpenEphm[0] = -1;
102847	102852	pNew->addrOpenEphm[1] = -1;
102848	102853	pNew->nSelectRow = p->nSelectRow;
102849		- pNew->pWith = withDup(db, p->pWith);
	102854	+ pNew->pWith = sqlite3WithDup(db, p->pWith);
102850	102855	#ifndef SQLITE_OMIT_WINDOWFUNC
102851	102856	pNew->pWin = 0;
102852	102857	pNew->pWinDefn = sqlite3WindowListDup(db, p->pWinDefn);
102853	102858	if( p->pWin && db->mallocFailed==0 ) gatherSelectWindows(pNew);
102854	102859	#endif
		@@ -108184,19 +108189,34 @@
108184	108189	** to select statement pSelect.
108185	108190	*/
108186	108191	static void renameWalkWith(Walker pWalker, Select pSelect){
108187	108192	With *pWith = pSelect->pWith;
108188	108193	if( pWith ){
	108194	+ Parse *pParse = pWalker->pParse;
108189	108195	int i;
	108196	+ With *pCopy = 0;
	108197	+ assert( pWith->nCte>0 );
	108198	+ if( (pWith->a[0].pSelect->selFlags & SF_Expanded)==0 ){
	108199	+ /* Push a copy of the With object onto the with-stack. We use a copy
	108200	+ ** here as the original will be expanded and resolved (flags SF_Expanded
	108201	+ ** and SF_Resolved) below. And the parser code that uses the with-stack
	108202	+ ** fails if the Select objects on it have already been expanded and
	108203	+ ** resolved. */
	108204	+ pCopy = sqlite3WithDup(pParse->db, pWith);
	108205	+ pCopy = sqlite3WithPush(pParse, pCopy, 1);
	108206	+ }
108190	108207	for(i=0; i<pWith->nCte; i++){
108191	108208	Select *p = pWith->a[i].pSelect;
108192	108209	NameContext sNC;
108193	108210	memset(&sNC, 0, sizeof(sNC));
108194		- sNC.pParse = pWalker->pParse;
108195		- sqlite3SelectPrep(sNC.pParse, p, &sNC);
	108211	+ sNC.pParse = pParse;
	108212	+ if( pCopy ) sqlite3SelectPrep(sNC.pParse, p, &sNC);
108196	108213	sqlite3WalkSelect(pWalker, p);
108197		- sqlite3RenameExprlistUnmap(pWalker->pParse, pWith->a[i].pCols);
	108214	+ sqlite3RenameExprlistUnmap(pParse, pWith->a[i].pCols);
	108215	+ }
	108216	+ if( pCopy && pParse->pWith==pCopy ){
	108217	+ pParse->pWith = pCopy->pOuter;
108198	108218	}
108199	108219	}
108200	108220	}
108201	108221
108202	108222	/*
		@@ -108219,11 +108239,15 @@
108219	108239	*/
108220	108240	static int renameUnmapSelectCb(Walker pWalker, Select p){
108221	108241	Parse *pParse = pWalker->pParse;
108222	108242	int i;
108223	108243	if( pParse->nErr ) return WRC_Abort;
108224		- if( p->selFlags & SF_View ) return WRC_Prune;
	108244	+ if( p->selFlags & (SF_View\|SF_CopyCte) ){
	108245	+ testcase( pSelect->selFlags & SF_View );
	108246	+ testcase( pSelect->selFlags & SF_CopyCte );
	108247	+ return WRC_Prune;
	108248	+ }
108225	108249	if( ALWAYS(p->pEList) ){
108226	108250	ExprList *pList = p->pEList;
108227	108251	for(i=0; i<pList->nExpr; i++){
108228	108252	if( pList->a[i].zEName && pList->a[i].eEName==ENAME_NAME ){
108229	108253	sqlite3RenameTokenRemap(pParse, 0, (void*)pList->a[i].zEName);
		@@ -108327,11 +108351,15 @@
108327	108351	** This is a Walker select callback. It does nothing. It is only required
108328	108352	** because without a dummy callback, sqlite3WalkExpr() and similar do not
108329	108353	** descend into sub-select statements.
108330	108354	*/
108331	108355	static int renameColumnSelectCb(Walker pWalker, Select p){
108332		- if( p->selFlags & SF_View ) return WRC_Prune;
	108356	+ if( p->selFlags & (SF_View\|SF_CopyCte) ){
	108357	+ testcase( pSelect->selFlags & SF_View );
	108358	+ testcase( pSelect->selFlags & SF_CopyCte );
	108359	+ return WRC_Prune;
	108360	+ }
108333	108361	renameWalkWith(pWalker, p);
108334	108362	return WRC_Continue;
108335	108363	}
108336	108364
108337	108365	/*
		@@ -108963,11 +108991,15 @@
108963	108991	*/
108964	108992	static int renameTableSelectCb(Walker pWalker, Select pSelect){
108965	108993	int i;
108966	108994	RenameCtx *p = pWalker->u.pRename;
108967	108995	SrcList *pSrc = pSelect->pSrc;
108968		- if( pSelect->selFlags & SF_View ) return WRC_Prune;
	108996	+ if( pSelect->selFlags & (SF_View\|SF_CopyCte) ){
	108997	+ testcase( pSelect->selFlags & SF_View );
	108998	+ testcase( pSelect->selFlags & SF_CopyCte );
	108999	+ return WRC_Prune;
	109000	+ }
108969	109001	if( NEVER(pSrc==0) ){
108970	109002	assert( pWalker->pParse->db->mallocFailed );
108971	109003	return WRC_Abort;
108972	109004	}
108973	109005	for(i=0; i<pSrc->nSrc; i++){
		@@ -116705,11 +116737,11 @@
116705	116737	const char *zDb = db->aDb[iDb].zDbSName;
116706	116738	const char *zTab = SCHEMA_TABLE(iDb);
116707	116739	if( sqlite3AuthCheck(pParse, SQLITE_DELETE, zTab, 0, zDb) ){
116708	116740	goto exit_drop_index;
116709	116741	}
116710		- if( !OMIT_TEMPDB && iDb ) code = SQLITE_DROP_TEMP_INDEX;
	116742	+ if( !OMIT_TEMPDB && iDb==1 ) code = SQLITE_DROP_TEMP_INDEX;
116711	116743	if( sqlite3AuthCheck(pParse, code, pIndex->zName, pTab->zName, zDb) ){
116712	116744	goto exit_drop_index;
116713	116745	}
116714	116746	}
116715	116747	#endif
		@@ -119237,17 +119269,19 @@
119237	119269	){
119238	119270	/* This column was already computed by the previous index */
119239	119271	continue;
119240	119272	}
119241	119273	sqlite3ExprCodeLoadIndexColumn(pParse, pIdx, iDataCur, j, regBase+j);
119242		- /* If the column affinity is REAL but the number is an integer, then it
119243		- ** might be stored in the table as an integer (using a compact
119244		- ** representation) then converted to REAL by an OP_RealAffinity opcode.
119245		- ** But we are getting ready to store this value back into an index, where
119246		- ** it should be converted by to INTEGER again. So omit the OP_RealAffinity
119247		- ** opcode if it is present */
119248		- sqlite3VdbeDeletePriorOpcode(v, OP_RealAffinity);
	119274	+ if( pIdx->aiColumn[j]>=0 ){
	119275	+ /* If the column affinity is REAL but the number is an integer, then it
	119276	+ ** might be stored in the table as an integer (using a compact
	119277	+ ** representation) then converted to REAL by an OP_RealAffinity opcode.
	119278	+ ** But we are getting ready to store this value back into an index, where
	119279	+ ** it should be converted by to INTEGER again. So omit the
	119280	+ ** OP_RealAffinity opcode if it is present */
	119281	+ sqlite3VdbeDeletePriorOpcode(v, OP_RealAffinity);
	119282	+ }
119249	119283	}
119250	119284	if( regOut ){
119251	119285	sqlite3VdbeAddOp3(v, OP_MakeRecord, regBase, nCol, regOut);
119252	119286	}
119253	119287	sqlite3ReleaseTempRange(pParse, regBase, nCol);
		@@ -127401,11 +127435,11 @@
127401	127435	sqlite3_loadext_entry xInit;
127402	127436	char *zErrmsg = 0;
127403	127437	const char *zEntry;
127404	127438	char *zAltEntry = 0;
127405	127439	void **aHandle;
127406		- u64 nMsg = 300 + sqlite3Strlen30(zFile);
	127440	+ u64 nMsg = strlen(zFile);
127407	127441	int ii;
127408	127442	int rc;
127409	127443
127410	127444	/* Shared library endings to try if zFile cannot be loaded as written */
127411	127445	static const char *azEndings[] = {
		@@ -127435,30 +127469,26 @@
127435	127469	return SQLITE_ERROR;
127436	127470	}
127437	127471
127438	127472	zEntry = zProc ? zProc : "sqlite3_extension_init";
127439	127473
	127474	+ /* tag-20210611-1. Some dlopen() implementations will segfault if given
	127475	+ ** an oversize filename. Most filesystems have a pathname limit of 4K,
	127476	+ ** so limit the extension filename length to about twice that.
	127477	+ ** https://sqlite.org/forum/forumpost/08a0d6d9bf */
	127478	+ if( nMsg>SQLITE_MAX_PATHLEN ) goto extension_not_found;
	127479	+
127440	127480	handle = sqlite3OsDlOpen(pVfs, zFile);
127441	127481	#if SQLITE_OS_UNIX \|\| SQLITE_OS_WIN
127442	127482	for(ii=0; ii<ArraySize(azEndings) && handle==0; ii++){
127443	127483	char *zAltFile = sqlite3_mprintf("%s.%s", zFile, azEndings[ii]);
127444	127484	if( zAltFile==0 ) return SQLITE_NOMEM_BKPT;
127445	127485	handle = sqlite3OsDlOpen(pVfs, zAltFile);
127446	127486	sqlite3_free(zAltFile);
127447	127487	}
127448	127488	#endif
127449		- if( handle==0 ){
127450		- if( pzErrMsg ){
127451		- *pzErrMsg = zErrmsg = sqlite3_malloc64(nMsg);
127452		- if( zErrmsg ){
127453		- sqlite3_snprintf(nMsg, zErrmsg,
127454		- "unable to open shared library [%s]", zFile);
127455		- sqlite3OsDlError(pVfs, nMsg-1, zErrmsg);
127456		- }
127457		- }
127458		- return SQLITE_ERROR;
127459		- }
	127489	+ if( handle==0 ) goto extension_not_found;
127460	127490	xInit = (sqlite3_loadext_entry)sqlite3OsDlSym(pVfs, handle, zEntry);
127461	127491
127462	127492	/* If no entry point was specified and the default legacy
127463	127493	** entry point name "sqlite3_extension_init" was not found, then
127464	127494	** construct an entry point name "sqlite3_X_init" where the X is
		@@ -127491,14 +127521,15 @@
127491	127521	zEntry = zAltEntry;
127492	127522	xInit = (sqlite3_loadext_entry)sqlite3OsDlSym(pVfs, handle, zEntry);
127493	127523	}
127494	127524	if( xInit==0 ){
127495	127525	if( pzErrMsg ){
127496		- nMsg += sqlite3Strlen30(zEntry);
	127526	+ nMsg += strlen(zEntry) + 300;
127497	127527	*pzErrMsg = zErrmsg = sqlite3_malloc64(nMsg);
127498	127528	if( zErrmsg ){
127499		- sqlite3_snprintf(nMsg, zErrmsg,
	127529	+ assert( nMsg<0x7fffffff ); /* zErrmsg would be NULL if not so */
	127530	+ sqlite3_snprintf((int)nMsg, zErrmsg,
127500	127531	"no entry point [%s] in shared library [%s]", zEntry, zFile);
127501	127532	sqlite3OsDlError(pVfs, nMsg-1, zErrmsg);
127502	127533	}
127503	127534	}
127504	127535	sqlite3OsDlClose(pVfs, handle);
		@@ -127528,10 +127559,23 @@
127528	127559	sqlite3DbFree(db, db->aExtension);
127529	127560	db->aExtension = aHandle;
127530	127561
127531	127562	db->aExtension[db->nExtension++] = handle;
127532	127563	return SQLITE_OK;
	127564	+
	127565	+extension_not_found:
	127566	+ if( pzErrMsg ){
	127567	+ nMsg += 300;
	127568	+ *pzErrMsg = zErrmsg = sqlite3_malloc64(nMsg);
	127569	+ if( zErrmsg ){
	127570	+ assert( nMsg<0x7fffffff ); /* zErrmsg would be NULL if not so */
	127571	+ sqlite3_snprintf((int)nMsg, zErrmsg,
	127572	+ "unable to open shared library [%.*s]", SQLITE_MAX_PATHLEN, zFile);
	127573	+ sqlite3OsDlError(pVfs, nMsg-1, zErrmsg);
	127574	+ }
	127575	+ }
	127576	+ return SQLITE_ERROR;
127533	127577	}
127534	127578	SQLITE_API int sqlite3_load_extension(
127535	127579	sqlite3 db, / Load the extension into this database connection */
127536	127580	const char zFile, / Name of the shared library containing extension */
127537	127581	const char zProc, / Entry point. Use "sqlite3_extension_init" if 0 */
		@@ -131368,13 +131412,15 @@
131368	131412	if( rc==SQLITE_OK ){
131369	131413	sqlite3AnalysisLoad(db, iDb);
131370	131414	}
131371	131415	#endif
131372	131416	}
	131417	+ assert( pDb == &(db->aDb[iDb]) );
131373	131418	if( db->mallocFailed ){
131374	131419	rc = SQLITE_NOMEM_BKPT;
131375	131420	sqlite3ResetAllSchemasOfConnection(db);
	131421	+ pDb = &db->aDb[iDb];
131376	131422	}else
131377	131423	if( rc==SQLITE_OK \|\| (db->flags&SQLITE_NoSchemaError)){
131378	131424	/* Hack: If the SQLITE_NoSchemaError flag is set, then consider
131379	131425	** the schema loaded, even if errors (other than OOM) occurred. In
131380	131426	** this situation the current sqlite3_prepare() operation will fail,
		@@ -136426,10 +136472,11 @@
136426	136472	** a known value due to WHERE clause constraints of the form COLUMN=VALUE.
136427	136473	*/
136428	136474	typedef struct WhereConst WhereConst;
136429	136475	struct WhereConst {
136430	136476	Parse pParse; / Parsing context */
	136477	+ u8 pOomFault; / Pointer to pParse->db->mallocFailed */
136431	136478	int nConst; /* Number for COLUMN=CONSTANT terms */
136432	136479	int nChng; /* Number of times a constant is propagated */
136433	136480	int bHasAffBlob; /* At least one column in apExpr[] as affinity BLOB */
136434	136481	Expr *apExpr; / [i2] is COLUMN and [i2+1] is VALUE */
136435	136482	};
		@@ -136525,10 +136572,11 @@
136525	136572	WhereConst *pConst,
136526	136573	Expr *pExpr,
136527	136574	int bIgnoreAffBlob
136528	136575	){
136529	136576	int i;
	136577	+ if( pConst->pOomFault[0] ) return WRC_Prune;
136530	136578	if( pExpr->op!=TK_COLUMN ) return WRC_Continue;
136531	136579	if( ExprHasProperty(pExpr, EP_FixedCol\|EP_FromJoin) ){
136532	136580	testcase( ExprHasProperty(pExpr, EP_FixedCol) );
136533	136581	testcase( ExprHasProperty(pExpr, EP_FromJoin) );
136534	136582	return WRC_Continue;
		@@ -136545,10 +136593,11 @@
136545	136593	pConst->nChng++;
136546	136594	ExprClearProperty(pExpr, EP_Leaf);
136547	136595	ExprSetProperty(pExpr, EP_FixedCol);
136548	136596	assert( pExpr->pLeft==0 );
136549	136597	pExpr->pLeft = sqlite3ExprDup(pConst->pParse->db, pConst->apExpr[i*2+1], 0);
	136598	+ if( pConst->pParse->db->mallocFailed ) return WRC_Prune;
136550	136599	break;
136551	136600	}
136552	136601	return WRC_Prune;
136553	136602	}
136554	136603
		@@ -136577,10 +136626,11 @@
136577	136626	if( pConst->bHasAffBlob ){
136578	136627	if( (pExpr->op>=TK_EQ && pExpr->op<=TK_GE)
136579	136628	\|\| pExpr->op==TK_IS
136580	136629	){
136581	136630	propagateConstantExprRewriteOne(pConst, pExpr->pLeft, 0);
	136631	+ if( pConst->pOomFault[0] ) return WRC_Prune;
136582	136632	if( sqlite3ExprAffinity(pExpr->pLeft)!=SQLITE_AFF_TEXT ){
136583	136633	propagateConstantExprRewriteOne(pConst, pExpr->pRight, 0);
136584	136634	}
136585	136635	}
136586	136636	}
		@@ -136644,10 +136694,11 @@
136644	136694	){
136645	136695	WhereConst x;
136646	136696	Walker w;
136647	136697	int nChng = 0;
136648	136698	x.pParse = pParse;
	136699	+ x.pOomFault = &pParse->db->mallocFailed;
136649	136700	do{
136650	136701	x.nConst = 0;
136651	136702	x.nChng = 0;
136652	136703	x.apExpr = 0;
136653	136704	x.bHasAffBlob = 0;
		@@ -137099,25 +137150,33 @@
137099	137150	** onto the top of the stack. If argument bFree is true, then this
137100	137151	** WITH clause will never be popped from the stack but should instead
137101	137152	** be freed along with the Parse object. In other cases, when
137102	137153	** bFree==0, the With object will be freed along with the SELECT
137103	137154	** statement with which it is associated.
	137155	+**
	137156	+** This routine returns a copy of pWith. Or, if bFree is true and
	137157	+** the pWith object is destroyed immediately due to an OOM condition,
	137158	+** then this routine return NULL.
	137159	+**
	137160	+** If bFree is true, do not continue to use the pWith pointer after
	137161	+** calling this routine, Instead, use only the return value.
137104	137162	*/
137105		-SQLITE_PRIVATE void sqlite3WithPush(Parse pParse, With pWith, u8 bFree){
	137163	+SQLITE_PRIVATE With sqlite3WithPush(Parse pParse, With *pWith, u8 bFree){
137106	137164	if( pWith ){
	137165	+ if( bFree ){
	137166	+ pWith = (With*)sqlite3ParserAddCleanup(pParse,
	137167	+ (void()(sqlite3,void*))sqlite3WithDelete,
	137168	+ pWith);
	137169	+ if( pWith==0 ) return 0;
	137170	+ }
137107	137171	if( pParse->nErr==0 ){
137108	137172	assert( pParse->pWith!=pWith );
137109	137173	pWith->pOuter = pParse->pWith;
137110	137174	pParse->pWith = pWith;
137111	137175	}
137112		- if( bFree ){
137113		- sqlite3ParserAddCleanup(pParse,
137114		- (void()(sqlite3,void*))sqlite3WithDelete,
137115		- pWith);
137116		- testcase( pParse->earlyCleanup );
137117		- }
137118	137176	}
	137177	+ return pWith;
137119	137178	}
137120	137179
137121	137180	/*
137122	137181	** This function checks if argument pFrom refers to a CTE declared by
137123	137182	** a WITH clause on the stack currently maintained by the parser (on the
		@@ -137206,10 +137265,11 @@
137206	137265	pTab->iPKey = -1;
137207	137266	pTab->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
137208	137267	pTab->tabFlags \|= TF_Ephemeral \| TF_NoVisibleRowid;
137209	137268	pFrom->pSelect = sqlite3SelectDup(db, pCte->pSelect, 0);
137210	137269	if( db->mallocFailed ) return 2;
	137270	+ pFrom->pSelect->selFlags \|= SF_CopyCte;
137211	137271	assert( pFrom->pSelect );
137212	137272	pFrom->fg.isCte = 1;
137213	137273	pFrom->u2.pCteUse = pCteUse;
137214	137274	pCteUse->nUse++;
137215	137275	if( pCteUse->nUse>=2 && pCteUse->eM10d==M10d_Any ){
		@@ -137474,10 +137534,11 @@
137474	137534	){
137475	137535	sqlite3ErrorMsg(pParse, "access to view \"%s\" prohibited",
137476	137536	pTab->zName);
137477	137537	}
137478	137538	#ifndef SQLITE_OMIT_VIRTUALTABLE
	137539	+ assert( SQLITE_VTABRISK_Normal==1 && SQLITE_VTABRISK_High==2 );
137479	137540	if( IsVirtual(pTab)
137480	137541	&& pFrom->fg.fromDDL
137481	137542	&& ALWAYS(pTab->pVTable!=0)
137482	137543	&& pTab->pVTable->eVtabRisk > ((db->flags & SQLITE_TrustedSchema)!=0)
137483	137544	){
		@@ -183221,12 +183282,12 @@
183221	183282	int nPrev, /* Size of buffer zPrev in bytes */
183222	183283	const char zNext, / Buffer containing next term */
183223	183284	int nNext /* Size of buffer zNext in bytes */
183224	183285	){
183225	183286	int n;
183226		- UNUSED_PARAMETER(nNext);
183227		- for(n=0; n<nPrev && zPrev[n]==zNext[n]; n++);
	183287	+ for(n=0; n<nPrev && n<nNext && zPrev[n]==zNext[n]; n++);
	183288	+ assert_fts3_nc( n<nNext );
183228	183289	return n;
183229	183290	}
183230	183291
183231	183292	/*
183232	183293	** Add term zTerm to the SegmentNode. It is guaranteed that zTerm is larger
		@@ -184221,11 +184282,11 @@
184221	184282	iDelta = (i64)((u64)iDocid - (u64)iPrev);
184222	184283	}
184223	184284
184224	184285	nByte = sqlite3Fts3VarintLen(iDelta) + (isRequirePos?nList+1:0);
184225	184286
184226		- rc = fts3GrowSegReaderBuffer(pCsr, nByte+nDoclist);
	184287	+ rc = fts3GrowSegReaderBuffer(pCsr, nByte+nDoclist+FTS3_NODE_PADDING);
184227	184288	if( rc ) return rc;
184228	184289
184229	184290	if( isFirst ){
184230	184291	char *a = &pCsr->aBuffer[nDoclist];
184231	184292	int nWrite;
		@@ -216164,10 +216225,11 @@
216164	216225	return 1;
216165	216226	}else{
216166	216227	i64 iOff = *piOff;
216167	216228	int iVal;
216168	216229	fts5FastGetVarint32(a, i, iVal);
	216230	+ assert( iVal>=0 );
216169	216231	if( iVal<=1 ){
216170	216232	if( iVal==0 ){
216171	216233	*pi = i;
216172	216234	return 0;
216173	216235	}
		@@ -216177,13 +216239,16 @@
216177	216239	if( iVal<2 ){
216178	216240	/* This is a corrupt record. So stop parsing it here. */
216179	216241	*piOff = -1;
216180	216242	return 1;
216181	216243	}
	216244	+ *piOff = iOff + ((iVal-2) & 0x7FFFFFFF);
	216245	+ }else{
	216246	+ *piOff = (iOff & (i64)0x7FFFFFFF<<32)+((iOff + (iVal-2)) & 0x7FFFFFFF);
216182	216247	}
216183		- *piOff = iOff + ((iVal-2) & 0x7FFFFFFF);
216184	216248	*pi = i;
	216249	+ assert( *piOff>=iOff );
216185	216250	return 0;
216186	216251	}
216187	216252	}
216188	216253
216189	216254
		@@ -216218,18 +216283,20 @@
216218	216283	static void sqlite3Fts5PoslistSafeAppend(
216219	216284	Fts5Buffer *pBuf,
216220	216285	i64 *piPrev,
216221	216286	i64 iPos
216222	216287	){
216223		- static const i64 colmask = ((i64)(0x7FFFFFFF)) << 32;
216224		- if( (iPos & colmask) != (*piPrev & colmask) ){
216225		- pBuf->p[pBuf->n++] = 1;
216226		- pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos>>32));
216227		- *piPrev = (iPos & colmask);
216228		- }
216229		- pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos-*piPrev)+2);
216230		- *piPrev = iPos;
	216288	+ if( iPos>=*piPrev ){
	216289	+ static const i64 colmask = ((i64)(0x7FFFFFFF)) << 32;
	216290	+ if( (iPos & colmask) != (*piPrev & colmask) ){
	216291	+ pBuf->p[pBuf->n++] = 1;
	216292	+ pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos>>32));
	216293	+ *piPrev = (iPos & colmask);
	216294	+ }
	216295	+ pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos-*piPrev)+2);
	216296	+ *piPrev = iPos;
	216297	+ }
216231	216298	}
216232	216299
216233	216300	static int sqlite3Fts5PoslistWriterAppend(
216234	216301	Fts5Buffer *pBuf,
216235	216302	Fts5PoslistWriter *pWriter,
		@@ -224157,11 +224224,11 @@
224157	224224	pIter->base.nData = p-aCopy;
224158	224225	return;
224159	224226	}
224160	224227	fts5BufferSafeAppendBlob(&pIter->poslist, aCopy, p-aCopy);
224161	224228	}
224162		- if( p==pEnd ){
	224229	+ if( p>=pEnd ){
224163	224230	pIter->base.pData = pIter->poslist.p;
224164	224231	pIter->base.nData = pIter->poslist.n;
224165	224232	return;
224166	224233	}
224167	224234	aCopy = p++;
		@@ -225953,11 +226020,11 @@
225953	226020	Fts5Buffer p1, / First list to merge */
225954	226021	int nBuf, /* Number of buffers in array aBuf[] */
225955	226022	Fts5Buffer aBuf / Other lists to merge in */
225956	226023	){
225957	226024	#define fts5PrefixMergerNextPosition(p) \
225958		- sqlite3Fts5PoslistNext64((p)->aPos,(p)->iter.nPoslist,&(p)->iOff,&(p)->iPos);
	226025	+ sqlite3Fts5PoslistNext64((p)->aPos,(p)->iter.nPoslist,&(p)->iOff,&(p)->iPos)
225959	226026	#define FTS5_MERGE_NLIST 16
225960	226027	PrefixMerger aMerger[FTS5_MERGE_NLIST];
225961	226028	PrefixMerger *pHead = 0;
225962	226029	int i;
225963	226030	int nOut = 0;
		@@ -230501,11 +230568,11 @@
230501	230568	int nArg, /* Number of args */
230502	230569	sqlite3_value *apUnused / Function arguments */
230503	230570	){
230504	230571	assert( nArg==0 );
230505	230572	UNUSED_PARAM2(nArg, apUnused);
230506		- sqlite3_result_text(pCtx, "fts5: 2021-06-04 23:26:56 1c71de43dbc68002c4a6229e7efffb019655baff67a51fe922571fe420c95835", -1, SQLITE_TRANSIENT);
	230573	+ sqlite3_result_text(pCtx, "fts5: 2021-06-14 20:41:20 e5a5acd6006133c5da4a7dd79726dbaa41c0d60ebeda890f848a6aafe5f9ef70", -1, SQLITE_TRANSIENT);
230507	230574	}
230508	230575
230509	230576	/*
230510	230577	** Return true if zName is the extension on one of the shadow tables used
230511	230578	** by this module.
		@@ -235427,12 +235494,12 @@
235427	235494	}
235428	235495	#endif /* SQLITE_CORE */
235429	235496	#endif /* !defined(SQLITE_CORE) \|\| defined(SQLITE_ENABLE_STMTVTAB) */
235430	235497
235431	235498	/************ End of stmt.c **********************************************/
235432		-#if __LINE__!=235432
	235499	+#if __LINE__!=235499
235433	235500	#undef SQLITE_SOURCE_ID
235434		-#define SQLITE_SOURCE_ID "2021-06-07 00:41:18 2aa9368b63b42ac7c700516f109edcc6098c12b850eae591afed4e51a3f4alt2"
	235501	+#define SQLITE_SOURCE_ID "2021-06-14 20:41:20 e5a5acd6006133c5da4a7dd79726dbaa41c0d60ebeda890f848a6aafe5f9alt2"
235435	235502	#endif
235436	235503	/* Return the source-id for this library */
235437	235504	SQLITE_API const char *sqlite3_sourceid(void){ return SQLITE_SOURCE_ID; }
235438	235505	/************************ End of sqlite3.c ****************************/
235439	235506

	--- src/sqlite3.c
	+++ src/sqlite3.c
	@@ -1205,11 +1205,11 @@
1205	** [sqlite3_libversion_number()], [sqlite3_sourceid()],
1206	** [sqlite_version()] and [sqlite_source_id()].
1207	*/
1208	#define SQLITE_VERSION "3.36.0"
1209	#define SQLITE_VERSION_NUMBER 3036000
1210	#define SQLITE_SOURCE_ID "2021-06-07 00:41:18 2aa9368b63b42ac7c700516f109edcc6098c12b850eae591afed4e51a3f41819"
1211
1212	/*
1213	** CAPI3REF: Run-Time Library Version Numbers
1214	** KEYWORDS: sqlite3_version sqlite3_sourceid
1215	**
	@@ -16558,10 +16558,16 @@
16558	*/
16559	#ifndef SET_FULLSYNC
16560	# define SET_FULLSYNC(x,y)
16561	#endif
16562






16563	/*
16564	** The default size of a disk sector
16565	*/
16566	#ifndef SQLITE_DEFAULT_SECTOR_SIZE
16567	# define SQLITE_DEFAULT_SECTOR_SIZE 4096
	@@ -18795,10 +18801,11 @@
18795	#define SF_View 0x0200000 /* SELECT statement is a view */
18796	#define SF_NoopOrderBy 0x0400000 /* ORDER BY is ignored for this query */
18797	#define SF_UpdateFrom 0x0800000 /* Statement is an UPDATE...FROM */
18798	#define SF_PushDown 0x1000000 /* SELECT has be modified by push-down opt */
18799	#define SF_MultiPart 0x2000000 /* Has multiple incompatible PARTITIONs */

18800
18801	/*
18802	** The results of a SELECT can be distributed in several ways, as defined
18803	** by one of the following macros. The "SRT" prefix means "SELECT Result
18804	** Type".
	@@ -20158,10 +20165,11 @@
20158	SQLITE_PRIVATE void sqlite3RegisterDateTimeFunctions(void);
20159	SQLITE_PRIVATE void sqlite3RegisterPerConnectionBuiltinFunctions(sqlite3*);
20160	SQLITE_PRIVATE int sqlite3SafetyCheckOk(sqlite3*);
20161	SQLITE_PRIVATE int sqlite3SafetyCheckSickOrOk(sqlite3*);
20162	SQLITE_PRIVATE void sqlite3ChangeCookie(Parse*, int);

20163
20164	#if !defined(SQLITE_OMIT_VIEW) && !defined(SQLITE_OMIT_TRIGGER)
20165	SQLITE_PRIVATE void sqlite3MaterializeView(Parse, Table, Expr, ExprList,Expr*,int);
20166	#endif
20167
	@@ -20568,11 +20576,11 @@
20568	#ifndef SQLITE_OMIT_CTE
20569	SQLITE_PRIVATE Cte sqlite3CteNew(Parse,Token,ExprList,Select*,u8);
20570	SQLITE_PRIVATE void sqlite3CteDelete(sqlite3,Cte);
20571	SQLITE_PRIVATE With sqlite3WithAdd(Parse,With,Cte);
20572	SQLITE_PRIVATE void sqlite3WithDelete(sqlite3,With);
20573	SQLITE_PRIVATE void sqlite3WithPush(Parse, With, u8);
20574	#else
20575	# define sqlite3CteNew(P,T,E,S) ((void*)0)
20576	# define sqlite3CteDelete(D,C)
20577	# define sqlite3CteWithAdd(P,W,C) ((void*)0)
20578	# define sqlite3WithDelete(x,y)
	@@ -21670,11 +21678,11 @@
21670	SQLITE_PRIVATE int sqlite3VdbeMemTooBig(Mem*);
21671	SQLITE_PRIVATE int sqlite3VdbeMemCopy(Mem, const Mem);
21672	SQLITE_PRIVATE void sqlite3VdbeMemShallowCopy(Mem, const Mem, int);
21673	SQLITE_PRIVATE void sqlite3VdbeMemMove(Mem, Mem);
21674	SQLITE_PRIVATE int sqlite3VdbeMemNulTerminate(Mem*);
21675	SQLITE_PRIVATE int sqlite3VdbeMemSetStr(Mem, const char, int, u8, void()(void));
21676	SQLITE_PRIVATE void sqlite3VdbeMemSetInt64(Mem*, i64);
21677	#ifdef SQLITE_OMIT_FLOATING_POINT
21678	# define sqlite3VdbeMemSetDouble sqlite3VdbeMemSetInt64
21679	#else
21680	SQLITE_PRIVATE void sqlite3VdbeMemSetDouble(Mem*, double);
	@@ -23667,10 +23675,12 @@
23667	zPathOut[0] = 0;
23668	return pVfs->xFullPathname(pVfs, zPath, nPathOut, zPathOut);
23669	}
23670	#ifndef SQLITE_OMIT_LOAD_EXTENSION
23671	SQLITE_PRIVATE void sqlite3OsDlOpen(sqlite3_vfs pVfs, const char *zPath){


23672	return pVfs->xDlOpen(pVfs, zPath);
23673	}
23674	SQLITE_PRIVATE void sqlite3OsDlError(sqlite3_vfs pVfs, int nByte, char zBufOut){
23675	pVfs->xDlError(pVfs, nByte, zBufOut);
23676	}
	@@ -66965,11 +66975,11 @@
66965	testcase( pc+size==usableSize );
66966	put2byte(pAddr, cbrk);
66967	if( temp==0 ){
66968	if( cbrk==pc ) continue;
66969	temp = sqlite3PagerTempSpace(pPage->pBt->pPager);
66970	memcpy(&temp[iCellStart], &data[iCellStart], (cbrk+size) - iCellStart);
66971	src = temp;
66972	}
66973	memcpy(&data[cbrk], &src[pc], size);
66974	}
66975	data[hdr+7] = 0;
	@@ -78047,15 +78057,15 @@
78047	** either case, SQLITE_TOOBIG is returned.
78048	*/
78049	SQLITE_PRIVATE int sqlite3VdbeMemSetStr(
78050	Mem pMem, / Memory cell to set to string value */
78051	const char z, / String pointer */
78052	int n, /* Bytes in string, or negative */
78053	u8 enc, /* Encoding of z. 0 for BLOBs */
78054	void (xDel)(void) /* Destructor function */
78055	){
78056	int nByte = n; /* New value for pMem->n */
78057	int iLimit; /* Maximum allowed string or blob size */
78058	u16 flags = 0; /* New value for pMem->flags */
78059
78060	assert( pMem->db==0 \|\| sqlite3_mutex_held(pMem->db->mutex) );
78061	assert( !sqlite3VdbeMemIsRowSet(pMem) );
	@@ -78073,11 +78083,11 @@
78073	}
78074	flags = (enc==0?MEM_Blob:MEM_Str);
78075	if( nByte<0 ){
78076	assert( enc!=0 );
78077	if( enc==SQLITE_UTF8 ){
78078	nByte = 0x7fffffff & (int)strlen(z);
78079	}else{
78080	for(nByte=0; nByte<=iLimit && (z[nByte] \| z[nByte+1]); nByte+=2){}
78081	}
78082	flags \|= MEM_Term;
78083	}
	@@ -78085,11 +78095,11 @@
78085	/* The following block sets the new values of Mem.z and Mem.xDel. It
78086	** also sets a flag in local variable "flags" to indicate the memory
78087	** management (one of MEM_Dyn or MEM_Static).
78088	*/
78089	if( xDel==SQLITE_TRANSIENT ){
78090	u32 nAlloc = nByte;
78091	if( flags&MEM_Term ){
78092	nAlloc += (enc==SQLITE_UTF8?1:2);
78093	}
78094	if( nByte>iLimit ){
78095	return sqlite3ErrorToParser(pMem->db, SQLITE_TOOBIG);
	@@ -78111,11 +78121,11 @@
78111	pMem->xDel = xDel;
78112	flags \|= ((xDel==SQLITE_STATIC)?MEM_Static:MEM_Dyn);
78113	}
78114	}
78115
78116	pMem->n = nByte;
78117	pMem->flags = flags;
78118	if( enc ){
78119	pMem->enc = enc;
78120	#ifdef SQLITE_ENABLE_SESSION
78121	}else if( pMem->db==0 ){
	@@ -78131,11 +78141,11 @@
78131	return SQLITE_NOMEM_BKPT;
78132	}
78133	#endif
78134
78135	if( nByte>iLimit ){
78136	return SQLITE_TOOBIG;
78137	}
78138
78139	return SQLITE_OK;
78140	}
78141
	@@ -84527,11 +84537,11 @@
84527	}else if( xDel==SQLITE_TRANSIENT ){
84528	/* noop */
84529	}else{
84530	xDel((void*)p);
84531	}
84532	if( pCtx ) sqlite3_result_error_toobig(pCtx);
84533	return SQLITE_TOOBIG;
84534	}
84535	SQLITE_API void sqlite3_result_blob(
84536	sqlite3_context *pCtx,
84537	const void *z,
	@@ -85509,11 +85519,11 @@
85509	*/
85510	static int bindText(
85511	sqlite3_stmt pStmt, / The statement to bind against */
85512	int i, /* Index of the parameter to bind */
85513	const void zData, / Pointer to the data to be bound */
85514	int nData, /* Number of bytes of data to be bound */
85515	void (xDel)(void), /* Destructor for the data */
85516	u8 encoding /* Encoding for the data */
85517	){
85518	Vdbe p = (Vdbe )pStmt;
85519	Mem *pVar;
	@@ -85561,15 +85571,11 @@
85561	const void *zData,
85562	sqlite3_uint64 nData,
85563	void (xDel)(void)
85564	){
85565	assert( xDel!=SQLITE_DYNAMIC );
85566	if( nData>0x7fffffff ){
85567	return invokeValueDestructor(zData, xDel, 0);
85568	}else{
85569	return bindText(pStmt, i, zData, (int)nData, xDel, 0);
85570	}
85571	}
85572	SQLITE_API int sqlite3_bind_double(sqlite3_stmt *pStmt, int i, double rValue){
85573	int rc;
85574	Vdbe p = (Vdbe )pStmt;
85575	rc = vdbeUnbind(p, i);
	@@ -85635,16 +85641,12 @@
85635	sqlite3_uint64 nData,
85636	void (xDel)(void),
85637	unsigned char enc
85638	){
85639	assert( xDel!=SQLITE_DYNAMIC );
85640	if( nData>0x7fffffff ){
85641	return invokeValueDestructor(zData, xDel, 0);
85642	}else{
85643	if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
85644	return bindText(pStmt, i, zData, (int)nData, xDel, enc);
85645	}
85646	}
85647	#ifndef SQLITE_OMIT_UTF16
85648	SQLITE_API int sqlite3_bind_text16(
85649	sqlite3_stmt *pStmt,
85650	int i,
	@@ -90957,11 +90959,12 @@
90957	assert( pOp[1].opcode==OP_SeekGE );
90958
90959	/* pOp->p2 points to the first instruction past the OP_IdxGT that
90960	** follows the OP_SeekGE. */
90961	assert( pOp->p2>=(int)(pOp-aOp)+2 );
90962	assert( aOp[pOp->p2-1].opcode==OP_IdxGT );

90963	assert( pOp[1].p1==aOp[pOp->p2-1].p1 );
90964	assert( pOp[1].p2==aOp[pOp->p2-1].p2 );
90965	assert( pOp[1].p3==aOp[pOp->p2-1].p3 );
90966
90967	assert( pOp->p1>0 );
	@@ -92847,11 +92850,13 @@
92847	}
92848	#endif
92849
92850	iDb = pOp->p1;
92851	assert( iDb>=0 && iDb<db->nDb );
92852	assert( DbHasProperty(db, iDb, DB_SchemaLoaded) \|\| db->mallocFailed );


92853
92854	#ifndef SQLITE_OMIT_ALTERTABLE
92855	if( pOp->p4.z==0 ){
92856	sqlite3SchemaClear(db->aDb[iDb].pSchema);
92857	db->mDbFlags &= ~DBFLAG_SchemaKnownOk;
	@@ -102622,11 +102627,11 @@
102622	** Create and return a deep copy of the object passed as the second
102623	** argument. If an OOM condition is encountered, NULL is returned
102624	** and the db->mallocFailed flag set.
102625	*/
102626	#ifndef SQLITE_OMIT_CTE
102627	static With withDup(sqlite3 db, With *p){
102628	With *pRet = 0;
102629	if( p ){
102630	sqlite3_int64 nByte = sizeof(p) + sizeof(p->a[0]) (p->nCte-1);
102631	pRet = sqlite3DbMallocZero(db, nByte);
102632	if( pRet ){
	@@ -102640,11 +102645,11 @@
102640	}
102641	}
102642	return pRet;
102643	}
102644	#else
102645	# define withDup(x,y) 0
102646	#endif
102647
102648	#ifndef SQLITE_OMIT_WINDOWFUNC
102649	/*
102650	** The gatherSelectWindows() procedure and its helper routine
	@@ -102844,11 +102849,11 @@
102844	pNew->iOffset = 0;
102845	pNew->selFlags = p->selFlags & ~SF_UsesEphemeral;
102846	pNew->addrOpenEphm[0] = -1;
102847	pNew->addrOpenEphm[1] = -1;
102848	pNew->nSelectRow = p->nSelectRow;
102849	pNew->pWith = withDup(db, p->pWith);
102850	#ifndef SQLITE_OMIT_WINDOWFUNC
102851	pNew->pWin = 0;
102852	pNew->pWinDefn = sqlite3WindowListDup(db, p->pWinDefn);
102853	if( p->pWin && db->mallocFailed==0 ) gatherSelectWindows(pNew);
102854	#endif
	@@ -108184,19 +108189,34 @@
108184	** to select statement pSelect.
108185	*/
108186	static void renameWalkWith(Walker pWalker, Select pSelect){
108187	With *pWith = pSelect->pWith;
108188	if( pWith ){

108189	int i;











108190	for(i=0; i<pWith->nCte; i++){
108191	Select *p = pWith->a[i].pSelect;
108192	NameContext sNC;
108193	memset(&sNC, 0, sizeof(sNC));
108194	sNC.pParse = pWalker->pParse;
108195	sqlite3SelectPrep(sNC.pParse, p, &sNC);
108196	sqlite3WalkSelect(pWalker, p);
108197	sqlite3RenameExprlistUnmap(pWalker->pParse, pWith->a[i].pCols);



108198	}
108199	}
108200	}
108201
108202	/*
	@@ -108219,11 +108239,15 @@
108219	*/
108220	static int renameUnmapSelectCb(Walker pWalker, Select p){
108221	Parse *pParse = pWalker->pParse;
108222	int i;
108223	if( pParse->nErr ) return WRC_Abort;
108224	if( p->selFlags & SF_View ) return WRC_Prune;




108225	if( ALWAYS(p->pEList) ){
108226	ExprList *pList = p->pEList;
108227	for(i=0; i<pList->nExpr; i++){
108228	if( pList->a[i].zEName && pList->a[i].eEName==ENAME_NAME ){
108229	sqlite3RenameTokenRemap(pParse, 0, (void*)pList->a[i].zEName);
	@@ -108327,11 +108351,15 @@
108327	** This is a Walker select callback. It does nothing. It is only required
108328	** because without a dummy callback, sqlite3WalkExpr() and similar do not
108329	** descend into sub-select statements.
108330	*/
108331	static int renameColumnSelectCb(Walker pWalker, Select p){
108332	if( p->selFlags & SF_View ) return WRC_Prune;




108333	renameWalkWith(pWalker, p);
108334	return WRC_Continue;
108335	}
108336
108337	/*
	@@ -108963,11 +108991,15 @@
108963	*/
108964	static int renameTableSelectCb(Walker pWalker, Select pSelect){
108965	int i;
108966	RenameCtx *p = pWalker->u.pRename;
108967	SrcList *pSrc = pSelect->pSrc;
108968	if( pSelect->selFlags & SF_View ) return WRC_Prune;




108969	if( NEVER(pSrc==0) ){
108970	assert( pWalker->pParse->db->mallocFailed );
108971	return WRC_Abort;
108972	}
108973	for(i=0; i<pSrc->nSrc; i++){
	@@ -116705,11 +116737,11 @@
116705	const char *zDb = db->aDb[iDb].zDbSName;
116706	const char *zTab = SCHEMA_TABLE(iDb);
116707	if( sqlite3AuthCheck(pParse, SQLITE_DELETE, zTab, 0, zDb) ){
116708	goto exit_drop_index;
116709	}
116710	if( !OMIT_TEMPDB && iDb ) code = SQLITE_DROP_TEMP_INDEX;
116711	if( sqlite3AuthCheck(pParse, code, pIndex->zName, pTab->zName, zDb) ){
116712	goto exit_drop_index;
116713	}
116714	}
116715	#endif
	@@ -119237,17 +119269,19 @@
119237	){
119238	/* This column was already computed by the previous index */
119239	continue;
119240	}
119241	sqlite3ExprCodeLoadIndexColumn(pParse, pIdx, iDataCur, j, regBase+j);
119242	/* If the column affinity is REAL but the number is an integer, then it
119243	** might be stored in the table as an integer (using a compact
119244	** representation) then converted to REAL by an OP_RealAffinity opcode.
119245	** But we are getting ready to store this value back into an index, where
119246	** it should be converted by to INTEGER again. So omit the OP_RealAffinity
119247	** opcode if it is present */
119248	sqlite3VdbeDeletePriorOpcode(v, OP_RealAffinity);


119249	}
119250	if( regOut ){
119251	sqlite3VdbeAddOp3(v, OP_MakeRecord, regBase, nCol, regOut);
119252	}
119253	sqlite3ReleaseTempRange(pParse, regBase, nCol);
	@@ -127401,11 +127435,11 @@
127401	sqlite3_loadext_entry xInit;
127402	char *zErrmsg = 0;
127403	const char *zEntry;
127404	char *zAltEntry = 0;
127405	void **aHandle;
127406	u64 nMsg = 300 + sqlite3Strlen30(zFile);
127407	int ii;
127408	int rc;
127409
127410	/* Shared library endings to try if zFile cannot be loaded as written */
127411	static const char *azEndings[] = {
	@@ -127435,30 +127469,26 @@
127435	return SQLITE_ERROR;
127436	}
127437
127438	zEntry = zProc ? zProc : "sqlite3_extension_init";
127439






127440	handle = sqlite3OsDlOpen(pVfs, zFile);
127441	#if SQLITE_OS_UNIX \|\| SQLITE_OS_WIN
127442	for(ii=0; ii<ArraySize(azEndings) && handle==0; ii++){
127443	char *zAltFile = sqlite3_mprintf("%s.%s", zFile, azEndings[ii]);
127444	if( zAltFile==0 ) return SQLITE_NOMEM_BKPT;
127445	handle = sqlite3OsDlOpen(pVfs, zAltFile);
127446	sqlite3_free(zAltFile);
127447	}
127448	#endif
127449	if( handle==0 ){
127450	if( pzErrMsg ){
127451	*pzErrMsg = zErrmsg = sqlite3_malloc64(nMsg);
127452	if( zErrmsg ){
127453	sqlite3_snprintf(nMsg, zErrmsg,
127454	"unable to open shared library [%s]", zFile);
127455	sqlite3OsDlError(pVfs, nMsg-1, zErrmsg);
127456	}
127457	}
127458	return SQLITE_ERROR;
127459	}
127460	xInit = (sqlite3_loadext_entry)sqlite3OsDlSym(pVfs, handle, zEntry);
127461
127462	/* If no entry point was specified and the default legacy
127463	** entry point name "sqlite3_extension_init" was not found, then
127464	** construct an entry point name "sqlite3_X_init" where the X is
	@@ -127491,14 +127521,15 @@
127491	zEntry = zAltEntry;
127492	xInit = (sqlite3_loadext_entry)sqlite3OsDlSym(pVfs, handle, zEntry);
127493	}
127494	if( xInit==0 ){
127495	if( pzErrMsg ){
127496	nMsg += sqlite3Strlen30(zEntry);
127497	*pzErrMsg = zErrmsg = sqlite3_malloc64(nMsg);
127498	if( zErrmsg ){
127499	sqlite3_snprintf(nMsg, zErrmsg,

127500	"no entry point [%s] in shared library [%s]", zEntry, zFile);
127501	sqlite3OsDlError(pVfs, nMsg-1, zErrmsg);
127502	}
127503	}
127504	sqlite3OsDlClose(pVfs, handle);
	@@ -127528,10 +127559,23 @@
127528	sqlite3DbFree(db, db->aExtension);
127529	db->aExtension = aHandle;
127530
127531	db->aExtension[db->nExtension++] = handle;
127532	return SQLITE_OK;













127533	}
127534	SQLITE_API int sqlite3_load_extension(
127535	sqlite3 db, / Load the extension into this database connection */
127536	const char zFile, / Name of the shared library containing extension */
127537	const char zProc, / Entry point. Use "sqlite3_extension_init" if 0 */
	@@ -131368,13 +131412,15 @@
131368	if( rc==SQLITE_OK ){
131369	sqlite3AnalysisLoad(db, iDb);
131370	}
131371	#endif
131372	}

131373	if( db->mallocFailed ){
131374	rc = SQLITE_NOMEM_BKPT;
131375	sqlite3ResetAllSchemasOfConnection(db);

131376	}else
131377	if( rc==SQLITE_OK \|\| (db->flags&SQLITE_NoSchemaError)){
131378	/* Hack: If the SQLITE_NoSchemaError flag is set, then consider
131379	** the schema loaded, even if errors (other than OOM) occurred. In
131380	** this situation the current sqlite3_prepare() operation will fail,
	@@ -136426,10 +136472,11 @@
136426	** a known value due to WHERE clause constraints of the form COLUMN=VALUE.
136427	*/
136428	typedef struct WhereConst WhereConst;
136429	struct WhereConst {
136430	Parse pParse; / Parsing context */

136431	int nConst; /* Number for COLUMN=CONSTANT terms */
136432	int nChng; /* Number of times a constant is propagated */
136433	int bHasAffBlob; /* At least one column in apExpr[] as affinity BLOB */
136434	Expr *apExpr; / [i2] is COLUMN and [i2+1] is VALUE */
136435	};
	@@ -136525,10 +136572,11 @@
136525	WhereConst *pConst,
136526	Expr *pExpr,
136527	int bIgnoreAffBlob
136528	){
136529	int i;

136530	if( pExpr->op!=TK_COLUMN ) return WRC_Continue;
136531	if( ExprHasProperty(pExpr, EP_FixedCol\|EP_FromJoin) ){
136532	testcase( ExprHasProperty(pExpr, EP_FixedCol) );
136533	testcase( ExprHasProperty(pExpr, EP_FromJoin) );
136534	return WRC_Continue;
	@@ -136545,10 +136593,11 @@
136545	pConst->nChng++;
136546	ExprClearProperty(pExpr, EP_Leaf);
136547	ExprSetProperty(pExpr, EP_FixedCol);
136548	assert( pExpr->pLeft==0 );
136549	pExpr->pLeft = sqlite3ExprDup(pConst->pParse->db, pConst->apExpr[i*2+1], 0);

136550	break;
136551	}
136552	return WRC_Prune;
136553	}
136554
	@@ -136577,10 +136626,11 @@
136577	if( pConst->bHasAffBlob ){
136578	if( (pExpr->op>=TK_EQ && pExpr->op<=TK_GE)
136579	\|\| pExpr->op==TK_IS
136580	){
136581	propagateConstantExprRewriteOne(pConst, pExpr->pLeft, 0);

136582	if( sqlite3ExprAffinity(pExpr->pLeft)!=SQLITE_AFF_TEXT ){
136583	propagateConstantExprRewriteOne(pConst, pExpr->pRight, 0);
136584	}
136585	}
136586	}
	@@ -136644,10 +136694,11 @@
136644	){
136645	WhereConst x;
136646	Walker w;
136647	int nChng = 0;
136648	x.pParse = pParse;

136649	do{
136650	x.nConst = 0;
136651	x.nChng = 0;
136652	x.apExpr = 0;
136653	x.bHasAffBlob = 0;
	@@ -137099,25 +137150,33 @@
137099	** onto the top of the stack. If argument bFree is true, then this
137100	** WITH clause will never be popped from the stack but should instead
137101	** be freed along with the Parse object. In other cases, when
137102	** bFree==0, the With object will be freed along with the SELECT
137103	** statement with which it is associated.







137104	*/
137105	SQLITE_PRIVATE void sqlite3WithPush(Parse pParse, With pWith, u8 bFree){
137106	if( pWith ){






137107	if( pParse->nErr==0 ){
137108	assert( pParse->pWith!=pWith );
137109	pWith->pOuter = pParse->pWith;
137110	pParse->pWith = pWith;
137111	}
137112	if( bFree ){
137113	sqlite3ParserAddCleanup(pParse,
137114	(void()(sqlite3,void*))sqlite3WithDelete,
137115	pWith);
137116	testcase( pParse->earlyCleanup );
137117	}
137118	}

137119	}
137120
137121	/*
137122	** This function checks if argument pFrom refers to a CTE declared by
137123	** a WITH clause on the stack currently maintained by the parser (on the
	@@ -137206,10 +137265,11 @@
137206	pTab->iPKey = -1;
137207	pTab->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
137208	pTab->tabFlags \|= TF_Ephemeral \| TF_NoVisibleRowid;
137209	pFrom->pSelect = sqlite3SelectDup(db, pCte->pSelect, 0);
137210	if( db->mallocFailed ) return 2;

137211	assert( pFrom->pSelect );
137212	pFrom->fg.isCte = 1;
137213	pFrom->u2.pCteUse = pCteUse;
137214	pCteUse->nUse++;
137215	if( pCteUse->nUse>=2 && pCteUse->eM10d==M10d_Any ){
	@@ -137474,10 +137534,11 @@
137474	){
137475	sqlite3ErrorMsg(pParse, "access to view \"%s\" prohibited",
137476	pTab->zName);
137477	}
137478	#ifndef SQLITE_OMIT_VIRTUALTABLE

137479	if( IsVirtual(pTab)
137480	&& pFrom->fg.fromDDL
137481	&& ALWAYS(pTab->pVTable!=0)
137482	&& pTab->pVTable->eVtabRisk > ((db->flags & SQLITE_TrustedSchema)!=0)
137483	){
	@@ -183221,12 +183282,12 @@
183221	int nPrev, /* Size of buffer zPrev in bytes */
183222	const char zNext, / Buffer containing next term */
183223	int nNext /* Size of buffer zNext in bytes */
183224	){
183225	int n;
183226	UNUSED_PARAMETER(nNext);
183227	for(n=0; n<nPrev && zPrev[n]==zNext[n]; n++);
183228	return n;
183229	}
183230
183231	/*
183232	** Add term zTerm to the SegmentNode. It is guaranteed that zTerm is larger
	@@ -184221,11 +184282,11 @@
184221	iDelta = (i64)((u64)iDocid - (u64)iPrev);
184222	}
184223
184224	nByte = sqlite3Fts3VarintLen(iDelta) + (isRequirePos?nList+1:0);
184225
184226	rc = fts3GrowSegReaderBuffer(pCsr, nByte+nDoclist);
184227	if( rc ) return rc;
184228
184229	if( isFirst ){
184230	char *a = &pCsr->aBuffer[nDoclist];
184231	int nWrite;
	@@ -216164,10 +216225,11 @@
216164	return 1;
216165	}else{
216166	i64 iOff = *piOff;
216167	int iVal;
216168	fts5FastGetVarint32(a, i, iVal);

216169	if( iVal<=1 ){
216170	if( iVal==0 ){
216171	*pi = i;
216172	return 0;
216173	}
	@@ -216177,13 +216239,16 @@
216177	if( iVal<2 ){
216178	/* This is a corrupt record. So stop parsing it here. */
216179	*piOff = -1;
216180	return 1;
216181	}



216182	}
216183	*piOff = iOff + ((iVal-2) & 0x7FFFFFFF);
216184	*pi = i;

216185	return 0;
216186	}
216187	}
216188
216189
	@@ -216218,18 +216283,20 @@
216218	static void sqlite3Fts5PoslistSafeAppend(
216219	Fts5Buffer *pBuf,
216220	i64 *piPrev,
216221	i64 iPos
216222	){
216223	static const i64 colmask = ((i64)(0x7FFFFFFF)) << 32;
216224	if( (iPos & colmask) != (*piPrev & colmask) ){
216225	pBuf->p[pBuf->n++] = 1;
216226	pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos>>32));
216227	*piPrev = (iPos & colmask);
216228	}
216229	pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos-*piPrev)+2);
216230	*piPrev = iPos;


216231	}
216232
216233	static int sqlite3Fts5PoslistWriterAppend(
216234	Fts5Buffer *pBuf,
216235	Fts5PoslistWriter *pWriter,
	@@ -224157,11 +224224,11 @@
224157	pIter->base.nData = p-aCopy;
224158	return;
224159	}
224160	fts5BufferSafeAppendBlob(&pIter->poslist, aCopy, p-aCopy);
224161	}
224162	if( p==pEnd ){
224163	pIter->base.pData = pIter->poslist.p;
224164	pIter->base.nData = pIter->poslist.n;
224165	return;
224166	}
224167	aCopy = p++;
	@@ -225953,11 +226020,11 @@
225953	Fts5Buffer p1, / First list to merge */
225954	int nBuf, /* Number of buffers in array aBuf[] */
225955	Fts5Buffer aBuf / Other lists to merge in */
225956	){
225957	#define fts5PrefixMergerNextPosition(p) \
225958	sqlite3Fts5PoslistNext64((p)->aPos,(p)->iter.nPoslist,&(p)->iOff,&(p)->iPos);
225959	#define FTS5_MERGE_NLIST 16
225960	PrefixMerger aMerger[FTS5_MERGE_NLIST];
225961	PrefixMerger *pHead = 0;
225962	int i;
225963	int nOut = 0;
	@@ -230501,11 +230568,11 @@
230501	int nArg, /* Number of args */
230502	sqlite3_value *apUnused / Function arguments */
230503	){
230504	assert( nArg==0 );
230505	UNUSED_PARAM2(nArg, apUnused);
230506	sqlite3_result_text(pCtx, "fts5: 2021-06-04 23:26:56 1c71de43dbc68002c4a6229e7efffb019655baff67a51fe922571fe420c95835", -1, SQLITE_TRANSIENT);
230507	}
230508
230509	/*
230510	** Return true if zName is the extension on one of the shadow tables used
230511	** by this module.
	@@ -235427,12 +235494,12 @@
235427	}
235428	#endif /* SQLITE_CORE */
235429	#endif /* !defined(SQLITE_CORE) \|\| defined(SQLITE_ENABLE_STMTVTAB) */
235430
235431	/************ End of stmt.c **********************************************/
235432	#if __LINE__!=235432
235433	#undef SQLITE_SOURCE_ID
235434	#define SQLITE_SOURCE_ID "2021-06-07 00:41:18 2aa9368b63b42ac7c700516f109edcc6098c12b850eae591afed4e51a3f4alt2"
235435	#endif
235436	/* Return the source-id for this library */
235437	SQLITE_API const char *sqlite3_sourceid(void){ return SQLITE_SOURCE_ID; }
235438	/************************ End of sqlite3.c ****************************/
235439

	--- src/sqlite3.c
	+++ src/sqlite3.c
	@@ -1205,11 +1205,11 @@
1205	** [sqlite3_libversion_number()], [sqlite3_sourceid()],
1206	** [sqlite_version()] and [sqlite_source_id()].
1207	*/
1208	#define SQLITE_VERSION "3.36.0"
1209	#define SQLITE_VERSION_NUMBER 3036000
1210	#define SQLITE_SOURCE_ID "2021-06-14 20:41:20 e5a5acd6006133c5da4a7dd79726dbaa41c0d60ebeda890f848a6aafe5f9ef70"
1211
1212	/*
1213	** CAPI3REF: Run-Time Library Version Numbers
1214	** KEYWORDS: sqlite3_version sqlite3_sourceid
1215	**
	@@ -16558,10 +16558,16 @@
16558	*/
16559	#ifndef SET_FULLSYNC
16560	# define SET_FULLSYNC(x,y)
16561	#endif
16562
16563	/* Maximum pathname length. Note: FILENAME_MAX defined by stdio.h
16564	*/
16565	#ifndef SQLITE_MAX_PATHLEN
16566	# define SQLITE_MAX_PATHLEN FILENAME_MAX
16567	#endif
16568
16569	/*
16570	** The default size of a disk sector
16571	*/
16572	#ifndef SQLITE_DEFAULT_SECTOR_SIZE
16573	# define SQLITE_DEFAULT_SECTOR_SIZE 4096
	@@ -18795,10 +18801,11 @@
18801	#define SF_View 0x0200000 /* SELECT statement is a view */
18802	#define SF_NoopOrderBy 0x0400000 /* ORDER BY is ignored for this query */
18803	#define SF_UpdateFrom 0x0800000 /* Statement is an UPDATE...FROM */
18804	#define SF_PushDown 0x1000000 /* SELECT has be modified by push-down opt */
18805	#define SF_MultiPart 0x2000000 /* Has multiple incompatible PARTITIONs */
18806	#define SF_CopyCte 0x4000000 /* SELECT statement is a copy of a CTE */
18807
18808	/*
18809	** The results of a SELECT can be distributed in several ways, as defined
18810	** by one of the following macros. The "SRT" prefix means "SELECT Result
18811	** Type".
	@@ -20158,10 +20165,11 @@
20165	SQLITE_PRIVATE void sqlite3RegisterDateTimeFunctions(void);
20166	SQLITE_PRIVATE void sqlite3RegisterPerConnectionBuiltinFunctions(sqlite3*);
20167	SQLITE_PRIVATE int sqlite3SafetyCheckOk(sqlite3*);
20168	SQLITE_PRIVATE int sqlite3SafetyCheckSickOrOk(sqlite3*);
20169	SQLITE_PRIVATE void sqlite3ChangeCookie(Parse*, int);
20170	SQLITE_PRIVATE With sqlite3WithDup(sqlite3 db, With *p);
20171
20172	#if !defined(SQLITE_OMIT_VIEW) && !defined(SQLITE_OMIT_TRIGGER)
20173	SQLITE_PRIVATE void sqlite3MaterializeView(Parse, Table, Expr, ExprList,Expr*,int);
20174	#endif
20175
	@@ -20568,11 +20576,11 @@
20576	#ifndef SQLITE_OMIT_CTE
20577	SQLITE_PRIVATE Cte sqlite3CteNew(Parse,Token,ExprList,Select*,u8);
20578	SQLITE_PRIVATE void sqlite3CteDelete(sqlite3,Cte);
20579	SQLITE_PRIVATE With sqlite3WithAdd(Parse,With,Cte);
20580	SQLITE_PRIVATE void sqlite3WithDelete(sqlite3,With);
20581	SQLITE_PRIVATE With sqlite3WithPush(Parse, With*, u8);
20582	#else
20583	# define sqlite3CteNew(P,T,E,S) ((void*)0)
20584	# define sqlite3CteDelete(D,C)
20585	# define sqlite3CteWithAdd(P,W,C) ((void*)0)
20586	# define sqlite3WithDelete(x,y)
	@@ -21670,11 +21678,11 @@
21678	SQLITE_PRIVATE int sqlite3VdbeMemTooBig(Mem*);
21679	SQLITE_PRIVATE int sqlite3VdbeMemCopy(Mem, const Mem);
21680	SQLITE_PRIVATE void sqlite3VdbeMemShallowCopy(Mem, const Mem, int);
21681	SQLITE_PRIVATE void sqlite3VdbeMemMove(Mem, Mem);
21682	SQLITE_PRIVATE int sqlite3VdbeMemNulTerminate(Mem*);
21683	SQLITE_PRIVATE int sqlite3VdbeMemSetStr(Mem, const char, i64, u8, void()(void));
21684	SQLITE_PRIVATE void sqlite3VdbeMemSetInt64(Mem*, i64);
21685	#ifdef SQLITE_OMIT_FLOATING_POINT
21686	# define sqlite3VdbeMemSetDouble sqlite3VdbeMemSetInt64
21687	#else
21688	SQLITE_PRIVATE void sqlite3VdbeMemSetDouble(Mem*, double);
	@@ -23667,10 +23675,12 @@
23675	zPathOut[0] = 0;
23676	return pVfs->xFullPathname(pVfs, zPath, nPathOut, zPathOut);
23677	}
23678	#ifndef SQLITE_OMIT_LOAD_EXTENSION
23679	SQLITE_PRIVATE void sqlite3OsDlOpen(sqlite3_vfs pVfs, const char *zPath){
23680	assert( zPath!=0 );
23681	assert( strlen(zPath)<=SQLITE_MAX_PATHLEN ); /* tag-20210611-1 */
23682	return pVfs->xDlOpen(pVfs, zPath);
23683	}
23684	SQLITE_PRIVATE void sqlite3OsDlError(sqlite3_vfs pVfs, int nByte, char zBufOut){
23685	pVfs->xDlError(pVfs, nByte, zBufOut);
23686	}
	@@ -66965,11 +66975,11 @@
66975	testcase( pc+size==usableSize );
66976	put2byte(pAddr, cbrk);
66977	if( temp==0 ){
66978	if( cbrk==pc ) continue;
66979	temp = sqlite3PagerTempSpace(pPage->pBt->pPager);
66980	memcpy(&temp[iCellStart], &data[iCellStart], usableSize - iCellStart);
66981	src = temp;
66982	}
66983	memcpy(&data[cbrk], &src[pc], size);
66984	}
66985	data[hdr+7] = 0;
	@@ -78047,15 +78057,15 @@
78057	** either case, SQLITE_TOOBIG is returned.
78058	*/
78059	SQLITE_PRIVATE int sqlite3VdbeMemSetStr(
78060	Mem pMem, / Memory cell to set to string value */
78061	const char z, / String pointer */
78062	i64 n, /* Bytes in string, or negative */
78063	u8 enc, /* Encoding of z. 0 for BLOBs */
78064	void (xDel)(void) /* Destructor function */
78065	){
78066	i64 nByte = n; /* New value for pMem->n */
78067	int iLimit; /* Maximum allowed string or blob size */
78068	u16 flags = 0; /* New value for pMem->flags */
78069
78070	assert( pMem->db==0 \|\| sqlite3_mutex_held(pMem->db->mutex) );
78071	assert( !sqlite3VdbeMemIsRowSet(pMem) );
	@@ -78073,11 +78083,11 @@
78083	}
78084	flags = (enc==0?MEM_Blob:MEM_Str);
78085	if( nByte<0 ){
78086	assert( enc!=0 );
78087	if( enc==SQLITE_UTF8 ){
78088	nByte = strlen(z);
78089	}else{
78090	for(nByte=0; nByte<=iLimit && (z[nByte] \| z[nByte+1]); nByte+=2){}
78091	}
78092	flags \|= MEM_Term;
78093	}
	@@ -78085,11 +78095,11 @@
78095	/* The following block sets the new values of Mem.z and Mem.xDel. It
78096	** also sets a flag in local variable "flags" to indicate the memory
78097	** management (one of MEM_Dyn or MEM_Static).
78098	*/
78099	if( xDel==SQLITE_TRANSIENT ){
78100	i64 nAlloc = nByte;
78101	if( flags&MEM_Term ){
78102	nAlloc += (enc==SQLITE_UTF8?1:2);
78103	}
78104	if( nByte>iLimit ){
78105	return sqlite3ErrorToParser(pMem->db, SQLITE_TOOBIG);
	@@ -78111,11 +78121,11 @@
78121	pMem->xDel = xDel;
78122	flags \|= ((xDel==SQLITE_STATIC)?MEM_Static:MEM_Dyn);
78123	}
78124	}
78125
78126	pMem->n = (int)(nByte & 0x7fffffff);
78127	pMem->flags = flags;
78128	if( enc ){
78129	pMem->enc = enc;
78130	#ifdef SQLITE_ENABLE_SESSION
78131	}else if( pMem->db==0 ){
	@@ -78131,11 +78141,11 @@
78141	return SQLITE_NOMEM_BKPT;
78142	}
78143	#endif
78144
78145	if( nByte>iLimit ){
78146	return sqlite3ErrorToParser(pMem->db, SQLITE_TOOBIG);
78147	}
78148
78149	return SQLITE_OK;
78150	}
78151
	@@ -84527,11 +84537,11 @@
84537	}else if( xDel==SQLITE_TRANSIENT ){
84538	/* noop */
84539	}else{
84540	xDel((void*)p);
84541	}
84542	sqlite3_result_error_toobig(pCtx);
84543	return SQLITE_TOOBIG;
84544	}
84545	SQLITE_API void sqlite3_result_blob(
84546	sqlite3_context *pCtx,
84547	const void *z,
	@@ -85509,11 +85519,11 @@
85519	*/
85520	static int bindText(
85521	sqlite3_stmt pStmt, / The statement to bind against */
85522	int i, /* Index of the parameter to bind */
85523	const void zData, / Pointer to the data to be bound */
85524	i64 nData, /* Number of bytes of data to be bound */
85525	void (xDel)(void), /* Destructor for the data */
85526	u8 encoding /* Encoding for the data */
85527	){
85528	Vdbe p = (Vdbe )pStmt;
85529	Mem *pVar;
	@@ -85561,15 +85571,11 @@
85571	const void *zData,
85572	sqlite3_uint64 nData,
85573	void (xDel)(void)
85574	){
85575	assert( xDel!=SQLITE_DYNAMIC );
85576	return bindText(pStmt, i, zData, nData, xDel, 0);




85577	}
85578	SQLITE_API int sqlite3_bind_double(sqlite3_stmt *pStmt, int i, double rValue){
85579	int rc;
85580	Vdbe p = (Vdbe )pStmt;
85581	rc = vdbeUnbind(p, i);
	@@ -85635,16 +85641,12 @@
85641	sqlite3_uint64 nData,
85642	void (xDel)(void),
85643	unsigned char enc
85644	){
85645	assert( xDel!=SQLITE_DYNAMIC );
85646	if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
85647	return bindText(pStmt, i, zData, nData, xDel, enc);




85648	}
85649	#ifndef SQLITE_OMIT_UTF16
85650	SQLITE_API int sqlite3_bind_text16(
85651	sqlite3_stmt *pStmt,
85652	int i,
	@@ -90957,11 +90959,12 @@
90959	assert( pOp[1].opcode==OP_SeekGE );
90960
90961	/* pOp->p2 points to the first instruction past the OP_IdxGT that
90962	** follows the OP_SeekGE. */
90963	assert( pOp->p2>=(int)(pOp-aOp)+2 );
90964	assert( aOp[pOp->p2-1].opcode==OP_IdxGT \|\| aOp[pOp->p2-1].opcode==OP_IdxGE );
90965	testcase( aOp[pOp->p2-1].opcode==OP_IdxGE );
90966	assert( pOp[1].p1==aOp[pOp->p2-1].p1 );
90967	assert( pOp[1].p2==aOp[pOp->p2-1].p2 );
90968	assert( pOp[1].p3==aOp[pOp->p2-1].p3 );
90969
90970	assert( pOp->p1>0 );
	@@ -92847,11 +92850,13 @@
92850	}
92851	#endif
92852
92853	iDb = pOp->p1;
92854	assert( iDb>=0 && iDb<db->nDb );
92855	assert( DbHasProperty(db, iDb, DB_SchemaLoaded)
92856	\|\| db->mallocFailed
92857	\|\| (CORRUPT_DB && (db->flags & SQLITE_NoSchemaError)!=0) );
92858
92859	#ifndef SQLITE_OMIT_ALTERTABLE
92860	if( pOp->p4.z==0 ){
92861	sqlite3SchemaClear(db->aDb[iDb].pSchema);
92862	db->mDbFlags &= ~DBFLAG_SchemaKnownOk;
	@@ -102622,11 +102627,11 @@
102627	** Create and return a deep copy of the object passed as the second
102628	** argument. If an OOM condition is encountered, NULL is returned
102629	** and the db->mallocFailed flag set.
102630	*/
102631	#ifndef SQLITE_OMIT_CTE
102632	SQLITE_PRIVATE With sqlite3WithDup(sqlite3 db, With *p){
102633	With *pRet = 0;
102634	if( p ){
102635	sqlite3_int64 nByte = sizeof(p) + sizeof(p->a[0]) (p->nCte-1);
102636	pRet = sqlite3DbMallocZero(db, nByte);
102637	if( pRet ){
	@@ -102640,11 +102645,11 @@
102645	}
102646	}
102647	return pRet;
102648	}
102649	#else
102650	# define sqlite3WithDup(x,y) 0
102651	#endif
102652
102653	#ifndef SQLITE_OMIT_WINDOWFUNC
102654	/*
102655	** The gatherSelectWindows() procedure and its helper routine
	@@ -102844,11 +102849,11 @@
102849	pNew->iOffset = 0;
102850	pNew->selFlags = p->selFlags & ~SF_UsesEphemeral;
102851	pNew->addrOpenEphm[0] = -1;
102852	pNew->addrOpenEphm[1] = -1;
102853	pNew->nSelectRow = p->nSelectRow;
102854	pNew->pWith = sqlite3WithDup(db, p->pWith);
102855	#ifndef SQLITE_OMIT_WINDOWFUNC
102856	pNew->pWin = 0;
102857	pNew->pWinDefn = sqlite3WindowListDup(db, p->pWinDefn);
102858	if( p->pWin && db->mallocFailed==0 ) gatherSelectWindows(pNew);
102859	#endif
	@@ -108184,19 +108189,34 @@
108189	** to select statement pSelect.
108190	*/
108191	static void renameWalkWith(Walker pWalker, Select pSelect){
108192	With *pWith = pSelect->pWith;
108193	if( pWith ){
108194	Parse *pParse = pWalker->pParse;
108195	int i;
108196	With *pCopy = 0;
108197	assert( pWith->nCte>0 );
108198	if( (pWith->a[0].pSelect->selFlags & SF_Expanded)==0 ){
108199	/* Push a copy of the With object onto the with-stack. We use a copy
108200	** here as the original will be expanded and resolved (flags SF_Expanded
108201	** and SF_Resolved) below. And the parser code that uses the with-stack
108202	** fails if the Select objects on it have already been expanded and
108203	** resolved. */
108204	pCopy = sqlite3WithDup(pParse->db, pWith);
108205	pCopy = sqlite3WithPush(pParse, pCopy, 1);
108206	}
108207	for(i=0; i<pWith->nCte; i++){
108208	Select *p = pWith->a[i].pSelect;
108209	NameContext sNC;
108210	memset(&sNC, 0, sizeof(sNC));
108211	sNC.pParse = pParse;
108212	if( pCopy ) sqlite3SelectPrep(sNC.pParse, p, &sNC);
108213	sqlite3WalkSelect(pWalker, p);
108214	sqlite3RenameExprlistUnmap(pParse, pWith->a[i].pCols);
108215	}
108216	if( pCopy && pParse->pWith==pCopy ){
108217	pParse->pWith = pCopy->pOuter;
108218	}
108219	}
108220	}
108221
108222	/*
	@@ -108219,11 +108239,15 @@
108239	*/
108240	static int renameUnmapSelectCb(Walker pWalker, Select p){
108241	Parse *pParse = pWalker->pParse;
108242	int i;
108243	if( pParse->nErr ) return WRC_Abort;
108244	if( p->selFlags & (SF_View\|SF_CopyCte) ){
108245	testcase( pSelect->selFlags & SF_View );
108246	testcase( pSelect->selFlags & SF_CopyCte );
108247	return WRC_Prune;
108248	}
108249	if( ALWAYS(p->pEList) ){
108250	ExprList *pList = p->pEList;
108251	for(i=0; i<pList->nExpr; i++){
108252	if( pList->a[i].zEName && pList->a[i].eEName==ENAME_NAME ){
108253	sqlite3RenameTokenRemap(pParse, 0, (void*)pList->a[i].zEName);
	@@ -108327,11 +108351,15 @@
108351	** This is a Walker select callback. It does nothing. It is only required
108352	** because without a dummy callback, sqlite3WalkExpr() and similar do not
108353	** descend into sub-select statements.
108354	*/
108355	static int renameColumnSelectCb(Walker pWalker, Select p){
108356	if( p->selFlags & (SF_View\|SF_CopyCte) ){
108357	testcase( pSelect->selFlags & SF_View );
108358	testcase( pSelect->selFlags & SF_CopyCte );
108359	return WRC_Prune;
108360	}
108361	renameWalkWith(pWalker, p);
108362	return WRC_Continue;
108363	}
108364
108365	/*
	@@ -108963,11 +108991,15 @@
108991	*/
108992	static int renameTableSelectCb(Walker pWalker, Select pSelect){
108993	int i;
108994	RenameCtx *p = pWalker->u.pRename;
108995	SrcList *pSrc = pSelect->pSrc;
108996	if( pSelect->selFlags & (SF_View\|SF_CopyCte) ){
108997	testcase( pSelect->selFlags & SF_View );
108998	testcase( pSelect->selFlags & SF_CopyCte );
108999	return WRC_Prune;
109000	}
109001	if( NEVER(pSrc==0) ){
109002	assert( pWalker->pParse->db->mallocFailed );
109003	return WRC_Abort;
109004	}
109005	for(i=0; i<pSrc->nSrc; i++){
	@@ -116705,11 +116737,11 @@
116737	const char *zDb = db->aDb[iDb].zDbSName;
116738	const char *zTab = SCHEMA_TABLE(iDb);
116739	if( sqlite3AuthCheck(pParse, SQLITE_DELETE, zTab, 0, zDb) ){
116740	goto exit_drop_index;
116741	}
116742	if( !OMIT_TEMPDB && iDb==1 ) code = SQLITE_DROP_TEMP_INDEX;
116743	if( sqlite3AuthCheck(pParse, code, pIndex->zName, pTab->zName, zDb) ){
116744	goto exit_drop_index;
116745	}
116746	}
116747	#endif
	@@ -119237,17 +119269,19 @@
119269	){
119270	/* This column was already computed by the previous index */
119271	continue;
119272	}
119273	sqlite3ExprCodeLoadIndexColumn(pParse, pIdx, iDataCur, j, regBase+j);
119274	if( pIdx->aiColumn[j]>=0 ){
119275	/* If the column affinity is REAL but the number is an integer, then it
119276	** might be stored in the table as an integer (using a compact
119277	** representation) then converted to REAL by an OP_RealAffinity opcode.
119278	** But we are getting ready to store this value back into an index, where
119279	** it should be converted by to INTEGER again. So omit the
119280	** OP_RealAffinity opcode if it is present */
119281	sqlite3VdbeDeletePriorOpcode(v, OP_RealAffinity);
119282	}
119283	}
119284	if( regOut ){
119285	sqlite3VdbeAddOp3(v, OP_MakeRecord, regBase, nCol, regOut);
119286	}
119287	sqlite3ReleaseTempRange(pParse, regBase, nCol);
	@@ -127401,11 +127435,11 @@
127435	sqlite3_loadext_entry xInit;
127436	char *zErrmsg = 0;
127437	const char *zEntry;
127438	char *zAltEntry = 0;
127439	void **aHandle;
127440	u64 nMsg = strlen(zFile);
127441	int ii;
127442	int rc;
127443
127444	/* Shared library endings to try if zFile cannot be loaded as written */
127445	static const char *azEndings[] = {
	@@ -127435,30 +127469,26 @@
127469	return SQLITE_ERROR;
127470	}
127471
127472	zEntry = zProc ? zProc : "sqlite3_extension_init";
127473
127474	/* tag-20210611-1. Some dlopen() implementations will segfault if given
127475	** an oversize filename. Most filesystems have a pathname limit of 4K,
127476	** so limit the extension filename length to about twice that.
127477	** https://sqlite.org/forum/forumpost/08a0d6d9bf */
127478	if( nMsg>SQLITE_MAX_PATHLEN ) goto extension_not_found;
127479
127480	handle = sqlite3OsDlOpen(pVfs, zFile);
127481	#if SQLITE_OS_UNIX \|\| SQLITE_OS_WIN
127482	for(ii=0; ii<ArraySize(azEndings) && handle==0; ii++){
127483	char *zAltFile = sqlite3_mprintf("%s.%s", zFile, azEndings[ii]);
127484	if( zAltFile==0 ) return SQLITE_NOMEM_BKPT;
127485	handle = sqlite3OsDlOpen(pVfs, zAltFile);
127486	sqlite3_free(zAltFile);
127487	}
127488	#endif
127489	if( handle==0 ) goto extension_not_found;










127490	xInit = (sqlite3_loadext_entry)sqlite3OsDlSym(pVfs, handle, zEntry);
127491
127492	/* If no entry point was specified and the default legacy
127493	** entry point name "sqlite3_extension_init" was not found, then
127494	** construct an entry point name "sqlite3_X_init" where the X is
	@@ -127491,14 +127521,15 @@
127521	zEntry = zAltEntry;
127522	xInit = (sqlite3_loadext_entry)sqlite3OsDlSym(pVfs, handle, zEntry);
127523	}
127524	if( xInit==0 ){
127525	if( pzErrMsg ){
127526	nMsg += strlen(zEntry) + 300;
127527	*pzErrMsg = zErrmsg = sqlite3_malloc64(nMsg);
127528	if( zErrmsg ){
127529	assert( nMsg<0x7fffffff ); /* zErrmsg would be NULL if not so */
127530	sqlite3_snprintf((int)nMsg, zErrmsg,
127531	"no entry point [%s] in shared library [%s]", zEntry, zFile);
127532	sqlite3OsDlError(pVfs, nMsg-1, zErrmsg);
127533	}
127534	}
127535	sqlite3OsDlClose(pVfs, handle);
	@@ -127528,10 +127559,23 @@
127559	sqlite3DbFree(db, db->aExtension);
127560	db->aExtension = aHandle;
127561
127562	db->aExtension[db->nExtension++] = handle;
127563	return SQLITE_OK;
127564
127565	extension_not_found:
127566	if( pzErrMsg ){
127567	nMsg += 300;
127568	*pzErrMsg = zErrmsg = sqlite3_malloc64(nMsg);
127569	if( zErrmsg ){
127570	assert( nMsg<0x7fffffff ); /* zErrmsg would be NULL if not so */
127571	sqlite3_snprintf((int)nMsg, zErrmsg,
127572	"unable to open shared library [%.*s]", SQLITE_MAX_PATHLEN, zFile);
127573	sqlite3OsDlError(pVfs, nMsg-1, zErrmsg);
127574	}
127575	}
127576	return SQLITE_ERROR;
127577	}
127578	SQLITE_API int sqlite3_load_extension(
127579	sqlite3 db, / Load the extension into this database connection */
127580	const char zFile, / Name of the shared library containing extension */
127581	const char zProc, / Entry point. Use "sqlite3_extension_init" if 0 */
	@@ -131368,13 +131412,15 @@
131412	if( rc==SQLITE_OK ){
131413	sqlite3AnalysisLoad(db, iDb);
131414	}
131415	#endif
131416	}
131417	assert( pDb == &(db->aDb[iDb]) );
131418	if( db->mallocFailed ){
131419	rc = SQLITE_NOMEM_BKPT;
131420	sqlite3ResetAllSchemasOfConnection(db);
131421	pDb = &db->aDb[iDb];
131422	}else
131423	if( rc==SQLITE_OK \|\| (db->flags&SQLITE_NoSchemaError)){
131424	/* Hack: If the SQLITE_NoSchemaError flag is set, then consider
131425	** the schema loaded, even if errors (other than OOM) occurred. In
131426	** this situation the current sqlite3_prepare() operation will fail,
	@@ -136426,10 +136472,11 @@
136472	** a known value due to WHERE clause constraints of the form COLUMN=VALUE.
136473	*/
136474	typedef struct WhereConst WhereConst;
136475	struct WhereConst {
136476	Parse pParse; / Parsing context */
136477	u8 pOomFault; / Pointer to pParse->db->mallocFailed */
136478	int nConst; /* Number for COLUMN=CONSTANT terms */
136479	int nChng; /* Number of times a constant is propagated */
136480	int bHasAffBlob; /* At least one column in apExpr[] as affinity BLOB */
136481	Expr *apExpr; / [i2] is COLUMN and [i2+1] is VALUE */
136482	};
	@@ -136525,10 +136572,11 @@
136572	WhereConst *pConst,
136573	Expr *pExpr,
136574	int bIgnoreAffBlob
136575	){
136576	int i;
136577	if( pConst->pOomFault[0] ) return WRC_Prune;
136578	if( pExpr->op!=TK_COLUMN ) return WRC_Continue;
136579	if( ExprHasProperty(pExpr, EP_FixedCol\|EP_FromJoin) ){
136580	testcase( ExprHasProperty(pExpr, EP_FixedCol) );
136581	testcase( ExprHasProperty(pExpr, EP_FromJoin) );
136582	return WRC_Continue;
	@@ -136545,10 +136593,11 @@
136593	pConst->nChng++;
136594	ExprClearProperty(pExpr, EP_Leaf);
136595	ExprSetProperty(pExpr, EP_FixedCol);
136596	assert( pExpr->pLeft==0 );
136597	pExpr->pLeft = sqlite3ExprDup(pConst->pParse->db, pConst->apExpr[i*2+1], 0);
136598	if( pConst->pParse->db->mallocFailed ) return WRC_Prune;
136599	break;
136600	}
136601	return WRC_Prune;
136602	}
136603
	@@ -136577,10 +136626,11 @@
136626	if( pConst->bHasAffBlob ){
136627	if( (pExpr->op>=TK_EQ && pExpr->op<=TK_GE)
136628	\|\| pExpr->op==TK_IS
136629	){
136630	propagateConstantExprRewriteOne(pConst, pExpr->pLeft, 0);
136631	if( pConst->pOomFault[0] ) return WRC_Prune;
136632	if( sqlite3ExprAffinity(pExpr->pLeft)!=SQLITE_AFF_TEXT ){
136633	propagateConstantExprRewriteOne(pConst, pExpr->pRight, 0);
136634	}
136635	}
136636	}
	@@ -136644,10 +136694,11 @@
136694	){
136695	WhereConst x;
136696	Walker w;
136697	int nChng = 0;
136698	x.pParse = pParse;
136699	x.pOomFault = &pParse->db->mallocFailed;
136700	do{
136701	x.nConst = 0;
136702	x.nChng = 0;
136703	x.apExpr = 0;
136704	x.bHasAffBlob = 0;
	@@ -137099,25 +137150,33 @@
137150	** onto the top of the stack. If argument bFree is true, then this
137151	** WITH clause will never be popped from the stack but should instead
137152	** be freed along with the Parse object. In other cases, when
137153	** bFree==0, the With object will be freed along with the SELECT
137154	** statement with which it is associated.
137155	**
137156	** This routine returns a copy of pWith. Or, if bFree is true and
137157	** the pWith object is destroyed immediately due to an OOM condition,
137158	** then this routine return NULL.
137159	**
137160	** If bFree is true, do not continue to use the pWith pointer after
137161	** calling this routine, Instead, use only the return value.
137162	*/
137163	SQLITE_PRIVATE With sqlite3WithPush(Parse pParse, With *pWith, u8 bFree){
137164	if( pWith ){
137165	if( bFree ){
137166	pWith = (With*)sqlite3ParserAddCleanup(pParse,
137167	(void()(sqlite3,void*))sqlite3WithDelete,
137168	pWith);
137169	if( pWith==0 ) return 0;
137170	}
137171	if( pParse->nErr==0 ){
137172	assert( pParse->pWith!=pWith );
137173	pWith->pOuter = pParse->pWith;
137174	pParse->pWith = pWith;
137175	}






137176	}
137177	return pWith;
137178	}
137179
137180	/*
137181	** This function checks if argument pFrom refers to a CTE declared by
137182	** a WITH clause on the stack currently maintained by the parser (on the
	@@ -137206,10 +137265,11 @@
137265	pTab->iPKey = -1;
137266	pTab->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
137267	pTab->tabFlags \|= TF_Ephemeral \| TF_NoVisibleRowid;
137268	pFrom->pSelect = sqlite3SelectDup(db, pCte->pSelect, 0);
137269	if( db->mallocFailed ) return 2;
137270	pFrom->pSelect->selFlags \|= SF_CopyCte;
137271	assert( pFrom->pSelect );
137272	pFrom->fg.isCte = 1;
137273	pFrom->u2.pCteUse = pCteUse;
137274	pCteUse->nUse++;
137275	if( pCteUse->nUse>=2 && pCteUse->eM10d==M10d_Any ){
	@@ -137474,10 +137534,11 @@
137534	){
137535	sqlite3ErrorMsg(pParse, "access to view \"%s\" prohibited",
137536	pTab->zName);
137537	}
137538	#ifndef SQLITE_OMIT_VIRTUALTABLE
137539	assert( SQLITE_VTABRISK_Normal==1 && SQLITE_VTABRISK_High==2 );
137540	if( IsVirtual(pTab)
137541	&& pFrom->fg.fromDDL
137542	&& ALWAYS(pTab->pVTable!=0)
137543	&& pTab->pVTable->eVtabRisk > ((db->flags & SQLITE_TrustedSchema)!=0)
137544	){
	@@ -183221,12 +183282,12 @@
183282	int nPrev, /* Size of buffer zPrev in bytes */
183283	const char zNext, / Buffer containing next term */
183284	int nNext /* Size of buffer zNext in bytes */
183285	){
183286	int n;
183287	for(n=0; n<nPrev && n<nNext && zPrev[n]==zNext[n]; n++);
183288	assert_fts3_nc( n<nNext );
183289	return n;
183290	}
183291
183292	/*
183293	** Add term zTerm to the SegmentNode. It is guaranteed that zTerm is larger
	@@ -184221,11 +184282,11 @@
184282	iDelta = (i64)((u64)iDocid - (u64)iPrev);
184283	}
184284
184285	nByte = sqlite3Fts3VarintLen(iDelta) + (isRequirePos?nList+1:0);
184286
184287	rc = fts3GrowSegReaderBuffer(pCsr, nByte+nDoclist+FTS3_NODE_PADDING);
184288	if( rc ) return rc;
184289
184290	if( isFirst ){
184291	char *a = &pCsr->aBuffer[nDoclist];
184292	int nWrite;
	@@ -216164,10 +216225,11 @@
216225	return 1;
216226	}else{
216227	i64 iOff = *piOff;
216228	int iVal;
216229	fts5FastGetVarint32(a, i, iVal);
216230	assert( iVal>=0 );
216231	if( iVal<=1 ){
216232	if( iVal==0 ){
216233	*pi = i;
216234	return 0;
216235	}
	@@ -216177,13 +216239,16 @@
216239	if( iVal<2 ){
216240	/* This is a corrupt record. So stop parsing it here. */
216241	*piOff = -1;
216242	return 1;
216243	}
216244	*piOff = iOff + ((iVal-2) & 0x7FFFFFFF);
216245	}else{
216246	*piOff = (iOff & (i64)0x7FFFFFFF<<32)+((iOff + (iVal-2)) & 0x7FFFFFFF);
216247	}

216248	*pi = i;
216249	assert( *piOff>=iOff );
216250	return 0;
216251	}
216252	}
216253
216254
	@@ -216218,18 +216283,20 @@
216283	static void sqlite3Fts5PoslistSafeAppend(
216284	Fts5Buffer *pBuf,
216285	i64 *piPrev,
216286	i64 iPos
216287	){
216288	if( iPos>=*piPrev ){
216289	static const i64 colmask = ((i64)(0x7FFFFFFF)) << 32;
216290	if( (iPos & colmask) != (*piPrev & colmask) ){
216291	pBuf->p[pBuf->n++] = 1;
216292	pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos>>32));
216293	*piPrev = (iPos & colmask);
216294	}
216295	pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], (iPos-*piPrev)+2);
216296	*piPrev = iPos;
216297	}
216298	}
216299
216300	static int sqlite3Fts5PoslistWriterAppend(
216301	Fts5Buffer *pBuf,
216302	Fts5PoslistWriter *pWriter,
	@@ -224157,11 +224224,11 @@
224224	pIter->base.nData = p-aCopy;
224225	return;
224226	}
224227	fts5BufferSafeAppendBlob(&pIter->poslist, aCopy, p-aCopy);
224228	}
224229	if( p>=pEnd ){
224230	pIter->base.pData = pIter->poslist.p;
224231	pIter->base.nData = pIter->poslist.n;
224232	return;
224233	}
224234	aCopy = p++;
	@@ -225953,11 +226020,11 @@
226020	Fts5Buffer p1, / First list to merge */
226021	int nBuf, /* Number of buffers in array aBuf[] */
226022	Fts5Buffer aBuf / Other lists to merge in */
226023	){
226024	#define fts5PrefixMergerNextPosition(p) \
226025	sqlite3Fts5PoslistNext64((p)->aPos,(p)->iter.nPoslist,&(p)->iOff,&(p)->iPos)
226026	#define FTS5_MERGE_NLIST 16
226027	PrefixMerger aMerger[FTS5_MERGE_NLIST];
226028	PrefixMerger *pHead = 0;
226029	int i;
226030	int nOut = 0;
	@@ -230501,11 +230568,11 @@
230568	int nArg, /* Number of args */
230569	sqlite3_value *apUnused / Function arguments */
230570	){
230571	assert( nArg==0 );
230572	UNUSED_PARAM2(nArg, apUnused);
230573	sqlite3_result_text(pCtx, "fts5: 2021-06-14 20:41:20 e5a5acd6006133c5da4a7dd79726dbaa41c0d60ebeda890f848a6aafe5f9ef70", -1, SQLITE_TRANSIENT);
230574	}
230575
230576	/*
230577	** Return true if zName is the extension on one of the shadow tables used
230578	** by this module.
	@@ -235427,12 +235494,12 @@
235494	}
235495	#endif /* SQLITE_CORE */
235496	#endif /* !defined(SQLITE_CORE) \|\| defined(SQLITE_ENABLE_STMTVTAB) */
235497
235498	/************ End of stmt.c **********************************************/
235499	#if __LINE__!=235499
235500	#undef SQLITE_SOURCE_ID
235501	#define SQLITE_SOURCE_ID "2021-06-14 20:41:20 e5a5acd6006133c5da4a7dd79726dbaa41c0d60ebeda890f848a6aafe5f9alt2"
235502	#endif
235503	/* Return the source-id for this library */
235504	SQLITE_API const char *sqlite3_sourceid(void){ return SQLITE_SOURCE_ID; }
235505	/************************ End of sqlite3.c ****************************/
235506

M src/sqlite3.h

+1 -1

		--- src/sqlite3.h
		+++ src/sqlite3.h
		@@ -123,11 +123,11 @@
123	123	** [sqlite3_libversion_number()], [sqlite3_sourceid()],
124	124	** [sqlite_version()] and [sqlite_source_id()].
125	125	*/
126	126	#define SQLITE_VERSION "3.36.0"
127	127	#define SQLITE_VERSION_NUMBER 3036000
128		-#define SQLITE_SOURCE_ID "2021-06-07 00:41:18 2aa9368b63b42ac7c700516f109edcc6098c12b850eae591afed4e51a3f41819"
	128	+#define SQLITE_SOURCE_ID "2021-06-14 20:41:20 e5a5acd6006133c5da4a7dd79726dbaa41c0d60ebeda890f848a6aafe5f9ef70"
129	129
130	130	/*
131	131	** CAPI3REF: Run-Time Library Version Numbers
132	132	** KEYWORDS: sqlite3_version sqlite3_sourceid
133	133	**
134	134

	--- src/sqlite3.h
	+++ src/sqlite3.h
	@@ -123,11 +123,11 @@
123	** [sqlite3_libversion_number()], [sqlite3_sourceid()],
124	** [sqlite_version()] and [sqlite_source_id()].
125	*/
126	#define SQLITE_VERSION "3.36.0"
127	#define SQLITE_VERSION_NUMBER 3036000
128	#define SQLITE_SOURCE_ID "2021-06-07 00:41:18 2aa9368b63b42ac7c700516f109edcc6098c12b850eae591afed4e51a3f41819"
129
130	/*
131	** CAPI3REF: Run-Time Library Version Numbers
132	** KEYWORDS: sqlite3_version sqlite3_sourceid
133	**
134

	--- src/sqlite3.h
	+++ src/sqlite3.h
	@@ -123,11 +123,11 @@
123	** [sqlite3_libversion_number()], [sqlite3_sourceid()],
124	** [sqlite_version()] and [sqlite_source_id()].
125	*/
126	#define SQLITE_VERSION "3.36.0"
127	#define SQLITE_VERSION_NUMBER 3036000
128	#define SQLITE_SOURCE_ID "2021-06-14 20:41:20 e5a5acd6006133c5da4a7dd79726dbaa41c0d60ebeda890f848a6aafe5f9ef70"
129
130	/*
131	** CAPI3REF: Run-Time Library Version Numbers
132	** KEYWORDS: sqlite3_version sqlite3_sourceid
133	**
134

M src/tkt.c

+23 -2

		--- src/tkt.c
		+++ src/tkt.c
		@@ -378,10 +378,12 @@
378	378	** schema for the ticketing system. Only allow
379	379	**
380	380	** CREATE TABLE
381	381	** CREATE INDEX
382	382	** CREATE VIEW
	383	+** DROP INDEX
	384	+** DROP VIEW
383	385	**
384	386	** And for objects in "main" or "repository" whose names
385	387	** begin with "ticket" or "fx_". Also allow
386	388	**
387	389	** INSERT
		@@ -393,10 +395,13 @@
393	395	**
394	396	** Of particular importance for security is that this routine
395	397	** disallows data changes on the "config" table, as that could
396	398	** allow a malicious server to modify settings in such a way as
397	399	** to cause a remote code execution.
	400	+**
	401	+** Use the "fossil test-db-prepare --auth-ticket SQL" command to perform
	402	+** manual testing of this authorizer.
398	403	*/
399	404	static int ticket_schema_auth(
400	405	void *pNErr,
401	406	int eCode,
402	407	const char *z0,
		@@ -403,10 +408,11 @@
403	408	const char *z1,
404	409	const char *z2,
405	410	const char *z3
406	411	){
407	412	switch( eCode ){
	413	+ case SQLITE_DROP_VIEW:
408	414	case SQLITE_CREATE_VIEW:
409	415	case SQLITE_CREATE_TABLE: {
410	416	if( sqlite3_stricmp(z2,"main")!=0
411	417	&& sqlite3_stricmp(z2,"repository")!=0
412	418	){
		@@ -417,10 +423,11 @@
417	423	){
418	424	goto ticket_schema_error;
419	425	}
420	426	break;
421	427	}
	428	+ case SQLITE_DROP_INDEX:
422	429	case SQLITE_CREATE_INDEX: {
423	430	if( sqlite3_stricmp(z2,"main")!=0
424	431	&& sqlite3_stricmp(z2,"repository")!=0
425	432	){
426	433	goto ticket_schema_error;
		@@ -463,10 +470,24 @@
463	470	ticket_schema_error:
464	471	if( pNErr ) (int)pNErr = 1;
465	472	return SQLITE_DENY;
466	473	}
467	474
	475	+/*
	476	+** Activate the ticket schema authorizer. Must be followed by
	477	+** an eventual call to ticket_unrestrict_sql().
	478	+*/
	479	+void ticket_restrict_sql(int * pNErr){
	480	+ db_set_authorizer(ticket_schema_auth,(void*)pNErr,"Ticket-Schema");
	481	+}
	482	+/*
	483	+** Deactivate the ticket schema authorizer.
	484	+*/
	485	+void ticket_unrestrict_sql(void){
	486	+ db_clear_authorizer();
	487	+}
	488	+
468	489
469	490	/*
470	491	** Recreate the TICKET and TICKETCHNG tables.
471	492	*/
472	493	void ticket_create_table(int separateConnection){
		@@ -475,18 +496,18 @@
475	496	db_multi_exec(
476	497	"DROP TABLE IF EXISTS ticket;"
477	498	"DROP TABLE IF EXISTS ticketchng;"
478	499	);
479	500	zSql = ticket_table_schema();
480		- db_set_authorizer(ticket_schema_auth,0,"Ticket-Schema");
	501	+ ticket_restrict_sql(0);
481	502	if( separateConnection ){
482	503	if( db_transaction_nesting_depth() ) db_end_transaction(0);
483	504	db_init_database(g.zRepositoryName, zSql, 0);
484	505	}else{
485	506	db_multi_exec("%s", zSql/safe-for-%s/);
486	507	}
487		- db_clear_authorizer();
	508	+ ticket_unrestrict_sql();
488	509	fossil_free(zSql);
489	510	}
490	511
491	512	/*
492	513	** Repopulate the TICKET and TICKETCHNG tables from scratch using all
493	514

	--- src/tkt.c
	+++ src/tkt.c
	@@ -378,10 +378,12 @@
378	** schema for the ticketing system. Only allow
379	**
380	** CREATE TABLE
381	** CREATE INDEX
382	** CREATE VIEW


383	**
384	** And for objects in "main" or "repository" whose names
385	** begin with "ticket" or "fx_". Also allow
386	**
387	** INSERT
	@@ -393,10 +395,13 @@
393	**
394	** Of particular importance for security is that this routine
395	** disallows data changes on the "config" table, as that could
396	** allow a malicious server to modify settings in such a way as
397	** to cause a remote code execution.



398	*/
399	static int ticket_schema_auth(
400	void *pNErr,
401	int eCode,
402	const char *z0,
	@@ -403,10 +408,11 @@
403	const char *z1,
404	const char *z2,
405	const char *z3
406	){
407	switch( eCode ){

408	case SQLITE_CREATE_VIEW:
409	case SQLITE_CREATE_TABLE: {
410	if( sqlite3_stricmp(z2,"main")!=0
411	&& sqlite3_stricmp(z2,"repository")!=0
412	){
	@@ -417,10 +423,11 @@
417	){
418	goto ticket_schema_error;
419	}
420	break;
421	}

422	case SQLITE_CREATE_INDEX: {
423	if( sqlite3_stricmp(z2,"main")!=0
424	&& sqlite3_stricmp(z2,"repository")!=0
425	){
426	goto ticket_schema_error;
	@@ -463,10 +470,24 @@
463	ticket_schema_error:
464	if( pNErr ) (int)pNErr = 1;
465	return SQLITE_DENY;
466	}
467














468
469	/*
470	** Recreate the TICKET and TICKETCHNG tables.
471	*/
472	void ticket_create_table(int separateConnection){
	@@ -475,18 +496,18 @@
475	db_multi_exec(
476	"DROP TABLE IF EXISTS ticket;"
477	"DROP TABLE IF EXISTS ticketchng;"
478	);
479	zSql = ticket_table_schema();
480	db_set_authorizer(ticket_schema_auth,0,"Ticket-Schema");
481	if( separateConnection ){
482	if( db_transaction_nesting_depth() ) db_end_transaction(0);
483	db_init_database(g.zRepositoryName, zSql, 0);
484	}else{
485	db_multi_exec("%s", zSql/safe-for-%s/);
486	}
487	db_clear_authorizer();
488	fossil_free(zSql);
489	}
490
491	/*
492	** Repopulate the TICKET and TICKETCHNG tables from scratch using all
493

	--- src/tkt.c
	+++ src/tkt.c
	@@ -378,10 +378,12 @@
378	** schema for the ticketing system. Only allow
379	**
380	** CREATE TABLE
381	** CREATE INDEX
382	** CREATE VIEW
383	** DROP INDEX
384	** DROP VIEW
385	**
386	** And for objects in "main" or "repository" whose names
387	** begin with "ticket" or "fx_". Also allow
388	**
389	** INSERT
	@@ -393,10 +395,13 @@
395	**
396	** Of particular importance for security is that this routine
397	** disallows data changes on the "config" table, as that could
398	** allow a malicious server to modify settings in such a way as
399	** to cause a remote code execution.
400	**
401	** Use the "fossil test-db-prepare --auth-ticket SQL" command to perform
402	** manual testing of this authorizer.
403	*/
404	static int ticket_schema_auth(
405	void *pNErr,
406	int eCode,
407	const char *z0,
	@@ -403,10 +408,11 @@
408	const char *z1,
409	const char *z2,
410	const char *z3
411	){
412	switch( eCode ){
413	case SQLITE_DROP_VIEW:
414	case SQLITE_CREATE_VIEW:
415	case SQLITE_CREATE_TABLE: {
416	if( sqlite3_stricmp(z2,"main")!=0
417	&& sqlite3_stricmp(z2,"repository")!=0
418	){
	@@ -417,10 +423,11 @@
423	){
424	goto ticket_schema_error;
425	}
426	break;
427	}
428	case SQLITE_DROP_INDEX:
429	case SQLITE_CREATE_INDEX: {
430	if( sqlite3_stricmp(z2,"main")!=0
431	&& sqlite3_stricmp(z2,"repository")!=0
432	){
433	goto ticket_schema_error;
	@@ -463,10 +470,24 @@
470	ticket_schema_error:
471	if( pNErr ) (int)pNErr = 1;
472	return SQLITE_DENY;
473	}
474
475	/*
476	** Activate the ticket schema authorizer. Must be followed by
477	** an eventual call to ticket_unrestrict_sql().
478	*/
479	void ticket_restrict_sql(int * pNErr){
480	db_set_authorizer(ticket_schema_auth,(void*)pNErr,"Ticket-Schema");
481	}
482	/*
483	** Deactivate the ticket schema authorizer.
484	*/
485	void ticket_unrestrict_sql(void){
486	db_clear_authorizer();
487	}
488
489
490	/*
491	** Recreate the TICKET and TICKETCHNG tables.
492	*/
493	void ticket_create_table(int separateConnection){
	@@ -475,18 +496,18 @@
496	db_multi_exec(
497	"DROP TABLE IF EXISTS ticket;"
498	"DROP TABLE IF EXISTS ticketchng;"
499	);
500	zSql = ticket_table_schema();
501	ticket_restrict_sql(0);
502	if( separateConnection ){
503	if( db_transaction_nesting_depth() ) db_end_transaction(0);
504	db_init_database(g.zRepositoryName, zSql, 0);
505	}else{
506	db_multi_exec("%s", zSql/safe-for-%s/);
507	}
508	ticket_unrestrict_sql();
509	fossil_free(zSql);
510	}
511
512	/*
513	** Repopulate the TICKET and TICKETCHNG tables from scratch using all
514

M www/changes.wiki

+15 -4

		--- www/changes.wiki
		+++ www/changes.wiki
		@@ -1,9 +1,12 @@
1	1	<title>Change Log</title>
2	2
3	3	<a name='v2_16'></a>
4	4	<h2>Changes for Version 2.16 (pending)</h2>
	5	+ * <b>Security:</b> Fix the client-side TLS so that it verifies that the
	6	+ server hostname matches its certificate. <b>Upgrading to
	7	+ the patch is recommended.</b>
5	8	* The [/brlist\|/brlist web page] allows the user to
6	9	select multiple branches to be displayed together in a single
7	10	timeline.
8	11	* The [./forum.wiki\|Forum] provides a hyperlink on the author of each
9	12	post that goes to a timeline of recent posts by that same author.
		@@ -24,13 +27,17 @@
24	27	a specific number of days (ex: 365) after the last user contact with
25	28	the Fossil server
26	29	This can prevents alert emails being sent to
27	30	abandoned email accounts forever.
28	31
29	32	<a name='v2_15'></a>
30		-<h2>Changes for Version 2.15 (2021-03-26) and Patch 2.15.1 on (2021-04-07)</h2>
	33	+<h2>Changes for Version 2.15 (2021-03-26) and Patch 2.15.1 on (2021-04-07)
	34	+ and 2.15.2 on (2021-06-15)</h2>
	35	+ * <b>Patch 2.15.2:</b> Fix the client-side TLS so that it verifies that the
	36	+ server hostname matches its certificate. <b>Upgrading to
	37	+ the patch is recommended.</b>
31	38	* <b>Patch 2.15.1:</b> Fix a data exfiltration bug in the server. <b>Upgrading to
32		- the patch is recommended.</b><p>
	39	+ the patch is recommended.</b>
33	40	* The [./defcsp.md\|default CSP] has been relaxed slightly to allow
34	41	images to be loaded from any URL. All other resources are still
35	42	locked down by default.
36	43	* The built-in skins all use the "[/help?cmd=mainmenu\|mainmenu]"
37	44	setting to determine the content of the main menu.
		@@ -105,13 +112,17 @@
105	112	versions of a wiki (by the means of anchoring a "baseline" version)
106	113	and the ability to squeeze several sequential edits made by the same
107	114	user into a single "recycled" row (the latest edit in that sequence).
108	115
109	116	<a name='v2_14'></a>
110		-<h2>Changes for Version 2.14 (2021-01-20) and Patch 2.14.1 on (2021-04-07)</h2>
	117	+<h2>Changes for Version 2.14 (2021-01-20) and Patch 2.14.1 on (2021-04-07)
	118	+ and 2.14.2 on (2021-06-15)</h2>
	119	+ * <b>Patch 2.14.2:</b> Fix the client-side TLS so that it verifies that the
	120	+ server hostname matches its certificate. <b>Upgrading to
	121	+ the patch is recommended.</b><
111	122	* <b>Patch 2.14.1:</b> Fix a data exfiltration bug in the server.
112		- <b>Upgrading to the patch is recommended.</b><p>
	123	+ <b>Upgrading to the patch is recommended.</b>
113	124	* <b>Schema Update Notice #1:</b>
114	125	This release drops a trigger from the database schema (replacing
115	126	it with a TEMP trigger that is created as needed). This
116	127	change happens automatically the first time you
117	128	add content to a repository using Fossil 2.14 or later. No
118	129

	--- www/changes.wiki
	+++ www/changes.wiki
	@@ -1,9 +1,12 @@
1	<title>Change Log</title>
2
3	<a name='v2_16'></a>
4	<h2>Changes for Version 2.16 (pending)</h2>



5	* The [/brlist\|/brlist web page] allows the user to
6	select multiple branches to be displayed together in a single
7	timeline.
8	* The [./forum.wiki\|Forum] provides a hyperlink on the author of each
9	post that goes to a timeline of recent posts by that same author.
	@@ -24,13 +27,17 @@
24	a specific number of days (ex: 365) after the last user contact with
25	the Fossil server
26	This can prevents alert emails being sent to
27	abandoned email accounts forever.
28
29	<a name='v2_15'></a>
30	<h2>Changes for Version 2.15 (2021-03-26) and Patch 2.15.1 on (2021-04-07)</h2>




31	* <b>Patch 2.15.1:</b> Fix a data exfiltration bug in the server. <b>Upgrading to
32	the patch is recommended.</b><p>
33	* The [./defcsp.md\|default CSP] has been relaxed slightly to allow
34	images to be loaded from any URL. All other resources are still
35	locked down by default.
36	* The built-in skins all use the "[/help?cmd=mainmenu\|mainmenu]"
37	setting to determine the content of the main menu.
	@@ -105,13 +112,17 @@
105	versions of a wiki (by the means of anchoring a "baseline" version)
106	and the ability to squeeze several sequential edits made by the same
107	user into a single "recycled" row (the latest edit in that sequence).
108
109	<a name='v2_14'></a>
110	<h2>Changes for Version 2.14 (2021-01-20) and Patch 2.14.1 on (2021-04-07)</h2>




111	* <b>Patch 2.14.1:</b> Fix a data exfiltration bug in the server.
112	<b>Upgrading to the patch is recommended.</b><p>
113	* <b>Schema Update Notice #1:</b>
114	This release drops a trigger from the database schema (replacing
115	it with a TEMP trigger that is created as needed). This
116	change happens automatically the first time you
117	add content to a repository using Fossil 2.14 or later. No
118

	--- www/changes.wiki
	+++ www/changes.wiki
	@@ -1,9 +1,12 @@
1	<title>Change Log</title>
2
3	<a name='v2_16'></a>
4	<h2>Changes for Version 2.16 (pending)</h2>
5	* <b>Security:</b> Fix the client-side TLS so that it verifies that the
6	server hostname matches its certificate. <b>Upgrading to
7	the patch is recommended.</b>
8	* The [/brlist\|/brlist web page] allows the user to
9	select multiple branches to be displayed together in a single
10	timeline.
11	* The [./forum.wiki\|Forum] provides a hyperlink on the author of each
12	post that goes to a timeline of recent posts by that same author.
	@@ -24,13 +27,17 @@
27	a specific number of days (ex: 365) after the last user contact with
28	the Fossil server
29	This can prevents alert emails being sent to
30	abandoned email accounts forever.
31
32	<a name='v2_15'></a>
33	<h2>Changes for Version 2.15 (2021-03-26) and Patch 2.15.1 on (2021-04-07)
34	and 2.15.2 on (2021-06-15)</h2>
35	* <b>Patch 2.15.2:</b> Fix the client-side TLS so that it verifies that the
36	server hostname matches its certificate. <b>Upgrading to
37	the patch is recommended.</b>
38	* <b>Patch 2.15.1:</b> Fix a data exfiltration bug in the server. <b>Upgrading to
39	the patch is recommended.</b>
40	* The [./defcsp.md\|default CSP] has been relaxed slightly to allow
41	images to be loaded from any URL. All other resources are still
42	locked down by default.
43	* The built-in skins all use the "[/help?cmd=mainmenu\|mainmenu]"
44	setting to determine the content of the main menu.
	@@ -105,13 +112,17 @@
112	versions of a wiki (by the means of anchoring a "baseline" version)
113	and the ability to squeeze several sequential edits made by the same
114	user into a single "recycled" row (the latest edit in that sequence).
115
116	<a name='v2_14'></a>
117	<h2>Changes for Version 2.14 (2021-01-20) and Patch 2.14.1 on (2021-04-07)
118	and 2.14.2 on (2021-06-15)</h2>
119	* <b>Patch 2.14.2:</b> Fix the client-side TLS so that it verifies that the
120	server hostname matches its certificate. <b>Upgrading to
121	the patch is recommended.</b><
122	* <b>Patch 2.14.1:</b> Fix a data exfiltration bug in the server.
123	<b>Upgrading to the patch is recommended.</b>
124	* <b>Schema Update Notice #1:</b>
125	This release drops a trigger from the database schema (replacing
126	it with a TEMP trigger that is created as needed). This
127	change happens automatically the first time you
128	add content to a repository using Fossil 2.14 or later. No
129

Fossil SCM

Keyboard Shortcuts