Skip to content

Commit 91b4eb1

Browse files
ndosschendossche
committed
sqlite: check null returns from sqlite value functions
sqlite3_column_text() can return nullptr on failure which was not handled. sqlite3_column_blob() can return nullptr for zero-length BLOBs, which is then passed to memcpy() which is UB. Avoid this by checking for a nullptr. Signed-off-by: ndossche <nora.dossche@ugent.be>
1 parent a159b57 commit 91b4eb1

1 file changed

Lines changed: 7 additions & 1 deletion

File tree

src/node_sqlite.cc

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -121,6 +121,10 @@ inline MaybeLocal<String> Utf8StringMaybeOneByte(Isolate* isolate,
121121
case SQLITE_TEXT: { \
122122
const char* v = \
123123
reinterpret_cast<const char*>(sqlite3_##from##_text(__VA_ARGS__)); \
124+
if (v == nullptr) [[unlikely]] { \
125+
THROW_ERR_MEMORY_ALLOCATION_FAILED((isolate)); \
126+
break; \
127+
} \
124128
const int v_len = sqlite3_##from##_bytes(__VA_ARGS__); \
125129
(result) = \
126130
Utf8StringMaybeOneByte((isolate), std::string_view(v, v_len)) \
@@ -138,7 +142,9 @@ inline MaybeLocal<String> Utf8StringMaybeOneByte(Isolate* isolate,
138142
sqlite3_##from##_blob(__VA_ARGS__)); \
139143
auto store = ArrayBuffer::NewBackingStore( \
140144
(isolate), size, BackingStoreInitializationMode::kUninitialized); \
141-
memcpy(store->Data(), data, size); \
145+
if (data != nullptr) [[likely]] { \
146+
memcpy(store->Data(), data, size); \
147+
} \
142148
auto ab = ArrayBuffer::New((isolate), std::move(store)); \
143149
(result) = Uint8Array::New(ab, 0, size); \
144150
break; \

0 commit comments

Comments
 (0)