qt-everywhere-src-5.15.1/qtwebengine/src/3rdparty/chromium/third_party/sqlite/patches/0021-Avoid-invalid-pointer-dereference-in-ORDER-BY.patch

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Darwin Huang <huangdarwin@chromium.org>
Date: Tue, 7 Jan 2020 13:42:03 -0800
Subject: [PATCH 21/25] Avoid invalid pointer dereference in ORDER BY

Backports https://sqlite.org/src/info/1ca0bd982ab1183bbafce0d260e4dceda5eb766ed2e7793374a88d1ae0bdd2ca

Bug: 1038863
---
 third_party/sqlite/patched/src/window.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/third_party/sqlite/patched/src/window.c b/third_party/sqlite/patched/src/window.c
index c251cd01974d..2d79ffe63d6d 100644
--- a/third_party/sqlite/patched/src/window.c
+++ b/third_party/sqlite/patched/src/window.c
@@ -883,9 +883,11 @@ static ExprList *exprListAppendList(
     int nInit = pList ? pList->nExpr : 0;
     for(i=0; i<pAppend->nExpr; i++){
       Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0);
+      assert( pDup==0 || !ExprHasProperty(pDup, EP_MemToken) );
       if( bIntToNull && pDup && pDup->op==TK_INTEGER ){
         pDup->op = TK_NULL;
         pDup->flags &= ~(EP_IntValue|EP_IsTrue|EP_IsFalse);
+        pDup->u.zToken = 0;
       }
       pList = sqlite3ExprListAppend(pParse, pList, pDup);
       if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags;
-- 
2.25.0.rc1.283.g88dfdc4193-goog