Re: [FD] several issues in SQLite (+ catching up on several other bugs)

Hi, Nice work. I took the latest release and ran the fuzzer again (without all the dictionary and special testcase stuff, may re-do that later). Uncovered two more issues, one in the statement parser causing an off-by-one read with the 2 byte input ".\": http://ift.tt/1FYOJEq And one in the parser of the database binary format itself: http://ift.tt/1IPRLym (not sure if there is any plausible attack scenario) Both "only" invalid memory reads, so likely nothing to worry. Just a motivation for others to fuzz again, there may be more to find. Thanks also to Richard for fixing both issues very quickly. cu,



Source: Gmail -> IFTTT-> Blogger