From fc24a3a984c373d94612dcb3ec1e75b4f8a3ab6c Mon Sep 17 00:00:00 2001
From: luoshijie1 <luoshijie1@huawei.com>
Date: Tue, 14 Apr 2020 16:21:35 +0000
Subject: [PATCH] sqlite: fix CVE-2020-11655

In the event of a semantic error in an aggregate query, early-out
the resetAccumulator() function to prevent problems due to incomplete
or incorrect initialization of the AggInfo object.
Fix for ticket [af4556bb5c285c08].
https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11

Signed-off-by: drh <drh@noemail.net>
Signed-off-by: luoshiji1 <luoshijie1@huawei.com>
---
 src/select.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/select.c b/src/select.c
index 3bb98ad..270075a 100644
--- a/src/select.c
+++ b/src/select.c
@@ -5058,6 +5058,7 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
   struct AggInfo_func *pFunc;
   int nReg = pAggInfo->nFunc + pAggInfo->nColumn;
   if( nReg==0 ) return;
+  if( pParse->nErr ) return;
 #ifdef SQLITE_DEBUG
   /* Verify that all AggInfo registers are within the range specified by
   ** AggInfo.mnReg..AggInfo.mxReg */
--
1.8.3.1