From a7e819d6333f4a9268ab1878e1d58a286a4dc2c1 Mon Sep 17 00:00:00 2001
From: wbq_sky <wangbingquan@huawei.com>
Date: Thu, 18 Aug 2022 15:00:24 +0800
Subject: [PATCH] fix the cve-2022-35737

Signed-off-by: wbq_sky <wangbingquan@huawei.com>
Change-Id: Ia8696a7becd91e5f328ddae243bc2f6555ef9675
---
 src/sqlite3.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/sqlite3.c b/src/sqlite3.c
index fb854a8..3c5ecbd 100755
--- a/src/sqlite3.c
+++ b/src/sqlite3.c
@@ -151018,7 +151018,7 @@ static int whereKeyStats(
 #endif
   assert( pRec!=0 );
   assert( pIdx->nSample>0 );
-  assert( pRec->nField>0 && pRec->nField<=pIdx->nSampleCol );
+  assert( pRec->nField>0 );
 
   /* Do a binary search to find the first sample greater than or equal
   ** to pRec. If pRec contains a single field, the set of samples to search
@@ -151064,7 +151064,7 @@ static int whereKeyStats(
   ** it is extended to two fields. The duplicates that this creates do not
   ** cause any problems.
   */
-  nField = pRec->nField;
+  nField = MIN(pRec->nField, pIdx->nSample);
   iCol = 0;
   iSample = pIdx->nSample * nField;
   do{
-- 
Gitee