From becd68ba0dac41904aa817d96a67fb4685734b41 Mon Sep 17 00:00:00 2001
From: dan <dan@noemail.net>
Date: Sat, 16 May 2020 17:26:58 +0000
Subject: [PATCH] Fix a use-after-free bug in the fts3 snippet() function.

FossilOrigin-Name: 0d69f76f0865f9626078bee087a22fb826407279e78cf9d5382e1c985c9f64a9

Upstream-Status: Backport
CVE: CVE-2020-13630

Reference to upstream patch:
https://github.com/sqlite/sqlite/commit/becd68ba0dac41904aa817d96a67fb4685734b41

Patch converted to amalgamation format

Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 sqlite3.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sqlite3.c b/sqlite3.c
index 02892f8..e72fabb 100644
--- a/sqlite3.c
+++ b/sqlite3.c
@@ -170257,6 +170257,7 @@ static void fts3EvalNextRow(
                 fts3EvalNextRow(pCsr, pLeft, pRc);
               }
             }
+            pRight->bEof = pLeft->bEof = 1;
           }
         }
         break;