mirror of
https://github.com/asg017/sqlite-vec.git
synced 2026-04-25 08:46:49 +02:00
0dd0765cc6
Targeted fuzzer for two-argument vector functions (vec_distance_*, vec_add, vec_sub) that binds a valid JSON vector as arg1 and fuzz data as arg2. This exercises the error path in ensure_vector_match() where the first vector parses successfully (with sqlite3_free cleanup) but the second fails, triggering the buggy aCleanup(a) call on line 1031 of sqlite-vec.c (should be aCleanup(*a)). The fuzzer catches this immediately — ASAN reports "bad-free" when sqlite3_free is called on a stack address. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| json_1d_blob_5byte | ||
| json_2d_blob_3byte | ||
| json_valid_blob_invalid | ||
| json_valid_empty | ||