Fix AddressSanitizer buffer overflow in window function name arrays

Matt Topolrequested to merge
z3r0shade/sqlite:fix-asan-buffer-overflow into master

Summary

This MR fixes AddressSanitizer global-buffer-overflow errors by padding window function name arrays to multiples of 8 bytes.

Root Cause

The transpiled Go code contains global int8 arrays representing C strings with exact sizes:

var _row_numberName = [11]int8{'r', 'o', 'w', '_', 'n', 'u', 'm', 'b', 'e', 'r'}

When the code reads 8-byte values (uintptr) at certain offsets within these arrays, it reads past the array bounds. For example, reading at offset 8 from an 11-byte array accesses bytes 8-15, causing a 3-byte overflow.

Impact

  • All versions affected: v1.0.0 through v1.44.0
  • Detection: Only with -asan flag (silent corruption otherwise)
  • Scope: 11 arrays across 9 platform files
  • Blocks: ASan adoption in downstream projects (e.g., apache/arrow-go)

Solution

Pad all affected arrays to multiples of 8 bytes:

// Before (11 bytes)
var _row_numberName = [11]int8{'r', 'o', 'w', '_', 'n', 'u', 'm', 'b', 'e', 'r'}

// After (16 bytes - padded)
var _row_numberName = [16]int8{'r', 'o', 'w', '_', 'n', 'u', 'm', 'b', 'e', 'r', 0, 0, 0, 0, 0, 0}

Verification

Tested with:

go build -asan test.go && ./test  # Passes without errors

Before fix: ASan errors on every test run
After fix: Clean execution with -asan flag

Changed Arrays

All window function names padded:

  • _row_numberName: [11] → [16] bytes
  • _dense_rankName: [11] → [16] bytes
  • _rankName: [5] → [8] bytes
  • _percent_rankName: [13] → [16] bytes
  • _cume_distName: [10] → [16] bytes
  • _ntileName: [6] → [8] bytes
  • _last_valueName: [11] → [16] bytes
  • _nth_valueName: [10] → [16] bytes
  • _first_valueName: [12] → [16] bytes
  • _leadName: [5] → [8] bytes
  • _lagName: [4] → [8] bytes

Affected Platforms

  • darwin (amd64, arm64)
  • freebsd (amd64)
  • linux (386, amd64, loong64)
  • openbsd (amd64)
  • windows (386, amd64)

Long-term Fix

Ideally, this should be fixed in the code generator (ccgo or equivalent transpiler) to automatically pad all char arrays to 8-byte boundaries. This MR provides an immediate fix for the generated code.

Related

Merge request reports