SQLite

struct sgMprintf {
  char *zBase;     /* A base allocation */
  char *zText;     /* The string collected so far */
  int  nChar;      /* Length of the string so far */
  int  nTotal;     /* Output size if unconstrained */
  int  nAlloc;     /* Amount of space allocated in zText */
  void *(*xRealloc)(void*,int);  /* Function used to realloc memory */
  int  iMallocFailed;            /* True if xRealloc() has failed */
};

/* 
** This function implements the callback from vxprintf. 
**
** This routine add nNewChar characters of text in zNewText to
** the sgMprintf structure pointed to by "arg".
*/
static void mout(void *arg, const char *zNewText, int nNewChar){
  struct sgMprintf *pM = (struct sgMprintf*)arg;
  if( pM->iMallocFailed ) return;
  pM->nTotal += nNewChar;
  if( pM->zText ){
    if( pM->nChar + nNewChar + 1 > pM->nAlloc ){
      if( pM->xRealloc==0 ){
        nNewChar =  pM->nAlloc - pM->nChar - 1;
      }else{
        int nAlloc = pM->nChar + nNewChar*2 + 1;
        if( pM->zText==pM->zBase ){
          pM->zText = pM->xRealloc(0, nAlloc);
          if( pM->zText==0 ){
            pM->nAlloc = 0;
            pM->iMallocFailed = 0;
            return;
          }else if( pM->nChar ){
            memcpy(pM->zText, pM->zBase, pM->nChar);
          }
        }else{
          char *zNew;
          zNew = pM->xRealloc(pM->zText, nAlloc);
          if( zNew ){
            pM->zText = zNew;
          }else{
            pM->iMallocFailed = 0;
            pM->xRealloc(pM->zText, 0);
            pM->zText = 0;
            pM->nAlloc = 0;
            return;
          }
        }
        pM->nAlloc = nAlloc;
      }
    }
    if( nNewChar>0 ){

  va_list ap                      /* arguments */
){
  struct sgMprintf sM;
  sM.zBase = sM.zText = zInitBuf;
  sM.nChar = sM.nTotal = 0;
  sM.nAlloc = nInitBuf;
  sM.xRealloc = xRealloc;
  sM.iMallocFailed = 0;
  vxprintf(mout, &sM, useInternal, zFormat, ap);
  if( xRealloc ){
    if( sM.zText==sM.zBase ){
      sM.zText = xRealloc(0, sM.nChar+1);
      if( sM.zText ){
        memcpy(sM.zText, sM.zBase, sM.nChar+1);
      }

**    May you find forgiveness for yourself and forgive others.
**    May you share freely, never taking more than you give.
**
*************************************************************************
** This file contains C code routines that are called by the parser
** to handle SELECT statements in SQLite.
**
** $Id: select.c,v 1.358 2007/08/30 11:48:32 danielk1977 Exp $
*/
#include "sqliteInt.h"


/*
** Delete all the content of a Select structure but do not deallocate
** the select structure itself.

    }else if( p->span.z && p->span.z[0] ){
      /* Use the original text of the column expression as its name */
      zName = sqlite3MPrintf(db, "%T", &p->span);
    }else{
      /* If all else fails, make up a name */
      zName = sqlite3MPrintf(db, "column%d", i+1);
    }
    if( !zName || db->mallocFailed ){
      db->mallocFailed = 1;
      sqlite3_free(zName);
      sqlite3DeleteTable(pTab);
      return 0;
    }
    sqlite3Dequote(zName);

    /* Make sure the column name is unique.  If the name is not unique,
    ** append a integer to the name so that it becomes unique.
    */
    nName = strlen(zName);
    for(j=cnt=0; j<i; j++){
      if( sqlite3StrICmp(aCol[j].zName, zName)==0 ){

**
** Various scripts scan this source file in order to generate HTML
** documentation, headers files, or other derived files.  The formatting
** of the code in this file is, therefore, important.  See other comments
** in this file for details.  If in doubt, do not deviate from existing
** commenting and indentation practices when changing or adding code.
**
** $Id: vdbe.c,v 1.649 2007/08/30 11:48:32 danielk1977 Exp $
*/
#include "sqliteInt.h"
#include <ctype.h>
#include <math.h>
#include "vdbeInt.h"

/*

  int i = pOp->p1;
  int alreadyExists = 0;
  Cursor *pC;
  assert( pTos>=p->aStack );
  assert( i>=0 && i<p->nCursor );
  assert( p->apCsr[i]!=0 );
  if( (pC = p->apCsr[i])->pCursor!=0 ){
    int res;
    assert( pC->isTable==0 );
    assert( pTos->flags & MEM_Blob );
    Stringify(pTos, encoding);
    rc = sqlite3BtreeMoveto(pC->pCursor, pTos->z, pTos->n, 0, &res);
    if( rc!=SQLITE_OK ){
      break;
    }
    alreadyExists = (res==0);
    pC->deferredMoveto = 0;
    pC->cacheStatus = CACHE_STALE;
  }
  if( pOp->opcode==OP_Found ){
    if( alreadyExists ) pc = pOp->p2 - 1;
  }else{
    if( !alreadyExists ) pc = pOp->p2 - 1;

#    May you find forgiveness for yourself and forgive others.
#    May you share freely, never taking more than you give.
#
#***********************************************************************
#
# This file tests malloc failures in concert with fuzzy SQL generation.
#
# $Id: fuzz_malloc.test,v 1.8 2007/08/30 11:48:32 danielk1977 Exp $

set testdir [file dirname $argv0]
source $testdir/tester.tcl

source $testdir/malloc_common.tcl
source $testdir/fuzz_common.tcl

#     -repeats
#     
proc do_fuzzy_malloc_test {testname args} {
  set ::fuzzyopts(-repeats) $::REPEATS
  set ::fuzzyopts(-sqlprep) {}
  array set ::fuzzyopts $args

  sqlite3_memdebug_fail -1
  db close
  file delete test.db test.db-journal
  sqlite3 db test.db
  set ::prep $::fuzzyopts(-sqlprep)
  execsql $::prep
  set jj 0
  for {set ii 0} {$ii < $::fuzzyopts(-repeats)} {incr ii} {

set ::TableList  [list abc def ghi]
set ::ColumnList [list a b c]

do_fuzzy_malloc_test fuzzy_malloc-3 \
  -template {[Select]}              \
  -sqlprep $::SQLPREP


finish_test

# 2007 May 1
#
# The author disclaims copyright to this source code.  In place of
# a legal notice, here is a blessing:
#
#    May you do good and not evil.
#    May you find forgiveness for yourself and forgive others.
#    May you share freely, never taking more than you give.
#
#***********************************************************************
#
# $Id: incrblob_err.test,v 1.7 2007/08/30 11:48:32 danielk1977 Exp $
#

set testdir [file dirname $argv0]
source $testdir/tester.tcl

ifcapable {!incrblob  || !memdebug} {
  finish_test
  return
}









source $testdir/malloc_common.tcl

set ::fd [open [info script]]
set ::data [read $::fd]
close $::fd

do_malloc_test 1 -tclprep {

    error "Bad data read..."
  }
  set rc [catch {close $::blob}]
  if {$rc} { 
    error "out of memory" 
  }
} 


do_ioerr_test incrblob_err-4 -cksum 1 -sqlprep {
  CREATE TABLE blobs(k, v BLOB);
  INSERT INTO blobs VALUES(1, $::data);
} -tclbody {
  set ::blob [db incrblob blobs v 1]
  read $::blob

#    May you share freely, never taking more than you give.
#
#***********************************************************************
#
# This file contains tests to ensure that the library handles malloc() failures
# correctly. The emphasis in this file is on sqlite3_column_XXX() APIs.
#
# $Id: malloc4.test,v 1.7 2007/08/30 11:48:32 danielk1977 Exp $

#---------------------------------------------------------------------------
# NOTES ON EXPECTED BEHAVIOUR
#
# [193] When a memory allocation failure occurs during sqlite3_column_name(),
#       sqlite3_column_name16(), sqlite3_column_decltype(), or
#       sqlite3_column_decltype16() the function shall return NULL.

      set mf1 [expr [sqlite3_memdebug_pending] < 0]
      set ::name8  [sqlite3_column_name $::STMT 0]
      set mf2 [expr [sqlite3_memdebug_pending] < 0]
      expr {$mf1 == $mf2 || $::name8 == ""}
    } {1}
    do_test ${testid}.2.2 {
      set mf1 [expr [sqlite3_memdebug_pending] < 0]

      set ::name16 [sqlite3_column_name16 $::STMT 0]
      set ::name16 [encoding convertfrom unicode $::name16]
      set ::name16 [string range $::name16 0 end-1]
      set mf2 [expr [sqlite3_memdebug_pending] < 0]

      expr {$mf1 == $mf2 || $::name16 == ""}
    } {1}
    do_test ${testid}.2.3 {
      set mf1 [expr [sqlite3_memdebug_pending] < 0]
      set ::name8_2 [sqlite3_column_name $::STMT 0]
      set mf2 [expr [sqlite3_memdebug_pending] < 0]
      expr {$mf1 == $mf2 || $::name8_2 == ""}

  
      if {[info exists ::mallocopts(-cleanup)]} {
        catch [list uplevel #0 $::mallocopts(-cleanup)] msg
      }
    }
  }
  unset ::mallocopts
  sqlite3_memdebug_fail -1
}