Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Slight adjustment to the printf formatter large memory allocation detector so that it does not overestimate the amount of space needed for oversize %d conversions. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
1aee70d6de8a9b17ebb74a7cb1dad651 |
User & Date: | drh 2019-02-01 21:08:27.686 |
Context
2019-02-02
| ||
01:27 | Fix harmless compiler warning. (check-in: dddda685f3 user: mistachkin tags: trunk) | |
2019-02-01
| ||
21:08 | Slight adjustment to the printf formatter large memory allocation detector so that it does not overestimate the amount of space needed for oversize %d conversions. (check-in: 1aee70d6de user: drh tags: trunk) | |
20:29 | Prevent the printf formatter from doing large memory allocations - larger than either the size of the static buffer for interfaces like sqlite3_snprintf(), or larger than SQLITE_LIMIT_LENGTH for interfaces that are associated with a database connection. This helps to prevent DOS attacks on products that let hostile sources inject arbitrary SQL. It also helps fuzzers run faster and more effectively. (check-in: 179e5d4605 user: drh tags: trunk) | |
Changes
Changes to src/printf.c.
︙ | ︙ | |||
438 439 440 441 442 443 444 | if( flag_zeropad && precision<width-(prefix!=0) ){ precision = width-(prefix!=0); } if( precision<etBUFSIZE-10-etBUFSIZE/3 ){ nOut = etBUFSIZE; zOut = buf; }else{ | > | > | 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 | if( flag_zeropad && precision<width-(prefix!=0) ){ precision = width-(prefix!=0); } if( precision<etBUFSIZE-10-etBUFSIZE/3 ){ nOut = etBUFSIZE; zOut = buf; }else{ u64 n; n = (u64)precision + 10; if( cThousand ) n += precision/3; zOut = zExtra = printfTempBuf(pAccum, n); if( zOut==0 ) return; nOut = (int)n; } bufpt = &zOut[nOut-1]; if( xtype==etORDINAL ){ static const char zOrd[] = "thstndrd"; |
︙ | ︙ |