Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Avoid doing comparisons with pointers that might have been previously been passed to realloc() and/or free(). |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
f20396adb2cff12a17a3fc90b36241ae |
User & Date: | drh 2015-12-08 16:08:10.872 |
Context
2015-12-08
| ||
16:58 | Changes to avoid undefined behavior in memset() and memcpy() and in the comparisons of pointers from different allocations. All problems are found by analysis tools - none have been seen in the wild. (check-in: 901d0b8f3b user: drh tags: trunk) | |
16:08 | Avoid doing comparisons with pointers that might have been previously been passed to realloc() and/or free(). (check-in: f20396adb2 user: drh tags: trunk) | |
04:18 | Add a test case of the form "WHERE a<2 OR a<3" using PRAGMA count_changes. This test case was failing before the 3.9.0 release. (check-in: 177862c1d5 user: drh tags: trunk) | |
Changes
Changes to src/printf.c.
︙ | |||
762 763 764 765 766 767 768 | 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 | - + + - + + + + | return 0; } if( p->mxAlloc==0 ){ N = p->nAlloc - p->nChar - 1; setStrAccumError(p, STRACCUM_TOOBIG); return N; }else{ |
︙ | |||
856 857 858 859 860 861 862 863 | 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 | + - + + + - + + | /* ** Finish off a string by making sure it is zero-terminated. ** Return a pointer to the resulting string. Return a NULL ** pointer if any kind of error was encountered. */ char *sqlite3StrAccumFinish(StrAccum *p){ if( p->zText ){ assert( (p->zText==p->zBase)==(p->bMalloced==0) ); p->zText[p->nChar] = 0; |
︙ | |||
900 901 902 903 904 905 906 907 908 909 910 911 912 913 | 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 | + | void sqlite3StrAccumInit(StrAccum *p, sqlite3 *db, char *zBase, int n, int mx){ p->zText = p->zBase = zBase; p->db = db; p->nChar = 0; p->nAlloc = n; p->mxAlloc = mx; p->accError = 0; p->bMalloced = 0; } /* ** Print into memory obtained from sqliteMalloc(). Use the internal ** %-conversion extensions. */ char *sqlite3VMPrintf(sqlite3 *db, const char *zFormat, va_list ap){ |
︙ |
Changes to src/sqliteInt.h.
︙ | |||
2948 2949 2950 2951 2952 2953 2954 2955 2956 2957 2958 2959 2960 2961 | 2948 2949 2950 2951 2952 2953 2954 2955 2956 2957 2958 2959 2960 2961 2962 | + | sqlite3 *db; /* Optional database for lookaside. Can be NULL */ char *zBase; /* A base allocation. Not from malloc. */ char *zText; /* The string collected so far */ int nChar; /* Length of the string so far */ int nAlloc; /* Amount of space allocated in zText */ int mxAlloc; /* Maximum allowed allocation. 0 for no malloc usage */ u8 accError; /* STRACCUM_NOMEM or STRACCUM_TOOBIG */ u8 bMalloced; /* zText points to allocated space */ }; #define STRACCUM_NOMEM 1 #define STRACCUM_TOOBIG 2 /* ** A pointer to this structure is used to communicate information ** from sqlite3Init and OP_ParseSchema into the sqlite3InitCallback. |
︙ |