SQLite

Check-in [66eff473c3]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Ensure that filenames passed to the VFS xOpen() function are terminated by 2 '\0' bytes.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | ota-update
Files: files | file ages | folders
SHA1: 66eff473c3634edb42f6ad6955acfba3e3a10def
User & Date: dan 2015-04-17 17:00:52.068
Context
2015-04-21
15:35
Add a comment to sqlite3ota.h. No code changes. (check-in: 352fa09efd user: dan tags: ota-update)
2015-04-17
17:00
Ensure that filenames passed to the VFS xOpen() function are terminated by 2 '\0' bytes. (check-in: 66eff473c3 user: dan tags: ota-update)
16:29
Fix a memory leak in sqlite3ota.c that can follow an OOM error. (check-in: c3dc15e717 user: dan tags: ota-update)
Changes
Unified Diff Ignore Whitespace Patch
Changes to ext/ota/sqlite3ota.c.
3303
3304
3305
3306
3307
3308
3309





3310
3311
3312
3313


3314


3315
3316
3317
3318
3319
3320
3321
      z += (n + 8 + 1);
      pFd->zWal = z;
    }
    else if( flags & SQLITE_OPEN_WAL ){
      ota_file *pDb = otaFindMaindb(pOtaVfs, zName);
      if( pDb ){
        if( pDb->pOta && pDb->pOta->eStage==OTA_STAGE_OAL ){





          char *zCopy = otaStrndup(zName, &rc);
          if( zCopy ){
            int nCopy = strlen(zCopy);
            zCopy[nCopy-3] = 'o';


            zOpen = (const char*)(pFd->zDel = zCopy);


          }
          pFd->pOta = pDb->pOta;
        }
        pDb->pWalFd = pFd;
      }
    }
  }







>
>
>
>
>
|

|

>
>

>
>







3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
      z += (n + 8 + 1);
      pFd->zWal = z;
    }
    else if( flags & SQLITE_OPEN_WAL ){
      ota_file *pDb = otaFindMaindb(pOtaVfs, zName);
      if( pDb ){
        if( pDb->pOta && pDb->pOta->eStage==OTA_STAGE_OAL ){
          /* This call is to open a *-wal file. Intead, open the *-oal. This
          ** code ensures that the string passed to xOpen() is terminated by a
          ** pair of '\0' bytes in case the VFS attempts to extract a URI 
          ** parameter from it.  */
          int nCopy = strlen(zName);
          char *zCopy = sqlite3_malloc(nCopy+2);
          if( zCopy ){
            memcpy(zCopy, zName, nCopy);
            zCopy[nCopy-3] = 'o';
            zCopy[nCopy] = '\0';
            zCopy[nCopy+1] = '\0';
            zOpen = (const char*)(pFd->zDel = zCopy);
          }else{
            rc = SQLITE_NOMEM;
          }
          pFd->pOta = pDb->pOta;
        }
        pDb->pWalFd = pFd;
      }
    }
  }