Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | In memsys5, initialize new allocations to non-zero bytes. Change the content of freed allocations to prevent use after free. These changes in SQLITE_DEBUG only. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
ba5f0a5599dece6d8f3dfe652800c288 |
User & Date: | drh 2014-02-24 19:07:51.519 |
Context
2014-02-24
| ||
19:49 | Close some stray connections in walro.test. (check-in: d6746cabaa user: dan tags: trunk) | |
19:07 | In memsys5, initialize new allocations to non-zero bytes. Change the content of freed allocations to prevent use after free. These changes in SQLITE_DEBUG only. (check-in: ba5f0a5599 user: drh tags: trunk) | |
14:24 | Remove an unused variable from the VDBE_PROFILE compile-time option. Keep the opcode count in an u32 instead of an int. (check-in: 4df0ac9023 user: drh tags: trunk) | |
Changes
Changes to src/mem5.c.
︙ | ︙ | |||
270 271 272 273 274 275 276 277 278 279 280 281 282 283 | mem5.nAlloc++; mem5.totalAlloc += iFullSz; mem5.totalExcess += iFullSz - nByte; mem5.currentCount++; mem5.currentOut += iFullSz; if( mem5.maxCount<mem5.currentCount ) mem5.maxCount = mem5.currentCount; if( mem5.maxOut<mem5.currentOut ) mem5.maxOut = mem5.currentOut; /* Return a pointer to the allocated memory. */ return (void*)&mem5.zPool[i*mem5.szAtom]; } /* ** Free an outstanding memory allocation. | > > > > > > | 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 | mem5.nAlloc++; mem5.totalAlloc += iFullSz; mem5.totalExcess += iFullSz - nByte; mem5.currentCount++; mem5.currentOut += iFullSz; if( mem5.maxCount<mem5.currentCount ) mem5.maxCount = mem5.currentCount; if( mem5.maxOut<mem5.currentOut ) mem5.maxOut = mem5.currentOut; #ifdef SQLITE_DEBUG /* Make sure the allocated memory does not assume that it is set to zero ** or retains a value from a previous allocation */ memset(&mem5.zPool[i*mem5.szAtom], 0xAA, iFullSz); #endif /* Return a pointer to the allocated memory. */ return (void*)&mem5.zPool[i*mem5.szAtom]; } /* ** Free an outstanding memory allocation. |
︙ | ︙ | |||
328 329 330 331 332 333 334 335 336 337 338 339 340 341 | iBlock = iBuddy; }else{ mem5.aCtrl[iBlock] = CTRL_FREE | iLogsize; mem5.aCtrl[iBuddy] = 0; } size *= 2; } memsys5Link(iBlock, iLogsize); } /* ** Allocate nBytes of memory. */ static void *memsys5Malloc(int nBytes){ | > > > > > > > | 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 | iBlock = iBuddy; }else{ mem5.aCtrl[iBlock] = CTRL_FREE | iLogsize; mem5.aCtrl[iBuddy] = 0; } size *= 2; } #ifdef SQLITE_DEBUG /* Overwrite freed memory with the 0x55 bit pattern to verify that it is ** not used after being freed */ memset(&mem5.zPool[iBlock*mem5.szAtom], 0x55, size); #endif memsys5Link(iBlock, iLogsize); } /* ** Allocate nBytes of memory. */ static void *memsys5Malloc(int nBytes){ |
︙ | ︙ |