Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | In memsys5, initialize new allocations to non-zero bytes. Change the content of freed allocations to prevent use after free. These changes in SQLITE_DEBUG only. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
ba5f0a5599dece6d8f3dfe652800c288 |
| User & Date: | drh 2014-02-24 19:07:51 |
Context
|
2014-02-24
| ||
| 19:49 | Close some stray connections in walro.test. (check-in: d6746cab user: dan tags: trunk) | |
| 19:07 | In memsys5, initialize new allocations to non-zero bytes. Change the content of freed allocations to prevent use after free. These changes in SQLITE_DEBUG only. (check-in: ba5f0a55 user: drh tags: trunk) | |
| 14:24 | Remove an unused variable from the VDBE_PROFILE compile-time option. Keep the opcode count in an u32 instead of an int. (check-in: 4df0ac90 user: drh tags: trunk) | |
Changes
Changes to src/mem5.c.
270
271
272
273
274
275
276
277
278
279
280
281
282
283
...
328
329
330
331
332
333
334
335
336
337
338
339
340
341
|
mem5.nAlloc++;
mem5.totalAlloc += iFullSz;
mem5.totalExcess += iFullSz - nByte;
mem5.currentCount++;
mem5.currentOut += iFullSz;
if( mem5.maxCount<mem5.currentCount ) mem5.maxCount = mem5.currentCount;
if( mem5.maxOut<mem5.currentOut ) mem5.maxOut = mem5.currentOut;
/* Return a pointer to the allocated memory. */
return (void*)&mem5.zPool[i*mem5.szAtom];
}
/*
** Free an outstanding memory allocation.
................................................................................
iBlock = iBuddy;
}else{
mem5.aCtrl[iBlock] = CTRL_FREE | iLogsize;
mem5.aCtrl[iBuddy] = 0;
}
size *= 2;
}
memsys5Link(iBlock, iLogsize);
}
/*
** Allocate nBytes of memory.
*/
static void *memsys5Malloc(int nBytes){
|
>
>
>
>
>
>
>
>
>
>
>
>
>
|
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
...
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
|
mem5.nAlloc++; mem5.totalAlloc += iFullSz; mem5.totalExcess += iFullSz - nByte; mem5.currentCount++; mem5.currentOut += iFullSz; if( mem5.maxCount<mem5.currentCount ) mem5.maxCount = mem5.currentCount; if( mem5.maxOut<mem5.currentOut ) mem5.maxOut = mem5.currentOut; #ifdef SQLITE_DEBUG /* Make sure the allocated memory does not assume that it is set to zero ** or retains a value from a previous allocation */ memset(&mem5.zPool[i*mem5.szAtom], 0xAA, iFullSz); #endif /* Return a pointer to the allocated memory. */ return (void*)&mem5.zPool[i*mem5.szAtom]; } /* ** Free an outstanding memory allocation. ................................................................................ iBlock = iBuddy; }else{ mem5.aCtrl[iBlock] = CTRL_FREE | iLogsize; mem5.aCtrl[iBuddy] = 0; } size *= 2; } #ifdef SQLITE_DEBUG /* Overwrite freed memory with the 0x55 bit pattern to verify that it is ** not used after being freed */ memset(&mem5.zPool[iBlock*mem5.szAtom], 0x55, size); #endif memsys5Link(iBlock, iLogsize); } /* ** Allocate nBytes of memory. */ static void *memsys5Malloc(int nBytes){ |