Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix a segfault in the streaming API functions triggered by a very long table name. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | sessions |
| Files: | files | file ages | folders |
| SHA1: |
d2642543eed54da1ac0f757d43dd4d72 |
| User & Date: | dan 2014-09-27 16:33:09.345 |
Context
|
2014-09-27
| ||
| 18:18 | Fix a segfault in the sessions module that could follow an OOM. (check-in: 09985fa6b6 user: dan tags: sessions) | |
| 16:33 | Fix a segfault in the streaming API functions triggered by a very long table name. (check-in: d2642543ee user: dan tags: sessions) | |
| 12:26 | Improve sessions module documentation and comments. Fix some other code issues. (check-in: bfc8bd80f8 user: dan tags: sessions) | |
Changes
Changes to ext/session/session1.test.
| ︙ | ︙ | |||
520 521 522 523 524 525 526 527 |
sqlite3session S db main
S attach *
execsql { UPDATE t7 SET b=2, d=2 }
} {}
do_changeset_test 9.2 S {{UPDATE t7 0 ....X.. {{} {} i 1 {} {} i 1 i 1 {} {} {} {}} {{} {} i 2 {} {} i 2 {} {} {} {} {} {}}}}
S delete
catch { db2 close }
finish_test
| > > > > > > > > > > > > > > > > > > > > > > > > > > | 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 |
sqlite3session S db main
S attach *
execsql { UPDATE t7 SET b=2, d=2 }
} {}
do_changeset_test 9.2 S {{UPDATE t7 0 ....X.. {{} {} i 1 {} {} i 1 i 1 {} {} {} {}} {{} {} i 2 {} {} i 2 {} {} {} {} {} {}}}}
S delete
catch { db2 close }
#-------------------------------------------------------------------------
# Test a really long table name.
#
reset_db
set tblname [string repeat tblname123 100]
do_test 10.1.1 {
execsql "
CREATE TABLE $tblname (a PRIMARY KEY, b);
INSERT INTO $tblname VALUES('xyz', 'def');
"
sqlite3session S db main
S attach $tblname
execsql "
INSERT INTO $tblname VALUES('uvw', 'abc');
DELETE FROM $tblname WHERE a = 'xyz';
"
} {}
breakpoint
do_changeset_test 10.1.2 S "
{INSERT $tblname 0 X. {} {t uvw t abc}}
{DELETE $tblname 0 X. {t xyz t def} {}}
"
do_test 10.1.4 { S delete } {}
finish_test
|
Changes to ext/session/sessionfault.test.
| ︙ | ︙ | |||
26 27 28 29 30 31 32 | CREATE TABLE t1(a, b, c, PRIMARY KEY(a, b)); INSERT INTO t1 VALUES(1, 2, 3); INSERT INTO t1 VALUES(4, 5, 6); } faultsim_save_and_close db2 close | < | 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | CREATE TABLE t1(a, b, c, PRIMARY KEY(a, b)); INSERT INTO t1 VALUES(1, 2, 3); INSERT INTO t1 VALUES(4, 5, 6); } faultsim_save_and_close db2 close #------------------------------------------------------------------------- # Test OOM error handling when collecting and applying a simple changeset. # # Test 1.1 attaches tables individually by name to the session object. # Whereas test 1.2 passes NULL to sqlite3session_attach() to attach all # tables. # |
| ︙ | ︙ | |||
230 231 232 233 234 235 236 |
set changeset [changeset_from_sql {
INSERT INTO t1 VALUES('xxx', 'yyy');
DELETE FROM t1 WHERE a = 'string';
UPDATE t1 SET a = 20 WHERE b = 2;
}]
db close
| | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 |
set changeset [changeset_from_sql {
INSERT INTO t1 VALUES('xxx', 'yyy');
DELETE FROM t1 WHERE a = 'string';
UPDATE t1 SET a = 20 WHERE b = 2;
}]
db close
do_faultsim_test 5.1 -faults oom* -body {
set ::inverse [sqlite3changeset_invert $::changeset]
set {} {}
} -test {
faultsim_test_result {0 {}} {1 SQLITE_NOMEM}
if {$testrc==0} {
set x [list]
sqlite3session_foreach c $::inverse { lappend x $c }
foreach c {
{DELETE t1 0 .X {t xxx t yyy} {}}
{INSERT t1 0 .X {} {t string i 1}}
{UPDATE t1 0 .X {i 20 i 2} {i 4 {} {}}}
} { lappend y $c }
if {$x != $y} { error "changeset no good" }
}
}
catch {db close}
catch {db2 close}
forcedelete test.db
sqlite3 db test.db
execsql {
CREATE TABLE t2(a PRIMARY KEY, b);
INSERT INTO t2 VALUES(1, 'abc');
INSERT INTO t2 VALUES(2, 'def');
}
set changeset [changeset_from_sql {
UPDATE t2 SET b = (b || b || b || b);
UPDATE t2 SET b = (b || b || b || b);
UPDATE t2 SET b = (b || b || b || b);
UPDATE t2 SET b = (b || b || b || b);
}]
db close
set abc [string repeat abc 256]
set def [string repeat def 256]
do_faultsim_test 5.2 -faults oom-tra* -body {
set ::inverse [sqlite3changeset_invert $::changeset]
set {} {}
} -test {
faultsim_test_result {0 {}} {1 SQLITE_NOMEM}
if {$testrc==0} {
set x [list]
sqlite3session_foreach c $::inverse { lappend x $c }
foreach c "
{UPDATE t2 0 X. {i 1 t $::abc} {{} {} t abc}}
{UPDATE t2 0 X. {i 2 t $::def} {{} {} t def}}
" { lappend y $c }
if {$x != $y} { error "changeset no good" }
}
}
#-------------------------------------------------------------------------
# Test that OOM errors in sqlite3changeset_concat() are handled correctly.
#
catch {db close}
forcedelete test.db
sqlite3 db test.db
|
| ︙ | ︙ |
Changes to ext/session/sqlite3session.c.
| ︙ | ︙ | |||
14 15 16 17 18 19 20 | typedef struct SessionBuffer SessionBuffer; typedef struct SessionInput SessionInput; /* ** Minimum chunk size used by streaming versions of functions. */ #ifdef SQLITE_TEST | | | 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | typedef struct SessionBuffer SessionBuffer; typedef struct SessionInput SessionInput; /* ** Minimum chunk size used by streaming versions of functions. */ #ifdef SQLITE_TEST #define SESSIONS_STR_CHUNK_SIZE 64 #else #define SESSIONS_STR_CHUNK_SIZE 1024 #endif /* ** Session handle structure. */ |
| ︙ | ︙ | |||
1343 1344 1345 1346 1347 1348 1349 |
** Otherwise, if an error occurs, *pRc is set to an SQLite error code
** before returning.
*/
static void sessionAppendValue(SessionBuffer *p, sqlite3_value *pVal, int *pRc){
int rc = *pRc;
if( rc==SQLITE_OK ){
int nByte = 0;
| | | 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 |
** Otherwise, if an error occurs, *pRc is set to an SQLite error code
** before returning.
*/
static void sessionAppendValue(SessionBuffer *p, sqlite3_value *pVal, int *pRc){
int rc = *pRc;
if( rc==SQLITE_OK ){
int nByte = 0;
rc = sessionSerializeValue(0, pVal, &nByte);
sessionBufferGrow(p, nByte, &rc);
if( rc==SQLITE_OK ){
rc = sessionSerializeValue(&p->aBuf[p->nBuf], pVal, 0);
p->nBuf += nByte;
}else{
*pRc = rc;
}
|
| ︙ | ︙ | |||
2221 2222 2223 2224 2225 2226 2227 |
int eType = 0; /* Type of value (SQLITE_NULL, TEXT etc.) */
if( abPK && abPK[i]==0 ) continue;
rc = sessionInputBuffer(pIn, 9);
if( rc==SQLITE_OK ){
eType = pIn->aData[pIn->iNext++];
}
| | < | | < | < | | | | | | | < | 2221 2222 2223 2224 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 |
int eType = 0; /* Type of value (SQLITE_NULL, TEXT etc.) */
if( abPK && abPK[i]==0 ) continue;
rc = sessionInputBuffer(pIn, 9);
if( rc==SQLITE_OK ){
eType = pIn->aData[pIn->iNext++];
}
assert( apOut[i]==0 );
if( eType ){
apOut[i] = sqlite3ValueNew(0);
if( !apOut[i] ) rc = SQLITE_NOMEM;
}
if( rc==SQLITE_OK ){
u8 *aVal = &pIn->aData[pIn->iNext];
if( eType==SQLITE_TEXT || eType==SQLITE_BLOB ){
int nByte;
pIn->iNext += sessionVarintGet(aVal, &nByte);
rc = sessionInputBuffer(pIn, nByte);
if( rc==SQLITE_OK ){
u8 enc = (eType==SQLITE_TEXT ? SQLITE_UTF8 : 0);
rc = sessionValueSetStr(apOut[i],&pIn->aData[pIn->iNext],nByte,enc);
}
pIn->iNext += nByte;
}
if( eType==SQLITE_INTEGER || eType==SQLITE_FLOAT ){
sqlite3_int64 v = sessionGetI64(aVal);
if( eType==SQLITE_INTEGER ){
sqlite3VdbeMemSetInt64(apOut[i], v);
}else{
double d;
memcpy(&d, &v, 8);
sqlite3VdbeMemSetDouble(apOut[i], d);
}
pIn->iNext += 8;
}
}
}
return rc;
|
| ︙ | ︙ | |||
2289 2290 2291 2292 2293 2294 2295 |
nRead += nCol;
}
while( rc==SQLITE_OK ){
while( (pIn->iNext + nRead)<pIn->nData && pIn->aData[pIn->iNext + nRead] ){
nRead++;
}
| | | | 2285 2286 2287 2288 2289 2290 2291 2292 2293 2294 2295 2296 2297 2298 2299 2300 2301 2302 |
nRead += nCol;
}
while( rc==SQLITE_OK ){
while( (pIn->iNext + nRead)<pIn->nData && pIn->aData[pIn->iNext + nRead] ){
nRead++;
}
if( (pIn->iNext + nRead)<pIn->nData ) break;
rc = sessionInputBuffer(pIn, nRead + 100);
}
*pnByte = nRead+1;
return rc;
}
/*
** The input pointer currently points to the first byte of the first field
** of a record consisting of nCol columns. This function ensures the entire
** record is buffered. It does not move the input pointer.
|
| ︙ | ︙ | |||
2771 2772 2773 2774 2775 2776 2777 |
if( rc==SQLITE_OK ){
rc = sessionReadRecord(pInput, nCol, 0, &apVal[nCol]);
}
/* Write the new old.* record. Consists of the PK columns from the
** original old.* record, and the other values from the original
** new.* record. */
| | | | 2767 2768 2769 2770 2771 2772 2773 2774 2775 2776 2777 2778 2779 2780 2781 2782 2783 2784 2785 2786 2787 2788 2789 |
if( rc==SQLITE_OK ){
rc = sessionReadRecord(pInput, nCol, 0, &apVal[nCol]);
}
/* Write the new old.* record. Consists of the PK columns from the
** original old.* record, and the other values from the original
** new.* record. */
for(iCol=0; iCol<nCol; iCol++){
sqlite3_value *pVal = apVal[iCol + (abPK[iCol] ? 0 : nCol)];
sessionAppendValue(&sOut, pVal, &rc);
}
/* Write the new new.* record. Consists of a copy of all values
** from the original old.* record, except for the PK columns, which
** are set to "undefined". */
for(iCol=0; iCol<nCol; iCol++){
sqlite3_value *pVal = (abPK[iCol] ? 0 : apVal[iCol]);
sessionAppendValue(&sOut, pVal, &rc);
}
for(iCol=0; iCol<nCol*2; iCol++){
sqlite3ValueFree(apVal[iCol]);
}
|
| ︙ | ︙ | |||
3900 3901 3902 3903 3904 3905 3906 3907 3908 3909 3910 3911 3912 3913 3914 3915 3916 3917 3918 |
void *pOut,
int *pnOut,
void **ppOut
){
SessionTable *pList = 0; /* List of SessionTable objects */
int rc; /* Return code */
int bPatch; /* True for a patchset */
assert( xOutput==0 || (ppOut==0 && pnOut==0) );
rc = sessionChangesetToHash(pLeft, &pList);
if( rc==SQLITE_OK ){
rc = sessionChangesetToHash(pRight, &pList);
}
bPatch = pLeft->bPatchset || pRight->bPatchset;
/* Create the serialized output changeset based on the contents of the
** hash tables attached to the SessionTable objects in list pList.
*/
| > > | < < < | | | | | | | | | | | | | | | | | | | | | | | | | | < | 3896 3897 3898 3899 3900 3901 3902 3903 3904 3905 3906 3907 3908 3909 3910 3911 3912 3913 3914 3915 3916 3917 3918 3919 3920 3921 3922 3923 3924 3925 3926 3927 3928 3929 3930 3931 3932 3933 3934 3935 3936 3937 3938 3939 3940 3941 3942 3943 3944 3945 3946 3947 3948 3949 3950 3951 3952 3953 |
void *pOut,
int *pnOut,
void **ppOut
){
SessionTable *pList = 0; /* List of SessionTable objects */
int rc; /* Return code */
int bPatch; /* True for a patchset */
SessionTable *pTab;
SessionBuffer buf = {0, 0, 0};
assert( xOutput==0 || (ppOut==0 && pnOut==0) );
rc = sessionChangesetToHash(pLeft, &pList);
if( rc==SQLITE_OK ){
rc = sessionChangesetToHash(pRight, &pList);
}
bPatch = pLeft->bPatchset || pRight->bPatchset;
/* Create the serialized output changeset based on the contents of the
** hash tables attached to the SessionTable objects in list pList.
*/
for(pTab=pList; rc==SQLITE_OK && pTab; pTab=pTab->pNext){
int i;
if( pTab->nEntry==0 ) continue;
sessionAppendTableHdr(&buf, bPatch, pTab, &rc);
for(i=0; i<pTab->nChange; i++){
SessionChange *p;
for(p=pTab->apChange[i]; p; p=p->pNext){
sessionAppendByte(&buf, p->op, &rc);
sessionAppendByte(&buf, p->bIndirect, &rc);
sessionAppendBlob(&buf, p->aRecord, p->nRecord, &rc);
}
}
if( rc==SQLITE_OK && xOutput && buf.nBuf>=SESSIONS_STR_CHUNK_SIZE ){
rc = xOutput(pOut, buf.aBuf, buf.nBuf);
buf.nBuf = 0;
}
}
if( rc==SQLITE_OK ){
if( xOutput ){
if( buf.nBuf>0 ) rc = xOutput(pOut, buf.aBuf, buf.nBuf);
}else{
*ppOut = buf.aBuf;
*pnOut = buf.nBuf;
buf.aBuf = 0;
}
}
sqlite3_free(buf.aBuf);
sessionDeleteTable(pList);
return rc;
}
/*
** Combine two changesets together.
|
| ︙ | ︙ |
Changes to ext/session/test_session.c.
| ︙ | ︙ | |||
71 72 73 74 75 76 77 |
struct TestSessionsBlob {
void *p;
int n;
};
typedef struct TestSessionsBlob TestSessionsBlob;
| | | 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
struct TestSessionsBlob {
void *p;
int n;
};
typedef struct TestSessionsBlob TestSessionsBlob;
static int testStreamOutput(
void *pCtx,
const void *pData,
int nData
){
TestSessionsBlob *pBlob = (TestSessionsBlob*)pCtx;
char *pNew;
|
| ︙ | ︙ | |||
156 157 158 159 160 161 162 |
case 7: /* patchset */
case 1: { /* changeset */
TestSessionsBlob o = {0, 0};
if( test_tcl_integer(interp, SESSION_STREAM_TCL_VAR) ){
void *pCtx = (void*)&o;
if( iSub==7 ){
| | | | 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 |
case 7: /* patchset */
case 1: { /* changeset */
TestSessionsBlob o = {0, 0};
if( test_tcl_integer(interp, SESSION_STREAM_TCL_VAR) ){
void *pCtx = (void*)&o;
if( iSub==7 ){
rc = sqlite3session_patchset_str(pSession, testStreamOutput, pCtx);
}else{
rc = sqlite3session_changeset_str(pSession, testStreamOutput, pCtx);
}
}else{
if( iSub==7 ){
rc = sqlite3session_patchset(pSession, &o.n, &o.p);
}else{
rc = sqlite3session_changeset(pSession, &o.n, &o.p);
}
|
| ︙ | ︙ | |||
557 558 559 560 561 562 563 564 565 566 567 568 569 570 |
void *pData, /* Buffer to populate */
int *pnData /* IN/OUT: Bytes requested/supplied */
){
TestStreamInput *p = (TestStreamInput*)pCtx;
int nReq = *pnData; /* Bytes of data requested */
int nRem = p->nData - p->iData; /* Bytes of data available */
int nRet = p->nStream; /* Bytes actually returned */
if( nRet>nReq ) nRet = nReq;
if( nRet>nRem ) nRet = nRem;
assert( nRet>=0 );
if( nRet>0 ){
memcpy(pData, &p->aData[p->iData], nRet);
| > > > > > > > | 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 |
void *pData, /* Buffer to populate */
int *pnData /* IN/OUT: Bytes requested/supplied */
){
TestStreamInput *p = (TestStreamInput*)pCtx;
int nReq = *pnData; /* Bytes of data requested */
int nRem = p->nData - p->iData; /* Bytes of data available */
int nRet = p->nStream; /* Bytes actually returned */
/* Allocate and free some space. There is no point to this, other than
** that it allows the regular OOM fault-injection tests to cause an error
** in this function. */
void *pAlloc = sqlite3_malloc(10);
if( pAlloc==0 ) return SQLITE_NOMEM;
sqlite3_free(pAlloc);
if( nRet>nReq ) nRet = nReq;
if( nRet>nRem ) nRet = nRem;
assert( nRet>=0 );
if( nRet>0 ){
memcpy(pData, &p->aData[p->iData], nRet);
|
| ︙ | ︙ | |||
687 688 689 690 691 692 693 |
memset(&sIn, 0, sizeof(sIn));
memset(&sOut, 0, sizeof(sOut));
sIn.nStream = test_tcl_integer(interp, SESSION_STREAM_TCL_VAR);
sIn.aData = Tcl_GetByteArrayFromObj(objv[1], &sIn.nData);
if( sIn.nStream ){
rc = sqlite3changeset_invert_str(
| | | 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 |
memset(&sIn, 0, sizeof(sIn));
memset(&sOut, 0, sizeof(sOut));
sIn.nStream = test_tcl_integer(interp, SESSION_STREAM_TCL_VAR);
sIn.aData = Tcl_GetByteArrayFromObj(objv[1], &sIn.nData);
if( sIn.nStream ){
rc = sqlite3changeset_invert_str(
testStreamInput, (void*)&sIn, testStreamOutput, (void*)&sOut
);
}else{
rc = sqlite3changeset_invert(sIn.nData, sIn.aData, &sOut.n, &sOut.p);
}
if( rc!=SQLITE_OK ){
rc = test_session_error(interp, rc);
}else{
|
| ︙ | ︙ | |||
732 733 734 735 736 737 738 |
sLeft.nStream = test_tcl_integer(interp, SESSION_STREAM_TCL_VAR);
sRight.nStream = sLeft.nStream;
if( sLeft.nStream>0 ){
rc = sqlite3changeset_concat_str(
testStreamInput, (void*)&sLeft,
testStreamInput, (void*)&sRight,
| | | 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 |
sLeft.nStream = test_tcl_integer(interp, SESSION_STREAM_TCL_VAR);
sRight.nStream = sLeft.nStream;
if( sLeft.nStream>0 ){
rc = sqlite3changeset_concat_str(
testStreamInput, (void*)&sLeft,
testStreamInput, (void*)&sRight,
testStreamOutput, (void*)&sOut
);
}else{
rc = sqlite3changeset_concat(
sLeft.nData, sLeft.aData, sRight.nData, sRight.aData, &sOut.n, &sOut.p
);
}
|
| ︙ | ︙ |