SQLite

Check-in [fab6f09044]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Work around a "security feature" bug in memcpy() on OpenBSD.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: fab6f09044d033dd09ed8a22e06bc6a7851bbabf
User & Date: drh 2015-10-10 16:41:28.969
Context
2015-10-11
19:46
Improved substitution logic in the query flattener. Saves code space, and (more importantly) works correctly with table-valued functions. (check-in: 3d0bd95e97 user: drh tags: trunk)
2015-10-10
20:35
Pull in the latest 3.9.0 tweaks from trunk. (check-in: ed174ccf0a user: drh tags: sessions)
16:41
Work around a "security feature" bug in memcpy() on OpenBSD. (check-in: fab6f09044 user: drh tags: trunk)
15:57
Remove another instance of strcpy() from FTS5, to mollify OpenBSD. (check-in: 35e6248abb user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/btree.c.
6495
6496
6497
6498
6499
6500
6501






6502
6503
6504
6505
6506
6507
6508
6509
    u8 *pSlot;
    sz = cachedCellSize(pCArray, i);
    if( (aData[1]==0 && aData[2]==0) || (pSlot = pageFindSlot(pPg,sz,&rc))==0 ){
      pData -= sz;
      if( pData<pBegin ) return 1;
      pSlot = pData;
    }






    memcpy(pSlot, pCArray->apCell[i], sz);
    put2byte(pCellptr, (pSlot - aData));
    pCellptr += 2;
  }
  *ppData = pData;
  return 0;
}








>
>
>
>
>
>
|







6495
6496
6497
6498
6499
6500
6501
6502
6503
6504
6505
6506
6507
6508
6509
6510
6511
6512
6513
6514
6515
    u8 *pSlot;
    sz = cachedCellSize(pCArray, i);
    if( (aData[1]==0 && aData[2]==0) || (pSlot = pageFindSlot(pPg,sz,&rc))==0 ){
      pData -= sz;
      if( pData<pBegin ) return 1;
      pSlot = pData;
    }
    /* pSlot and pCArray->apCell[i] will never overlap on a well-formed
    ** database.  But they might for a corrupt database.  Hence use memmove()
    ** since memcpy() sends SIGABORT with overlapping buffers on OpenBSD */
    assert( (pSlot+sz)<=pCArray->apCell[i]
         || pSlot>=(pCArray->apCell[i]+sz)
         || CORRUPT_DB );
    memmove(pSlot, pCArray->apCell[i], sz);
    put2byte(pCellptr, (pSlot - aData));
    pCellptr += 2;
  }
  *ppData = pData;
  return 0;
}