/ Check-in [9a358fc3]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix some memory leaks that can occur if a memory allocation fails. (CVS 2388)
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 9a358fc33d726d0b5782bf65b50f61f2bd096d56
User & Date: danielk1977 2005-03-16 12:15:21
Context
2005-03-17
03:15
Fix a bug in the calculation of the table record header size. Ticket #1163. (CVS 2389) check-in: bf82a04f user: drh tags: trunk
2005-03-16
12:15
Fix some memory leaks that can occur if a memory allocation fails. (CVS 2388) check-in: 9a358fc3 user: danielk1977 tags: trunk
2005-03-15
17:09
When creating a new database, delete any preexisting journal that might be left over from a prior database with the same name. Ticket #1152. (CVS 2387) check-in: 856e2ec9 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Show Whitespace Changes Patch

Changes to src/attach.c.

     7      7   **    May you do good and not evil.
     8      8   **    May you find forgiveness for yourself and forgive others.
     9      9   **    May you share freely, never taking more than you give.
    10     10   **
    11     11   *************************************************************************
    12     12   ** This file contains code used to implement the ATTACH and DETACH commands.
    13     13   **
    14         -** $Id: attach.c,v 1.32 2005/03/15 02:04:12 drh Exp $
           14  +** $Id: attach.c,v 1.33 2005/03/16 12:15:21 danielk1977 Exp $
    15     15   */
    16     16   #include "sqliteInt.h"
    17     17   
    18     18   /*
    19     19   ** This routine is called by the parser to process an ATTACH statement:
    20     20   **
    21     21   **     ATTACH DATABASE filename AS dbname
................................................................................
    28     28     Token *pFilename,    /* Name of database file */
    29     29     Token *pDbname,      /* Name of the database to use internally */
    30     30     int keyType,         /* 0: no key.  1: TEXT,  2: BLOB */
    31     31     Token *pKey          /* Text of the key for keytype 1 and 2 */
    32     32   ){
    33     33     Db *aNew;
    34     34     int rc, i;
    35         -  char *zFile, *zName;
           35  +  char *zFile = 0;
           36  +  char *zName = 0;
    36     37     sqlite3 *db;
    37     38     Vdbe *v;
    38     39   
    39     40     v = sqlite3GetVdbe(pParse);
    40     41     if( !v ) return;
    41     42     sqlite3VdbeAddOp(v, OP_Expire, 1, 0);
    42     43     sqlite3VdbeAddOp(v, OP_Halt, 0, 0);
................................................................................
    51     52   
    52     53     if( !db->autoCommit ){
    53     54       sqlite3ErrorMsg(pParse, "cannot ATTACH database within transaction");
    54     55       pParse->rc = SQLITE_ERROR;
    55     56       return;
    56     57     }
    57     58   
    58         -  zFile = sqlite3NameFromToken(pFilename);;
    59         -  if( zFile==0 ) return;
           59  +  zFile = sqlite3NameFromToken(pFilename);
           60  +  if( zFile==0 ){
           61  +    goto attach_end;
           62  +  }
    60     63   #ifndef SQLITE_OMIT_AUTHORIZATION
    61     64     if( sqlite3AuthCheck(pParse, SQLITE_ATTACH, zFile, 0, 0)!=SQLITE_OK ){
    62         -    sqliteFree(zFile);
    63         -    return;
           65  +    goto attach_end;
    64     66     }
    65     67   #endif /* SQLITE_OMIT_AUTHORIZATION */
    66     68   
    67     69     zName = sqlite3NameFromToken(pDbname);
    68         -  if( zName==0 ) return;
           70  +  if( zName==0 ){
           71  +    goto attach_end;
           72  +  }
    69     73     for(i=0; i<db->nDb; i++){
    70     74       char *z = db->aDb[i].zName;
    71     75       if( z && sqlite3StrICmp(z, zName)==0 ){
    72         -      sqlite3ErrorMsg(pParse, "database %z is already in use", zName);
           76  +      sqlite3ErrorMsg(pParse, "database %s is already in use", zName);
    73     77         pParse->rc = SQLITE_ERROR;
    74         -      sqliteFree(zFile);
    75         -      return;
           78  +      goto attach_end;
    76     79       }
    77     80     }
    78     81   
    79     82     if( db->aDb==db->aDbStatic ){
    80     83       aNew = sqliteMalloc( sizeof(db->aDb[0])*3 );
    81         -    if( aNew==0 ) return;
           84  +    if( aNew==0 ){
           85  +      goto attach_end;
           86  +    }
    82     87       memcpy(aNew, db->aDb, sizeof(db->aDb[0])*2);
    83     88     }else{
    84     89       aNew = sqliteRealloc(db->aDb, sizeof(db->aDb[0])*(db->nDb+1) );
    85         -    if( aNew==0 ) return;
           90  +    if( aNew==0 ){
           91  +      goto attach_end;
           92  +    } 
    86     93     }
    87     94     db->aDb = aNew;
    88     95     aNew = &db->aDb[db->nDb++];
    89     96     memset(aNew, 0, sizeof(*aNew));
    90     97     sqlite3HashInit(&aNew->tblHash, SQLITE_HASH_STRING, 0);
    91     98     sqlite3HashInit(&aNew->idxHash, SQLITE_HASH_STRING, 0);
    92     99     sqlite3HashInit(&aNew->trigHash, SQLITE_HASH_STRING, 0);
    93    100     sqlite3HashInit(&aNew->aFKey, SQLITE_HASH_STRING, 1);
    94    101     aNew->zName = zName;
          102  +  zName = 0;
    95    103     aNew->safety_level = 3;
    96    104     rc = sqlite3BtreeFactory(db, zFile, 0, MAX_PAGES, &aNew->pBt);
    97    105     if( rc ){
    98    106       sqlite3ErrorMsg(pParse, "unable to open database: %s", zFile);
    99    107     }
   100    108   #if SQLITE_HAS_CODEC
   101    109     {
................................................................................
   122    130       }
   123    131       sqlite3CodecAttach(db, db->nDb-1, zKey, nKey);
   124    132       if( keyType ){
   125    133         sqliteFree(zKey);
   126    134       }
   127    135     }
   128    136   #endif
   129         -  sqliteFree(zFile);
   130    137     db->flags &= ~SQLITE_Initialized;
   131    138     if( pParse->nErr==0 && rc==SQLITE_OK ){
   132    139       rc = sqlite3ReadSchema(pParse);
   133    140     }
   134    141     if( rc ){
   135    142       int i = db->nDb - 1;
   136    143       assert( i>=2 );
................................................................................
   140    147       }
   141    148       sqlite3ResetInternalSchema(db, 0);
   142    149       if( 0==pParse->nErr ){
   143    150         pParse->nErr++;
   144    151         pParse->rc = SQLITE_ERROR;
   145    152       }
   146    153     }
          154  +
          155  +attach_end:
          156  +  sqliteFree(zFile);
          157  +  sqliteFree(zName);
   147    158   }
   148    159   
   149    160   /*
   150    161   ** This routine is called by the parser to process a DETACH statement:
   151    162   **
   152    163   **    DETACH DATABASE dbname
   153    164   **

Changes to src/build.c.

    18     18   **     CREATE INDEX
    19     19   **     DROP INDEX
    20     20   **     creating ID lists
    21     21   **     BEGIN TRANSACTION
    22     22   **     COMMIT
    23     23   **     ROLLBACK
    24     24   **
    25         -** $Id: build.c,v 1.312 2005/02/19 08:18:06 danielk1977 Exp $
           25  +** $Id: build.c,v 1.313 2005/03/16 12:15:21 danielk1977 Exp $
    26     26   */
    27     27   #include "sqliteInt.h"
    28     28   #include <ctype.h>
    29     29   
    30     30   /*
    31     31   ** This routine is called when a new SQL statement is beginning to
    32     32   ** be parsed.  Initialize the pParse structure as needed.
................................................................................
   830    830         sqliteFree(z);
   831    831         return;
   832    832       }
   833    833     }
   834    834     if( (p->nCol & 0x7)==0 ){
   835    835       Column *aNew;
   836    836       aNew = sqliteRealloc( p->aCol, (p->nCol+8)*sizeof(p->aCol[0]));
   837         -    if( aNew==0 ) return;
          837  +    if( aNew==0 ){
          838  +      sqliteFree(z);
          839  +      return;
          840  +    }
   838    841       p->aCol = aNew;
   839    842     }
   840    843     pCol = &p->aCol[p->nCol];
   841    844     memset(pCol, 0, sizeof(p->aCol[0]));
   842    845     pCol->zName = z;
   843    846    
   844    847     /* If there is no type specified, columns have the default affinity
................................................................................
  1091   1094     CollSeq *pColl;
  1092   1095     if( nName<0 ) nName = strlen(zName);
  1093   1096     pColl = sqlite3HashFind(&db->aCollSeq, zName, nName);
  1094   1097   
  1095   1098     if( 0==pColl && create ){
  1096   1099       pColl = sqliteMalloc( 3*sizeof(*pColl) + nName + 1 );
  1097   1100       if( pColl ){
         1101  +      CollSeq *pDel = 0;
  1098   1102         pColl[0].zName = (char*)&pColl[3];
  1099   1103         pColl[0].enc = SQLITE_UTF8;
  1100   1104         pColl[1].zName = (char*)&pColl[3];
  1101   1105         pColl[1].enc = SQLITE_UTF16LE;
  1102   1106         pColl[2].zName = (char*)&pColl[3];
  1103   1107         pColl[2].enc = SQLITE_UTF16BE;
  1104   1108         memcpy(pColl[0].zName, zName, nName);
  1105   1109         pColl[0].zName[nName] = 0;
  1106         -      sqlite3HashInsert(&db->aCollSeq, pColl[0].zName, nName, pColl);
         1110  +      pDel = sqlite3HashInsert(&db->aCollSeq, pColl[0].zName, nName, pColl);
         1111  +
         1112  +      /* If a malloc() failure occured in sqlite3HashInsert(), it will 
         1113  +      ** return the pColl pointer to be deleted (because it wasn't added
         1114  +      ** to the hash table).
         1115  +      */
         1116  +      assert( !pDel || (sqlite3_malloc_failed && pDel==pColl) );
         1117  +      sqliteFree(pDel);
  1107   1118       }
  1108   1119     }
  1109   1120     return pColl;
  1110   1121   }
  1111   1122   
  1112   1123   /*
  1113   1124   ** Parameter zName points to a UTF-8 encoded string nName bytes long.
................................................................................
  2505   2516   ** implements the DROP INDEX statement.
  2506   2517   */
  2507   2518   void sqlite3DropIndex(Parse *pParse, SrcList *pName){
  2508   2519     Index *pIndex;
  2509   2520     Vdbe *v;
  2510   2521     sqlite3 *db = pParse->db;
  2511   2522   
  2512         -  if( pParse->nErr || sqlite3_malloc_failed ) return;
         2523  +  if( pParse->nErr || sqlite3_malloc_failed ){
         2524  +    goto exit_drop_index;
         2525  +  }
  2513   2526     assert( pName->nSrc==1 );
  2514         -  if( SQLITE_OK!=sqlite3ReadSchema(pParse) ) return;
         2527  +  if( SQLITE_OK!=sqlite3ReadSchema(pParse) ){
         2528  +    goto exit_drop_index;
         2529  +  }
  2515   2530     pIndex = sqlite3FindIndex(db, pName->a[0].zName, pName->a[0].zDatabase);
  2516   2531     if( pIndex==0 ){
  2517   2532       sqlite3ErrorMsg(pParse, "no such index: %S", pName, 0);
  2518   2533       pParse->checkSchema = 1;
  2519   2534       goto exit_drop_index;
  2520   2535     }
  2521   2536     if( pIndex->autoIndex ){

Changes to src/delete.c.

     8      8   **    May you find forgiveness for yourself and forgive others.
     9      9   **    May you share freely, never taking more than you give.
    10     10   **
    11     11   *************************************************************************
    12     12   ** This file contains C code routines that are called by the parser
    13     13   ** in order to generate code for DELETE FROM statements.
    14     14   **
    15         -** $Id: delete.c,v 1.101 2005/03/09 12:26:51 danielk1977 Exp $
           15  +** $Id: delete.c,v 1.102 2005/03/16 12:15:21 danielk1977 Exp $
    16     16   */
    17     17   #include "sqliteInt.h"
    18     18   
    19     19   /*
    20     20   ** Look up every table that is named in pSrc.  If any table is not found,
    21     21   ** add an error message to pParse->zErrMsg and return NULL.  If all tables
    22     22   ** are found, return a pointer to the last table.
................................................................................
    95     95   #ifndef SQLITE_OMIT_TRIGGER
    96     96     int isView;                  /* True if attempting to delete from a view */
    97     97     int triggers_exist = 0;      /* True if any triggers exist */
    98     98   #endif
    99     99   
   100    100     sContext.pParse = 0;
   101    101     if( pParse->nErr || sqlite3_malloc_failed ){
   102         -    pTabList = 0;
   103    102       goto delete_from_cleanup;
   104    103     }
   105    104     db = pParse->db;
   106    105     assert( pTabList->nSrc==1 );
   107    106   
   108    107     /* Locate the table which we want to delete.  This table has to be
   109    108     ** put in an SrcList structure because some of the subroutines we

Changes to src/expr.c.

     8      8   **    May you find forgiveness for yourself and forgive others.
     9      9   **    May you share freely, never taking more than you give.
    10     10   **
    11     11   *************************************************************************
    12     12   ** This file contains routines used for analyzing expressions and
    13     13   ** for generating VDBE code that evaluates expressions in SQLite.
    14     14   **
    15         -** $Id: expr.c,v 1.195 2005/03/09 12:26:51 danielk1977 Exp $
           15  +** $Id: expr.c,v 1.196 2005/03/16 12:15:21 danielk1977 Exp $
    16     16   */
    17     17   #include "sqliteInt.h"
    18     18   #include <ctype.h>
    19     19   
    20     20   /*
    21     21   ** Return the 'affinity' of the expression pExpr if any.
    22     22   **
................................................................................
   179    179   ** for this node is obtained from sqliteMalloc().  The calling function
   180    180   ** is responsible for making sure the node eventually gets freed.
   181    181   */
   182    182   Expr *sqlite3Expr(int op, Expr *pLeft, Expr *pRight, const Token *pToken){
   183    183     Expr *pNew;
   184    184     pNew = sqliteMalloc( sizeof(Expr) );
   185    185     if( pNew==0 ){
   186         -    /* When malloc fails, we leak memory from pLeft and pRight */
          186  +    /* When malloc fails, delete pLeft and pRight. Expressions passed to 
          187  +    ** this function must always be allocated with sqlite3Expr() for this 
          188  +    ** reason. 
          189  +    */
          190  +    sqlite3ExprDelete(pLeft);
          191  +    sqlite3ExprDelete(pRight);
   187    192       return 0;
   188    193     }
   189    194     pNew->op = op;
   190    195     pNew->pLeft = pLeft;
   191    196     pNew->pRight = pRight;
   192    197     pNew->iAgg = -1;
   193    198     if( pToken ){
................................................................................
   271    276   ** Construct a new expression node for a function with multiple
   272    277   ** arguments.
   273    278   */
   274    279   Expr *sqlite3ExprFunction(ExprList *pList, Token *pToken){
   275    280     Expr *pNew;
   276    281     pNew = sqliteMalloc( sizeof(Expr) );
   277    282     if( pNew==0 ){
   278         -    /* sqlite3ExprListDelete(pList); // Leak pList when malloc fails */
          283  +    sqlite3ExprListDelete(pList); /* Avoid leaking memory when malloc fails */
   279    284       return 0;
   280    285     }
   281    286     pNew->op = TK_FUNCTION;
   282    287     pNew->pList = pList;
   283    288     if( pToken ){
   284    289       assert( pToken->dyn==0 );
   285    290       pNew->token = *pToken;
................................................................................
   489    494     IdList *pNew;
   490    495     int i;
   491    496     if( p==0 ) return 0;
   492    497     pNew = sqliteMallocRaw( sizeof(*pNew) );
   493    498     if( pNew==0 ) return 0;
   494    499     pNew->nId = pNew->nAlloc = p->nId;
   495    500     pNew->a = sqliteMallocRaw( p->nId*sizeof(p->a[0]) );
   496         -  if( pNew->a==0 ) return 0;
          501  +  if( pNew->a==0 ){
          502  +    sqliteFree(pNew);
          503  +    return 0;
          504  +  }
   497    505     for(i=0; i<p->nId; i++){
   498    506       struct IdList_item *pNewItem = &pNew->a[i];
   499    507       struct IdList_item *pOldItem = &p->a[i];
   500    508       pNewItem->zName = sqliteStrDup(pOldItem->zName);
   501    509       pNewItem->idx = pOldItem->idx;
   502    510     }
   503    511     return pNew;
................................................................................
   538    546   ** Add a new element to the end of an expression list.  If pList is
   539    547   ** initially NULL, then create a new expression list.
   540    548   */
   541    549   ExprList *sqlite3ExprListAppend(ExprList *pList, Expr *pExpr, Token *pName){
   542    550     if( pList==0 ){
   543    551       pList = sqliteMalloc( sizeof(ExprList) );
   544    552       if( pList==0 ){
   545         -      /* sqlite3ExprDelete(pExpr); // Leak memory if malloc fails */
   546         -      return 0;
          553  +      goto no_mem;
   547    554       }
   548    555       assert( pList->nAlloc==0 );
   549    556     }
   550    557     if( pList->nAlloc<=pList->nExpr ){
   551         -    pList->nAlloc = pList->nAlloc*2 + 4;
   552         -    pList->a = sqliteRealloc(pList->a, pList->nAlloc*sizeof(pList->a[0]));
   553         -    if( pList->a==0 ){
   554         -      /* sqlite3ExprDelete(pExpr); // Leak memory if malloc fails */
   555         -      pList->nExpr = pList->nAlloc = 0;
   556         -      return pList;
          558  +    struct ExprList_item *a;
          559  +    int n = pList->nAlloc*2 + 4;
          560  +    a = sqliteRealloc(pList->a, n*sizeof(pList->a[0]));
          561  +    if( a==0 ){
          562  +      goto no_mem;
   557    563       }
          564  +    pList->a = a;
          565  +    pList->nAlloc = n;
   558    566     }
   559    567     assert( pList->a!=0 );
   560    568     if( pExpr || pName ){
   561    569       struct ExprList_item *pItem = &pList->a[pList->nExpr++];
   562    570       memset(pItem, 0, sizeof(*pItem));
   563    571       pItem->pExpr = pExpr;
   564    572       pItem->zName = sqlite3NameFromToken(pName);
   565    573     }
   566    574     return pList;
          575  +
          576  +no_mem:     
          577  +  /* Avoid leaking memory if malloc has failed. */
          578  +  sqlite3ExprDelete(pExpr);
          579  +  sqlite3ExprListDelete(pList);
          580  +  return 0;
   567    581   }
   568    582   
   569    583   /*
   570    584   ** Delete an entire expression list.
   571    585   */
   572    586   void sqlite3ExprListDelete(ExprList *pList){
   573    587     int i;
................................................................................
   765    779     NameContext *pTopNC = pNC;        /* First namecontext in the list */
   766    780   
   767    781     assert( pColumnToken && pColumnToken->z ); /* The Z in X.Y.Z cannot be NULL */
   768    782     zDb = sqlite3NameFromToken(pDbToken);
   769    783     zTab = sqlite3NameFromToken(pTableToken);
   770    784     zCol = sqlite3NameFromToken(pColumnToken);
   771    785     if( sqlite3_malloc_failed ){
   772         -    return 1;  /* Leak memory (zDb and zTab) if malloc fails */
          786  +    goto lookupname_end;
   773    787     }
   774    788   
   775    789     pExpr->iTable = -1;
   776    790     while( pNC && cnt==0 ){
   777    791       SrcList *pSrcList = pNC->pSrcList;
   778    792       ExprList *pEList = pNC->pEList;
   779    793   
................................................................................
   943    957       if( n>=sizeof(Bitmask)*8 ){
   944    958         n = sizeof(Bitmask)*8-1;
   945    959       }
   946    960       assert( pMatch->iCursor==pExpr->iTable );
   947    961       pMatch->colUsed |= 1<<n;
   948    962     }
   949    963   
          964  +lookupname_end:
   950    965     /* Clean up and return
   951    966     */
   952    967     sqliteFree(zDb);
   953    968     sqliteFree(zTab);
   954    969     sqliteFree(zCol);
   955    970     sqlite3ExprDelete(pExpr->pLeft);
   956    971     pExpr->pLeft = 0;

Changes to src/insert.c.

     8      8   **    May you find forgiveness for yourself and forgive others.
     9      9   **    May you share freely, never taking more than you give.
    10     10   **
    11     11   *************************************************************************
    12     12   ** This file contains C code routines that are called by the parser
    13     13   ** to handle INSERT statements in SQLite.
    14     14   **
    15         -** $Id: insert.c,v 1.136 2005/02/08 08:42:28 danielk1977 Exp $
           15  +** $Id: insert.c,v 1.137 2005/03/16 12:15:21 danielk1977 Exp $
    16     16   */
    17     17   #include "sqliteInt.h"
    18     18   
    19     19   /*
    20     20   ** Set P3 of the most recently inserted opcode to a column affinity
    21     21   ** string for index pIdx. A column affinity string has one character
    22     22   ** for each column in the table, according to the affinity of the column:
................................................................................
   709    709       sqlite3VdbeAddOp(v, OP_Callback, 1, 0);
   710    710       sqlite3VdbeSetNumCols(v, 1);
   711    711       sqlite3VdbeSetColName(v, 0, "rows inserted", P3_STATIC);
   712    712     }
   713    713   
   714    714   insert_cleanup:
   715    715     sqlite3SrcListDelete(pTabList);
   716         -  if( pList ) sqlite3ExprListDelete(pList);
   717         -  if( pSelect ) sqlite3SelectDelete(pSelect);
          716  +  sqlite3ExprListDelete(pList);
          717  +  sqlite3SelectDelete(pSelect);
   718    718     sqlite3IdListDelete(pColumn);
   719    719   }
   720    720   
   721    721   /*
   722    722   ** Generate code to do a constraint check prior to an INSERT or an UPDATE.
   723    723   **
   724    724   ** When this routine is called, the stack contains (from bottom to top)

Changes to src/parse.y.

    10     10   **
    11     11   *************************************************************************
    12     12   ** This file contains SQLite's grammar for SQL.  Process this file
    13     13   ** using the lemon parser generator to generate C code that runs
    14     14   ** the parser.  Lemon will also generate a header file containing
    15     15   ** numeric codes for all of the tokens.
    16     16   **
    17         -** @(#) $Id: parse.y,v 1.167 2005/03/09 12:26:51 danielk1977 Exp $
           17  +** @(#) $Id: parse.y,v 1.168 2005/03/16 12:15:21 danielk1977 Exp $
    18     18   */
    19     19   %token_prefix TK_
    20     20   %token_type {Token}
    21     21   %default_type {Token}
    22     22   %extra_argument {Parse *pParse}
    23     23   %syntax_error {
    24     24     if( pParse->zErrMsg==0 ){
................................................................................
   708    708   }
   709    709   %ifndef SQLITE_OMIT_SUBQUERY
   710    710     %type in_op {int}
   711    711     in_op(A) ::= IN.      {A = 0;}
   712    712     in_op(A) ::= NOT IN.  {A = 1;}
   713    713     expr(A) ::= expr(X) in_op(N) LP exprlist(Y) RP(E). [IN] {
   714    714       A = sqlite3Expr(TK_IN, X, 0, 0);
   715         -    if( A ) A->pList = Y;
          715  +    if( A ){
          716  +      A->pList = Y;
          717  +    }else{
          718  +      sqlite3ExprListDelete(Y);
          719  +    }
   716    720       if( N ) A = sqlite3Expr(TK_NOT, A, 0, 0);
   717    721       sqlite3ExprSpan(A,&X->span,&E);
   718    722     }
   719    723     expr(A) ::= LP(B) select(X) RP(E). {
   720    724       A = sqlite3Expr(TK_SELECT, 0, 0, 0);
   721    725       if( A ) A->pSelect = X;
          726  +    if( !A ) sqlite3SelectDelete(X);
   722    727       sqlite3ExprSpan(A,&B,&E);
   723    728     }
   724    729     expr(A) ::= expr(X) in_op(N) LP select(Y) RP(E).  [IN] {
   725    730       A = sqlite3Expr(TK_IN, X, 0, 0);
   726    731       if( A ) A->pSelect = Y;
          732  +    if( !A ) sqlite3SelectDelete(Y);
   727    733       if( N ) A = sqlite3Expr(TK_NOT, A, 0, 0);
   728    734       sqlite3ExprSpan(A,&X->span,&E);
   729    735     }
   730    736     expr(A) ::= expr(X) in_op(N) nm(Y) dbnm(Z). [IN] {
   731    737       SrcList *pSrc = sqlite3SrcListAppend(0,&Y,&Z);
   732    738       A = sqlite3Expr(TK_IN, X, 0, 0);
   733    739       if( A ) A->pSelect = sqlite3SelectNew(0,pSrc,0,0,0,0,0,0,0);
................................................................................
   736    742     }
   737    743     expr(A) ::= EXISTS(B) LP select(Y) RP(E). {
   738    744       Expr *p = A = sqlite3Expr(TK_EXISTS, 0, 0, 0);
   739    745       if( p ){
   740    746         p->pSelect = Y;
   741    747         sqlite3ExprSpan(p,&B,&E);
   742    748       }
          749  +    if( !p ) sqlite3SelectDelete(Y);
   743    750     }
   744    751   %endif // SQLITE_OMIT_SUBQUERY
   745    752   
   746    753   /* CASE expressions */
   747    754   expr(A) ::= CASE(C) case_operand(X) case_exprlist(Y) case_else(Z) END(E). {
   748    755     A = sqlite3Expr(TK_CASE, X, Z, 0);
   749    756     if( A ) A->pList = Y;

Changes to src/trigger.c.

    47     47     int op,             /* One of TK_INSERT, TK_UPDATE, TK_DELETE */
    48     48     IdList *pColumns,   /* column list if this is an UPDATE OF trigger */
    49     49     SrcList *pTableName,/* The name of the table/view the trigger applies to */
    50     50     int foreach,        /* One of TK_ROW or TK_STATEMENT */
    51     51     Expr *pWhen,        /* WHEN clause */
    52     52     int isTemp          /* True if the TEMPORARY keyword is present */
    53     53   ){
    54         -  Trigger *pTrigger;
           54  +  Trigger *pTrigger = 0;
    55     55     Table *pTab;
    56     56     char *zName = 0;        /* Name of the trigger */
    57     57     sqlite3 *db = pParse->db;
    58     58     int iDb;                /* The database to store the trigger in */
    59     59     Token *pName;           /* The unqualified db name */
    60     60     DbFixer sFix;
    61     61   
................................................................................
   157    157   
   158    158     /* Build the Trigger object */
   159    159     pTrigger = (Trigger*)sqliteMalloc(sizeof(Trigger));
   160    160     if( pTrigger==0 ) goto trigger_cleanup;
   161    161     pTrigger->name = zName;
   162    162     zName = 0;
   163    163     pTrigger->table = sqliteStrDup(pTableName->a[0].zName);
   164         -  if( sqlite3_malloc_failed ) goto trigger_cleanup;
   165    164     pTrigger->iDb = iDb;
   166    165     pTrigger->iTabDb = pTab->iDb;
   167    166     pTrigger->op = op;
   168    167     pTrigger->tr_tm = tr_tm==TK_BEFORE ? TRIGGER_BEFORE : TRIGGER_AFTER;
   169    168     pTrigger->pWhen = sqlite3ExprDup(pWhen);
   170    169     pTrigger->pColumns = sqlite3IdListDup(pColumns);
   171    170     pTrigger->foreach = foreach;
................................................................................
   174    173     pParse->pNewTrigger = pTrigger;
   175    174   
   176    175   trigger_cleanup:
   177    176     sqliteFree(zName);
   178    177     sqlite3SrcListDelete(pTableName);
   179    178     sqlite3IdListDelete(pColumns);
   180    179     sqlite3ExprDelete(pWhen);
          180  +  if( !pParse->pNewTrigger ){
          181  +    sqlite3DeleteTrigger(pTrigger);
          182  +  }else{
          183  +    assert( pParse->pNewTrigger==pTrigger );
          184  +  }
   181    185   }
   182    186   
   183    187   /*
   184    188   ** This routine is called after all of the trigger actions have been parsed
   185    189   ** in order to complete the process of building the trigger.
   186    190   */
   187    191   void sqlite3FinishTrigger(
................................................................................
   238    242       sqlite3VdbeAddOp(v, OP_Close, 0, 0);
   239    243       sqlite3VdbeOp3(v, OP_ParseSchema, pTrig->iDb, 0, 
   240    244          sqlite3MPrintf("type='trigger' AND name='%q'", pTrig->name), P3_DYNAMIC);
   241    245     }
   242    246   
   243    247     if( db->init.busy ){
   244    248       Table *pTab;
   245         -    sqlite3HashInsert(&db->aDb[pTrig->iDb].trigHash, 
          249  +    Trigger *pDel;
          250  +    pDel = sqlite3HashInsert(&db->aDb[pTrig->iDb].trigHash, 
   246    251                        pTrig->name, strlen(pTrig->name)+1, pTrig);
          252  +    if( pDel ){
          253  +      assert( sqlite3_malloc_failed && pDel==pTrig );
          254  +      goto triggerfinish_cleanup;
          255  +    }
   247    256       pTab = sqlite3LocateTable(pParse,pTrig->table,db->aDb[pTrig->iTabDb].zName);
   248    257       assert( pTab!=0 );
   249    258       pTrig->pNext = pTab->pTrigger;
   250    259       pTab->pTrigger = pTrig;
   251    260       pTrig = 0;
   252    261     }
   253    262   
................................................................................
   324    333     Token *pTableName,  /* Name of the table into which we insert */
   325    334     IdList *pColumn,    /* List of columns in pTableName to insert into */
   326    335     ExprList *pEList,   /* The VALUE clause: a list of values to be inserted */
   327    336     Select *pSelect,    /* A SELECT statement that supplies values */
   328    337     int orconf          /* The conflict algorithm (OE_Abort, OE_Replace, etc.) */
   329    338   ){
   330    339     TriggerStep *pTriggerStep = sqliteMalloc(sizeof(TriggerStep));
   331         -  if( pTriggerStep==0 ) return 0;
   332    340   
   333    341     assert(pEList == 0 || pSelect == 0);
   334    342     assert(pEList != 0 || pSelect != 0);
   335    343   
          344  +  if( pTriggerStep ){
   336    345     pTriggerStep->op = TK_INSERT;
   337    346     pTriggerStep->pSelect = pSelect;
   338    347     pTriggerStep->target  = *pTableName;
   339    348     pTriggerStep->pIdList = pColumn;
   340    349     pTriggerStep->pExprList = pEList;
   341    350     pTriggerStep->orconf = orconf;
   342    351     sqlitePersistTriggerStep(pTriggerStep);
          352  +  }else{
          353  +    sqlite3IdListDelete(pColumn);
          354  +    sqlite3ExprListDelete(pEList);
          355  +    sqlite3SelectDup(pSelect);
          356  +  }
   343    357   
   344    358     return pTriggerStep;
   345    359   }
   346    360   
   347    361   /*
   348    362   ** Construct a trigger step that implements an UPDATE statement and return
   349    363   ** a pointer to that trigger step.  The parser calls this routine when it

Changes to src/vdbeaux.c.

   267    267   ** from sqliteMalloc.
   268    268   **
   269    269   ** If addr<0 then change P3 on the most recently inserted instruction.
   270    270   */
   271    271   void sqlite3VdbeChangeP3(Vdbe *p, int addr, const char *zP3, int n){
   272    272     Op *pOp;
   273    273     assert( p->magic==VDBE_MAGIC_INIT );
   274         -  if( p==0 || p->aOp==0 ) return;
          274  +  if( p==0 || p->aOp==0 ){
          275  +    if( n==P3_DYNAMIC || n==P3_KEYINFO_HANDOFF ){
          276  +      sqliteFree(zP3);
          277  +    }
          278  +    return;
          279  +  }
   275    280     if( addr<0 || addr>=p->nOp ){
   276    281       addr = p->nOp - 1;
   277    282       if( addr<0 ) return;
   278    283     }
   279    284     pOp = &p->aOp[addr];
   280    285     if( pOp->p3 && pOp->p3type==P3_DYNAMIC ){
   281    286       sqliteFree(pOp->p3);

Changes to src/where.c.

    12     12   ** This module contains C code that generates VDBE code used to process
    13     13   ** the WHERE clause of SQL statements.  This module is reponsible for
    14     14   ** generating the code that loops through a table looking for applicable
    15     15   ** rows.  Indices are selected and used to speed the search when doing
    16     16   ** so is applicable.  Because this module is responsible for selecting
    17     17   ** indices, you might also think of this module as the "query optimizer".
    18     18   **
    19         -** $Id: where.c,v 1.135 2005/02/22 09:47:18 danielk1977 Exp $
           19  +** $Id: where.c,v 1.136 2005/03/16 12:15:21 danielk1977 Exp $
    20     20   */
    21     21   #include "sqliteInt.h"
    22     22   
    23     23   /*
    24     24   ** The query generator uses an array of instances of this structure to
    25     25   ** help it analyze the subexpressions of the WHERE clause.  Each WHERE
    26     26   ** clause subexpression is separated from the others by an AND operator.
................................................................................
   641    641     }
   642    642       
   643    643     /* Allocate and initialize the WhereInfo structure that will become the
   644    644     ** return value.
   645    645     */
   646    646     pWInfo = sqliteMalloc( sizeof(WhereInfo) + pTabList->nSrc*sizeof(WhereLevel));
   647    647     if( sqlite3_malloc_failed ){
   648         -    /* sqliteFree(pWInfo); // Leak memory when malloc fails */
          648  +    sqliteFree(pWInfo); /* Avoid leaking memory when malloc fails */
   649    649       return 0;
   650    650     }
   651    651     pWInfo->pParse = pParse;
   652    652     pWInfo->pTabList = pTabList;
   653    653     pWInfo->iBreak = sqlite3VdbeMakeLabel(v);
   654    654   
   655    655     /* Special case: a WHERE clause that is constant.  Evaluate the

Changes to test/memleak.test.

     6      6   #    May you do good and not evil.
     7      7   #    May you find forgiveness for yourself and forgive others.
     8      8   #    May you share freely, never taking more than you give.
     9      9   #
    10     10   #***********************************************************************
    11     11   # This file runs all tests.
    12     12   #
    13         -# $Id: memleak.test,v 1.8 2005/01/17 07:53:44 danielk1977 Exp $
           13  +# $Id: memleak.test,v 1.9 2005/03/16 12:15:22 danielk1977 Exp $
    14     14   
    15     15   set testdir [file dirname $argv0]
    16     16   source $testdir/tester.tcl
    17     17   rename finish_test really_finish_test
    18     18   proc finish_test {} {
    19     19     catch {db close}
    20     20     memleak_check
................................................................................
    31     31   # grows, it may mean there is a memory leak in the library.
    32     32   #
    33     33   set LeakList {}
    34     34   
    35     35   set EXCLUDE {
    36     36     all.test
    37     37     quick.test
    38         -  malloc.test
    39     38     misuse.test
    40     39     memleak.test
    41     40     btree2.test
    42     41     trans.test
    43     42     crash.test
    44     43     autovacuum_crash.test
    45     44   }