/ Check-in [b05cae36]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Avoid using a zero-sized array within a struct in fts3 code.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: b05cae36cedd98d59813e637f328a52eee7ef0d2
User & Date: dan 2015-05-26 17:29:48
Context
2015-05-26
17:33
Add a cast to one side of the test added by [97806a78] in order to avoid a signed/unsigned comparison warning. check-in: 5b46d2a7 user: dan tags: trunk
17:29
Avoid using a zero-sized array within a struct in fts3 code. check-in: b05cae36 user: dan tags: trunk
16:12
Fix another bug in the in-memory VFS for fuzzcheck. check-in: 16878a31 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to ext/fts3/fts3_snippet.c.

   100    100   ** for details.
   101    101   */
   102    102   struct MatchinfoBuffer {
   103    103     u8 aRef[3];
   104    104     int nElem;
   105    105     int bGlobal;                    /* Set if global data is loaded */
   106    106     char *zMatchinfo;
   107         -  u32 aMatchinfo[0];
          107  +  u32 aMatchinfo[1];
   108    108   };
   109    109   
   110    110   
   111    111   /*
   112    112   ** The snippet() and offsets() functions both return text values. An instance
   113    113   ** of the following structure is used to accumulate those values while the
   114    114   ** functions are running. See fts3StringAppend() for details.
................................................................................
   126    126   */
   127    127   
   128    128   /*
   129    129   ** Allocate a two-slot MatchinfoBuffer object.
   130    130   */
   131    131   static MatchinfoBuffer *fts3MIBufferNew(int nElem, const char *zMatchinfo){
   132    132     MatchinfoBuffer *pRet;
   133         -  int nByte = sizeof(u32) * (2*nElem + 2) + sizeof(MatchinfoBuffer);
          133  +  int nByte = sizeof(u32) * (2*nElem + 1) + sizeof(MatchinfoBuffer);
   134    134     int nStr = (int)strlen(zMatchinfo);
   135    135   
   136    136     pRet = sqlite3_malloc(nByte + nStr+1);
   137    137     if( pRet ){
   138    138       memset(pRet, 0, nByte);
   139    139       pRet->aMatchinfo[0] = (u8*)(&pRet->aMatchinfo[1]) - (u8*)pRet;
   140    140       pRet->aMatchinfo[1+nElem] = pRet->aMatchinfo[0] + sizeof(u32)*(nElem+1);