Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix an NULL deref in the randomblob() function following a malloc failure. (CVS 3940) |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
011e7db253f9a60c19977215eab16879 |
| User & Date: | drh 2007-05-07 19:31:16 |
Context
|
2007-05-08
| ||
| 01:08 | Begin implementing a new system of upper bounds on the capabilities of SQLite. By clearly defining the upper bounds, we make those upper bounds explicitly testable. This check-in is just infrastructure. The upper bounds are not yet enforced. (CVS 3941) check-in: 93b623b2 user: drh tags: trunk | |
|
2007-05-07
| ||
| 19:31 | Fix an NULL deref in the randomblob() function following a malloc failure. (CVS 3940) check-in: 011e7db2 user: drh tags: trunk | |
| 16:58 | Add a version of the LIKE operator to the icu extension. Requires optimisation. (CVS 3939) check-in: 3e96105c user: danielk1977 tags: trunk | |
Changes
Changes to src/func.c.
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
...
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
|
** This file contains the C functions that implement various SQL ** functions of SQLite. ** ** There is only one exported symbol in this file - the function ** sqliteRegisterBuildinFunctions() found at the bottom of the file. ** All other code has file scope. ** ** $Id: func.c,v 1.145 2007/05/04 13:15:56 drh Exp $ */ #include "sqliteInt.h" #include <ctype.h> /* #include <math.h> */ #include <stdlib.h> #include <assert.h> #include "vdbeInt.h" ................................................................................ sqlite3_value **argv ){ int n; unsigned char *p; assert( argc==1 ); n = sqlite3_value_int(argv[0]); if( n<1 ) n = 1; p = sqlite3_malloc(n); sqlite3Randomness(n, p); sqlite3_result_blob(context, (char*)p, n, sqlite3_free); } /* ** Implementation of the last_insert_rowid() SQL function. The return ** value is the same as the sqlite3_last_insert_rowid() API function. */ static void last_insert_rowid( |
|
|
>
|
|
>
|
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
...
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
|
** This file contains the C functions that implement various SQL ** functions of SQLite. ** ** There is only one exported symbol in this file - the function ** sqliteRegisterBuildinFunctions() found at the bottom of the file. ** All other code has file scope. ** ** $Id: func.c,v 1.146 2007/05/07 19:31:16 drh Exp $ */ #include "sqliteInt.h" #include <ctype.h> /* #include <math.h> */ #include <stdlib.h> #include <assert.h> #include "vdbeInt.h" ................................................................................ sqlite3_value **argv ){ int n; unsigned char *p; assert( argc==1 ); n = sqlite3_value_int(argv[0]); if( n<1 ) n = 1; p = sqliteMalloc(n); if( p ){ sqlite3Randomness(n, p); sqlite3_result_blob(context, (char*)p, n, sqlite3FreeX); } } /* ** Implementation of the last_insert_rowid() SQL function. The return ** value is the same as the sqlite3_last_insert_rowid() API function. */ static void last_insert_rowid( |
Changes to test/malloc8.test.
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
...
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
|
# May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # This file contains additional out-of-memory checks (see malloc.tcl) # added to expose a bug in out-of-memory handling for sqlite3_value_text() # # $Id: malloc8.test,v 1.2 2007/04/30 21:39:16 drh Exp $ set testdir [file dirname $argv0] source $testdir/tester.tcl # Only run these tests if memory debugging is turned on. # if {[info command sqlite_malloc_stat]==""} { ................................................................................ } do_malloc_test 4 -sqlbody { SELECT julianday(a,a) FROM t1; } do_malloc_test 5 -sqlbody { SELECT 1 FROM t1 WHERE a LIKE 'hello' ESCAPE NULL; } # Ensure that no file descriptors were leaked. do_test malloc-99.X { catch {db close} set sqlite_open_file_count } {0} sqlite_malloc_fail 0 finish_test |
|
>
>
>
|
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
...
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
|
# May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # This file contains additional out-of-memory checks (see malloc.tcl) # added to expose a bug in out-of-memory handling for sqlite3_value_text() # # $Id: malloc8.test,v 1.3 2007/05/07 19:31:17 drh Exp $ set testdir [file dirname $argv0] source $testdir/tester.tcl # Only run these tests if memory debugging is turned on. # if {[info command sqlite_malloc_stat]==""} { ................................................................................ } do_malloc_test 4 -sqlbody { SELECT julianday(a,a) FROM t1; } do_malloc_test 5 -sqlbody { SELECT 1 FROM t1 WHERE a LIKE 'hello' ESCAPE NULL; } do_malloc_test 6 -sqlbody { SELECT hex(randomblob(100)); } # Ensure that no file descriptors were leaked. do_test malloc-99.X { catch {db close} set sqlite_open_file_count } {0} sqlite_malloc_fail 0 finish_test |