Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Fix a problem in vdbe.c that could cause a double-free of memory if the SQLITE_LIMIT_LENGTH is changed after a statement is prepared but before it is run. Also remove debugging statements from tkt3841.test. (CVS 6777) |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
3d7327fd6af983d5ce9bc9a2ba869b23 |
User & Date: | drh 2009-06-17 21:42:34.000 |
Context
2009-06-17
| ||
22:50 | Avoid an assertion fault if an out-of-memory error occurs while trying to run the string-concatentation operator on a zero-blob. (This is an absurd thing to do, but even so, we still should not fault.) (CVS 6778) (check-in: 0def0b76b9 user: drh tags: trunk) | |
21:42 | Fix a problem in vdbe.c that could cause a double-free of memory if the SQLITE_LIMIT_LENGTH is changed after a statement is prepared but before it is run. Also remove debugging statements from tkt3841.test. (CVS 6777) (check-in: 3d7327fd6a user: drh tags: trunk) | |
16:20 | Use caution to avoid integer overflow when doing real to integer affinity operations. Ticket #3922. (CVS 6776) (check-in: 392559465d user: drh tags: trunk) | |
Changes
Changes to src/vdbe.c.
︙ | ︙ | |||
39 40 41 42 43 44 45 | ** ** Various scripts scan this source file in order to generate HTML ** documentation, headers files, or other derived files. The formatting ** of the code in this file is, therefore, important. See other comments ** in this file for details. If in doubt, do not deviate from existing ** commenting and indentation practices when changing or adding code. ** | | | 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 | ** ** Various scripts scan this source file in order to generate HTML ** documentation, headers files, or other derived files. The formatting ** of the code in this file is, therefore, important. See other comments ** in this file for details. If in doubt, do not deviate from existing ** commenting and indentation practices when changing or adding code. ** ** $Id: vdbe.c,v 1.853 2009/06/17 21:42:34 drh Exp $ */ #include "sqliteInt.h" #include "vdbeInt.h" /* ** The following global variable is incremented every time a cursor ** moves, either by the OP_SeekXX, OP_Next, or OP_Prev opcodes. The test |
︙ | ︙ | |||
904 905 906 907 908 909 910 | case OP_String8: { /* same as TK_STRING, out2-prerelease */ assert( pOp->p4.z!=0 ); pOp->opcode = OP_String; pOp->p1 = sqlite3Strlen30(pOp->p4.z); #ifndef SQLITE_OMIT_UTF16 if( encoding!=SQLITE_UTF8 ){ | | > < > > < < < < < | 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 | case OP_String8: { /* same as TK_STRING, out2-prerelease */ assert( pOp->p4.z!=0 ); pOp->opcode = OP_String; pOp->p1 = sqlite3Strlen30(pOp->p4.z); #ifndef SQLITE_OMIT_UTF16 if( encoding!=SQLITE_UTF8 ){ rc = sqlite3VdbeMemSetStr(pOut, pOp->p4.z, -1, SQLITE_UTF8, SQLITE_STATIC); if( rc==SQLITE_TOOBIG ) goto too_big; if( SQLITE_OK!=sqlite3VdbeChangeEncoding(pOut, encoding) ) goto no_mem; assert( pOut->zMalloc==pOut->z ); assert( pOut->flags & MEM_Dyn ); pOut->zMalloc = 0; pOut->flags |= MEM_Static; pOut->flags &= ~MEM_Dyn; if( pOp->p4type==P4_DYNAMIC ){ sqlite3DbFree(db, pOp->p4.z); } pOp->p4type = P4_DYNAMIC; pOp->p4.z = pOut->z; pOp->p1 = pOut->n; } #endif if( pOp->p1>db->aLimit[SQLITE_LIMIT_LENGTH] ){ goto too_big; } /* Fall through to the next case, OP_String */ } |
︙ | ︙ |
Changes to test/tkt3841.test.
︙ | ︙ | |||
32 33 34 35 36 37 38 | INSERT INTO list VALUES ("a", 1); INSERT INTO list VALUES ("a", 2); INSERT INTO list VALUES ("a", 3); INSERT INTO list VALUES ("b", 4); INSERT INTO list VALUES ("b", 5); INSERT INTO list VALUES ("b", 6); | < | 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | INSERT INTO list VALUES ("a", 1); INSERT INTO list VALUES ("a", 2); INSERT INTO list VALUES ("a", 3); INSERT INTO list VALUES ("b", 4); INSERT INTO list VALUES ("b", 5); INSERT INTO list VALUES ("b", 6); SELECT table2.x, (SELECT group_concat(list.value) FROM list WHERE list.key = table2.key) FROM table2; } |
︙ | ︙ |