SQLite

Check-in [506008f000]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a malloc/free mismatch in pager.c (sqlite3_free() called on a buffer allocated by sqlite3DbMalloc()).
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 506008f000ba4af0b35da023b8c52f7a3f5033bd
User & Date: dan 2012-06-07 07:24:04.829
Context
2012-06-07
15:53
Add the "tokenchars=" and "separators=" options, for customizing the set of characters considered to be token separators, to the unicode61 tokenizer. (check-in: e56fb462aa user: dan tags: trunk)
07:24
Fix a malloc/free mismatch in pager.c (sqlite3_free() called on a buffer allocated by sqlite3DbMalloc()). (check-in: 506008f000 user: dan tags: trunk)
02:35
Provide an (undocumented) compile-time option to disable the page cache overflow counter, in order to avoid a mutex. (check-in: 208825cd83 user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/pager.c. 
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386

  /* Compute and store the full pathname in an allocated buffer pointed
  ** to by zPathname, length nPathname. Or, if this is a temporary file,
  ** leave both nPathname and zPathname set to 0.
  */
  if( zFilename && zFilename[0] ){
    const char *z;
    nPathname = pVfs->mxPathname+1;
    zPathname = sqlite3Malloc(nPathname*2);
    if( zPathname==0 ){
      return SQLITE_NOMEM;
    }
    zPathname[0] = 0; /* Make sure initialized even if FullPathname() fails */
    rc = sqlite3OsFullPathname(pVfs, zFilename, nPathname, zPathname);
    nPathname = sqlite3Strlen30(zPathname);
    z = zUri = &zFilename[sqlite3Strlen30(zFilename)+1];








|








4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386

  /* Compute and store the full pathname in an allocated buffer pointed
  ** to by zPathname, length nPathname. Or, if this is a temporary file,
  ** leave both nPathname and zPathname set to 0.
  */
  if( zFilename && zFilename[0] ){
    const char *z;
    nPathname = pVfs->mxPathname+1;
    zPathname = sqlite3DbMallocRaw(0, nPathname*2);
    if( zPathname==0 ){
      return SQLITE_NOMEM;
    }
    zPathname[0] = 0; /* Make sure initialized even if FullPathname() fails */
    rc = sqlite3OsFullPathname(pVfs, zFilename, nPathname, zPathname);
    nPathname = sqlite3Strlen30(zPathname);
    z = zUri = &zFilename[sqlite3Strlen30(zFilename)+1];

4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410

      ** bytes in length. This means the database cannot be opened,
      ** as it will not be possible to open the journal file or even
      ** check for a hot-journal before reading.
      */
      rc = SQLITE_CANTOPEN_BKPT;
    }
    if( rc!=SQLITE_OK ){
      sqlite3_free(zPathname);
      return rc;
    }
  }

  /* Allocate memory for the Pager structure, PCache object, the
  ** three file descriptors, the database file name and the journal 
  ** file name. The layout in memory is as follows:








|








4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410

      ** bytes in length. This means the database cannot be opened,
      ** as it will not be possible to open the journal file or even
      ** check for a hot-journal before reading.
      */
      rc = SQLITE_CANTOPEN_BKPT;
    }
    if( rc!=SQLITE_OK ){
      sqlite3DbFree(0, zPathname);
      return rc;
    }
  }

  /* Allocate memory for the Pager structure, PCache object, the
  ** three file descriptors, the database file name and the journal 
  ** file name. The layout in memory is as follows:

4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440

    nPathname + 8 + 2              /* zJournal */
#ifndef SQLITE_OMIT_WAL
    + nPathname + 4 + 2            /* zWal */
#endif
  );
  assert( EIGHT_BYTE_ALIGNMENT(SQLITE_INT_TO_PTR(journalFileSize)) );
  if( !pPtr ){
    sqlite3_free(zPathname);
    return SQLITE_NOMEM;
  }
  pPager =              (Pager*)(pPtr);
  pPager->pPCache =    (PCache*)(pPtr += ROUND8(sizeof(*pPager)));
  pPager->fd =   (sqlite3_file*)(pPtr += ROUND8(pcacheSize));
  pPager->sjfd = (sqlite3_file*)(pPtr += ROUND8(pVfs->szOsFile));
  pPager->jfd =  (sqlite3_file*)(pPtr += journalFileSize);








|








4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440

    nPathname + 8 + 2              /* zJournal */
#ifndef SQLITE_OMIT_WAL
    + nPathname + 4 + 2            /* zWal */
#endif
  );
  assert( EIGHT_BYTE_ALIGNMENT(SQLITE_INT_TO_PTR(journalFileSize)) );
  if( !pPtr ){
    sqlite3DbFree(0, zPathname);
    return SQLITE_NOMEM;
  }
  pPager =              (Pager*)(pPtr);
  pPager->pPCache =    (PCache*)(pPtr += ROUND8(sizeof(*pPager)));
  pPager->fd =   (sqlite3_file*)(pPtr += ROUND8(pcacheSize));
  pPager->sjfd = (sqlite3_file*)(pPtr += ROUND8(pVfs->szOsFile));
  pPager->jfd =  (sqlite3_file*)(pPtr += journalFileSize);

4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466

    sqlite3FileSuffix3(pPager->zFilename, pPager->zJournal);
#ifndef SQLITE_OMIT_WAL
    pPager->zWal = &pPager->zJournal[nPathname+8+1];
    memcpy(pPager->zWal, zPathname, nPathname);
    memcpy(&pPager->zWal[nPathname], "-wal\000", 4+1);
    sqlite3FileSuffix3(pPager->zFilename, pPager->zWal);
#endif
    sqlite3_free(zPathname);
  }
  pPager->pVfs = pVfs;
  pPager->vfsFlags = vfsFlags;

  /* Open the pager file.
  */
  if( zFilename && zFilename[0] ){








|








4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466

    sqlite3FileSuffix3(pPager->zFilename, pPager->zJournal);
#ifndef SQLITE_OMIT_WAL
    pPager->zWal = &pPager->zJournal[nPathname+8+1];
    memcpy(pPager->zWal, zPathname, nPathname);
    memcpy(&pPager->zWal[nPathname], "-wal\000", 4+1);
    sqlite3FileSuffix3(pPager->zFilename, pPager->zWal);
#endif
    sqlite3DbFree(0, zPathname);
  }
  pPager->pVfs = pVfs;
  pPager->vfsFlags = vfsFlags;

  /* Open the pager file.
  */
  if( zFilename && zFilename[0] ){
Changes to test/capi3.test. 
779
780
781
782
783
784
785

786
787
788
789
790
791
792

set test_number 1
foreach {code english} $code2english {
  do_test capi3-9.$test_number "sqlite3_test_errstr $code" $english
  incr test_number
}

# Test the error message when a "real" out of memory occurs.

ifcapable memdebug {
  do_test capi3-10-1 {
    sqlite3 db test.db
    set DB [sqlite3_connection_pointer db]
    sqlite3_memdebug_fail 1
    catchsql {
      select * from sqlite_master;








>








779
780
781
782
783
784
785
786
787
788
789
790
791
792
793

set test_number 1
foreach {code english} $code2english {
  do_test capi3-9.$test_number "sqlite3_test_errstr $code" $english
  incr test_number
}

# Test the error message when a "real" out of memory occurs.
if { [permutation] != "nofaultsim" } {
ifcapable memdebug {
  do_test capi3-10-1 {
    sqlite3 db test.db
    set DB [sqlite3_connection_pointer db]
    sqlite3_memdebug_fail 1
    catchsql {
      select * from sqlite_master;

816
817
818
819
820
821
822

823
824
825
826
827
828
829

  ifcapable {utf16} {
    do_test capi3-10-6 {
      utf8 [sqlite3_errmsg16 $::DB]
    } {out of memory}
  }
  db close
  sqlite3_memdebug_fail -1

}

# The following tests - capi3-11.* - test that a COMMIT or ROLLBACK
# statement issued while there are still outstanding VMs that are part of
# the transaction fails.
sqlite3 db test.db
set DB [sqlite3_connection_pointer db]








>








817
818
819
820
821
822
823
824
825
826
827
828
829
830
831

  ifcapable {utf16} {
    do_test capi3-10-6 {
      utf8 [sqlite3_errmsg16 $::DB]
    } {out of memory}
  }
  db close
  sqlite3_memdebug_fail -1
}
}

# The following tests - capi3-11.* - test that a COMMIT or ROLLBACK
# statement issued while there are still outstanding VMs that are part of
# the transaction fails.
sqlite3 db test.db
set DB [sqlite3_connection_pointer db]
Changes to test/capi3c.test. 
747
748
749
750
751
752
753

754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772

773
774
775
776
777
778
779

set test_number 1
foreach {code english} $code2english {
  do_test capi3c-9.$test_number "sqlite3_test_errstr $code" $english
  incr test_number
}

# Test the error message when a "real" out of memory occurs.

ifcapable memdebug {
  do_test capi3c-10-1 {
    sqlite3 db test.db
    set DB [sqlite3_connection_pointer db]
    sqlite3_memdebug_fail 0
    catchsql {
      select * from sqlite_master;
    }
  } {1 {out of memory}}
  do_test capi3c-10-2 {
    sqlite3_errmsg $::DB
  } {out of memory}
  ifcapable {utf16} {
    do_test capi3c-10-3 {
      utf8 [sqlite3_errmsg16 $::DB]
    } {out of memory}
  }
  db close
  sqlite3_memdebug_fail -1

}

# The following tests - capi3c-11.* - test that a COMMIT or ROLLBACK
# statement issued while there are still outstanding VMs that are part of
# the transaction fails.
sqlite3 db test.db
set DB [sqlite3_connection_pointer db]








>



















>








747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781

set test_number 1
foreach {code english} $code2english {
  do_test capi3c-9.$test_number "sqlite3_test_errstr $code" $english
  incr test_number
}

# Test the error message when a "real" out of memory occurs.
if { [permutation] != "nofaultsim" } {
ifcapable memdebug {
  do_test capi3c-10-1 {
    sqlite3 db test.db
    set DB [sqlite3_connection_pointer db]
    sqlite3_memdebug_fail 0
    catchsql {
      select * from sqlite_master;
    }
  } {1 {out of memory}}
  do_test capi3c-10-2 {
    sqlite3_errmsg $::DB
  } {out of memory}
  ifcapable {utf16} {
    do_test capi3c-10-3 {
      utf8 [sqlite3_errmsg16 $::DB]
    } {out of memory}
  }
  db close
  sqlite3_memdebug_fail -1
}
}

# The following tests - capi3c-11.* - test that a COMMIT or ROLLBACK
# statement issued while there are still outstanding VMs that are part of
# the transaction fails.
sqlite3 db test.db
set DB [sqlite3_connection_pointer db]
Changes to test/permutations.test. 
184
185
186
187
188
189
190















191
192
193
194
195
196
197

  fts3aux1.test fts3comp1.test fts3auto.test
  fts4aa.test fts4content.test
  fts3conf.test fts3prefix.test fts3fault2.test fts3corrupt.test
  fts3corrupt2.test fts3first.test fts4langid.test fts4merge.test
  fts4check.test fts4unicode.test
}

















lappend ::testsuitelist xxx
#-------------------------------------------------------------------------
# Define the coverage related test suites:
#
#   coverage-wal
#








>
>
>
>
>
>
>
>
>
>
>
>
>
>
>








184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212

  fts3aux1.test fts3comp1.test fts3auto.test
  fts4aa.test fts4content.test
  fts3conf.test fts3prefix.test fts3fault2.test fts3corrupt.test
  fts3corrupt2.test fts3first.test fts4langid.test fts4merge.test
  fts4check.test fts4unicode.test
}

test_suite "nofaultsim" -prefix "" -description {
  "Very" quick test suite. Runs in less than 5 minutes on a workstation. 
  This test suite is the same as the "quick" tests, except that some files
  that test malloc and IO errors are omitted.
} -files [
  test_set $allquicktests -exclude *malloc* *ioerr* *fault*
] -initialize {
  catch {db close}
  sqlite3_shutdown
  install_malloc_faultsim 0
  sqlite3_initialize
  autoinstall_test_functions
} -shutdown {
  unset -nocomplain ::G(valgrind)
}

lappend ::testsuitelist xxx
#-------------------------------------------------------------------------
# Define the coverage related test suites:
#
#   coverage-wal
#