Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Do not allow pointer arithmetic to move a pointer across a memory allocation boundary. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
85b979319bcb8ec301ae39b36ad60348 |
User & Date: | drh 2016-04-05 13:19:19.622 |
Context
2016-04-05
| ||
13:35 | Use SQLITE_WITHIN() for pointer range comparisons in some testing code. (check-in: 7cacf4e954 user: drh tags: trunk) | |
13:19 | Do not allow pointer arithmetic to move a pointer across a memory allocation boundary. (check-in: 85b979319b user: drh tags: trunk) | |
2016-04-04
| ||
18:04 | Fix documentation typos. Comment changes only. No changes to code. (check-in: d5fc2f7f90 user: drh tags: trunk) | |
Changes
Changes to src/btree.c.
︙ | ︙ | |||
6541 6542 6543 6544 6545 6546 6547 6548 | int iEnd = iFirst + nCell; assert( CORRUPT_DB || pPg->hdrOffset==0 ); /* Never called on page 1 */ for(i=iFirst; i<iEnd; i++){ int sz, rc; u8 *pSlot; sz = cachedCellSize(pCArray, i); if( (aData[1]==0 && aData[2]==0) || (pSlot = pageFindSlot(pPg,sz,&rc))==0 ){ pData -= sz; | > < | 6541 6542 6543 6544 6545 6546 6547 6548 6549 6550 6551 6552 6553 6554 6555 6556 | int iEnd = iFirst + nCell; assert( CORRUPT_DB || pPg->hdrOffset==0 ); /* Never called on page 1 */ for(i=iFirst; i<iEnd; i++){ int sz, rc; u8 *pSlot; sz = cachedCellSize(pCArray, i); if( (aData[1]==0 && aData[2]==0) || (pSlot = pageFindSlot(pPg,sz,&rc))==0 ){ if( (pData - pBegin)<sz ) return 1; pData -= sz; pSlot = pData; } /* pSlot and pCArray->apCell[i] will never overlap on a well-formed ** database. But they might for a corrupt database. Hence use memmove() ** since memcpy() sends SIGABORT with overlapping buffers on OpenBSD */ assert( (pSlot+sz)<=pCArray->apCell[i] || pSlot>=(pCArray->apCell[i]+sz) |
︙ | ︙ |