Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Do not allow pointer arithmetic to move a pointer across a memory allocation boundary. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | 85b979319bcb8ec301ae39b36ad60348 |
| User & Date: | drh 2016-04-05 13:19:19 |
Context
|
2016-04-05
| ||
| 13:35 | Use SQLITE_WITHIN() for pointer range comparisons in some testing code. check-in: 7cacf4e9 user: drh tags: trunk | |
| 13:19 | Do not allow pointer arithmetic to move a pointer across a memory allocation boundary. check-in: 85b97931 user: drh tags: trunk | |
|
2016-04-04
| ||
| 18:04 | Fix documentation typos. Comment changes only. No changes to code. check-in: d5fc2f7f user: drh tags: trunk | |
Changes
Changes to src/btree.c.
6541 6542 6543 6544 6545 6546 6547 6548 6549 6550 6551 6552 6553 6554 6555 6556 |
int iEnd = iFirst + nCell;
assert( CORRUPT_DB || pPg->hdrOffset==0 ); /* Never called on page 1 */
for(i=iFirst; i<iEnd; i++){
int sz, rc;
u8 *pSlot;
sz = cachedCellSize(pCArray, i);
if( (aData[1]==0 && aData[2]==0) || (pSlot = pageFindSlot(pPg,sz,&rc))==0 ){
pData -= sz;
if( pData<pBegin ) return 1;
pSlot = pData;
}
/* pSlot and pCArray->apCell[i] will never overlap on a well-formed
** database. But they might for a corrupt database. Hence use memmove()
** since memcpy() sends SIGABORT with overlapping buffers on OpenBSD */
assert( (pSlot+sz)<=pCArray->apCell[i]
|| pSlot>=(pCArray->apCell[i]+sz)
|
> < |
6541 6542 6543 6544 6545 6546 6547 6548 6549 6550 6551 6552 6553 6554 6555 6556 |
int iEnd = iFirst + nCell;
assert( CORRUPT_DB || pPg->hdrOffset==0 ); /* Never called on page 1 */
for(i=iFirst; i<iEnd; i++){
int sz, rc;
u8 *pSlot;
sz = cachedCellSize(pCArray, i);
if( (aData[1]==0 && aData[2]==0) || (pSlot = pageFindSlot(pPg,sz,&rc))==0 ){
if( (pData - pBegin)<sz ) return 1;
pData -= sz;
pSlot = pData;
}
/* pSlot and pCArray->apCell[i] will never overlap on a well-formed
** database. But they might for a corrupt database. Hence use memmove()
** since memcpy() sends SIGABORT with overlapping buffers on OpenBSD */
assert( (pSlot+sz)<=pCArray->apCell[i]
|| pSlot>=(pCArray->apCell[i]+sz)
|