/ Check-in [0d345e59]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Remove incorrect NEVER() macros from malloc.c. The allocations can be exceeded using sqlite3_malloc() and sqlite3_realloc(). (CVS 6826)
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:0d345e5923ff92a87195f6c04a29a56bf67ee43c
User & Date: drh 2009-06-26 18:35:17
Context
2009-06-27
00:48
Fix a bug in sqlite3_realloc() - if called with a size of more than 2147483392 it returns 0 but it also releases the prior allocation. (CVS 6827) check-in: 653df0af user: drh tags: trunk
2009-06-26
18:35
Remove incorrect NEVER() macros from malloc.c. The allocations can be exceeded using sqlite3_malloc() and sqlite3_realloc(). (CVS 6826) check-in: 0d345e59 user: drh tags: trunk
16:32
Removed a few compiler warnings under MSVC. (CVS 6825) check-in: f01a9fc3 user: shane tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/malloc.c.

     8      8   **    May you find forgiveness for yourself and forgive others.
     9      9   **    May you share freely, never taking more than you give.
    10     10   **
    11     11   *************************************************************************
    12     12   **
    13     13   ** Memory allocation functions used throughout sqlite.
    14     14   **
    15         -** $Id: malloc.c,v 1.62 2009/05/03 20:23:54 drh Exp $
           15  +** $Id: malloc.c,v 1.63 2009/06/26 18:35:17 drh Exp $
    16     16   */
    17     17   #include "sqliteInt.h"
    18     18   #include <stdarg.h>
    19     19   
    20     20   /*
    21     21   ** This routine runs when the memory allocator sees that the
    22     22   ** total memory allocation is about to exceed the soft heap
................................................................................
   262    262   
   263    263   /*
   264    264   ** Allocate memory.  This routine is like sqlite3_malloc() except that it
   265    265   ** assumes the memory subsystem has already been initialized.
   266    266   */
   267    267   void *sqlite3Malloc(int n){
   268    268     void *p;
   269         -  if( n<=0 || NEVER(n>=0x7fffff00) ){
   270         -    /* The NEVER(n>=0x7fffff00) term is added out of paranoia.  We want to make
   271         -    ** absolutely sure that there is nothing within SQLite that can cause a
   272         -    ** memory allocation of a number of bytes which is near the maximum signed
   273         -    ** integer value and thus cause an integer overflow inside of the xMalloc()
   274         -    ** implementation.  The n>=0x7fffff00 gives us 255 bytes of headroom.  The
   275         -    ** test should never be true because SQLITE_MAX_LENGTH should be much
   276         -    ** less than 0x7fffff00 and it should catch large memory allocations
   277         -    ** before they reach this point. */
          269  +  if( n<=0 || n>=0x7fffff00 ){
          270  +    /* A memory allocation of a number of bytes which is near the maximum
          271  +    ** signed integer value might cause an integer overflow inside of the
          272  +    ** xMalloc().  Hence we limit the maximum size to 0x7fffff00, giving
          273  +    ** 255 bytes of overhead.  SQLite itself will never use anything near
          274  +    ** this amount.  The only way to reach the limit is with sqlite3_malloc() */
   278    275       p = 0;
   279    276     }else if( sqlite3GlobalConfig.bMemstat ){
   280    277       sqlite3_mutex_enter(mem0.mutex);
   281    278       mallocWithAlarm(n, &p);
   282    279       sqlite3_mutex_leave(mem0.mutex);
   283    280     }else{
   284    281       p = sqlite3GlobalConfig.m.xMalloc(n);
................................................................................
   472    469   */
   473    470   void *sqlite3Realloc(void *pOld, int nBytes){
   474    471     int nOld, nNew;
   475    472     void *pNew;
   476    473     if( pOld==0 ){
   477    474       return sqlite3Malloc(nBytes);
   478    475     }
   479         -  if( nBytes<=0 || NEVER(nBytes>=0x7fffff00) ){
   480         -    /* The NEVER(...) term is explained in comments on sqlite3Malloc() */
          476  +  if( nBytes<=0 || nBytes>=0x7fffff00 ){
          477  +    /* The 0x7ffff00 limit term is explained in comments on sqlite3Malloc() */
   481    478       sqlite3_free(pOld);
   482    479       return 0;
   483    480     }
   484    481     nOld = sqlite3MallocSize(pOld);
   485    482     if( sqlite3GlobalConfig.bMemstat ){
   486    483       sqlite3_mutex_enter(mem0.mutex);
   487    484       sqlite3StatusSet(SQLITE_STATUS_MALLOC_SIZE, nBytes);