/ Check-in [49f22e55]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix an instance where sqlite3JumpHere() might be called with a negative address following an OOM fault. (CVS 6828)
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:49f22e55d69d0b5a34400b36332a2eb861362eb2
User & Date: drh 2009-06-27 11:17:35
Context
2009-06-27
14:10
Version 3.6.16 (CVS 6829) check-in: ff691a6b user: drh tags: trunk, release
11:17
Fix an instance where sqlite3JumpHere() might be called with a negative address following an OOM fault. (CVS 6828) check-in: 49f22e55 user: drh tags: trunk
00:48
Fix a bug in sqlite3_realloc() - if called with a size of more than 2147483392 it returns 0 but it also releases the prior allocation. (CVS 6827) check-in: 653df0af user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/update.c.

     8      8   **    May you find forgiveness for yourself and forgive others.
     9      9   **    May you share freely, never taking more than you give.
    10     10   **
    11     11   *************************************************************************
    12     12   ** This file contains C code routines that are called by the parser
    13     13   ** to handle UPDATE statements.
    14     14   **
    15         -** $Id: update.c,v 1.203 2009/06/23 20:28:54 drh Exp $
           15  +** $Id: update.c,v 1.204 2009/06/27 11:17:35 drh Exp $
    16     16   */
    17     17   #include "sqliteInt.h"
    18     18   
    19     19   #ifndef SQLITE_OMIT_VIRTUALTABLE
    20     20   /* Forward declaration */
    21     21   static void updateVirtualTable(
    22     22     Parse *pParse,       /* The parsing context */
................................................................................
   665    665     */
   666    666     sqlite3SelectDestInit(&dest, SRT_Table, ephemTab);
   667    667     sqlite3Select(pParse, pSelect, &dest);
   668    668   
   669    669     /* Generate code to scan the ephemeral table and call VUpdate. */
   670    670     iReg = ++pParse->nMem;
   671    671     pParse->nMem += pTab->nCol+1;
   672         -  sqlite3VdbeAddOp2(v, OP_Rewind, ephemTab, 0);
   673         -  addr = sqlite3VdbeCurrentAddr(v);
          672  +  addr = sqlite3VdbeAddOp2(v, OP_Rewind, ephemTab, 0);
   674    673     sqlite3VdbeAddOp3(v, OP_Column,  ephemTab, 0, iReg);
   675    674     sqlite3VdbeAddOp3(v, OP_Column, ephemTab, (pRowid?1:0), iReg+1);
   676    675     for(i=0; i<pTab->nCol; i++){
   677    676       sqlite3VdbeAddOp3(v, OP_Column, ephemTab, i+1+(pRowid!=0), iReg+2+i);
   678    677     }
   679    678     sqlite3VtabMakeWritable(pParse, pTab);
   680    679     sqlite3VdbeAddOp4(v, OP_VUpdate, 0, pTab->nCol+2, iReg, pVtab, P4_VTAB);
   681         -  sqlite3VdbeAddOp2(v, OP_Next, ephemTab, addr);
   682         -  sqlite3VdbeJumpHere(v, addr-1);
          680  +  sqlite3VdbeAddOp2(v, OP_Next, ephemTab, addr+1);
          681  +  sqlite3VdbeJumpHere(v, addr);
   683    682     sqlite3VdbeAddOp2(v, OP_Close, ephemTab, 0);
   684    683   
   685    684     /* Cleanup */
   686    685     sqlite3SelectDelete(db, pSelect);  
   687    686   }
   688    687   #endif /* SQLITE_OMIT_VIRTUALTABLE */
   689    688   
   690    689   /* Make sure "isView" gets undefined in case this file becomes part of
   691    690   ** the amalgamation - so that subsequent files do not see isView as a
   692    691   ** macro. */
   693    692   #undef isView