-C Add\sfunction\ssqlite3OsFileControlNoFail(),\swhich\sis\sthe\ssame\sas\ssqlite3OsFileControl()\sexcept\sthat\sit\sdoes\snot\ssimulate\sOOM\serrors.\sThis\ssaves\sadding\scalls\sto\sthe\sBenignMalloc()\sfunctions\saround\seach\sof\sthe\sinvocations\sof\ssqliteOsFileControl()\sthat\signore\sthe\sreturn\scode.
-D 2012-01-10T16:56:39.621
+C Avoid\spassing\sstrings\swith\sa\ssingle\snul-terminator\s(two\sare\srequired)\sto\sthe\sVFS\sxOpen()\smethod\sfrom\swithin\sthe\scode\sthat\schecks\sto\ssee\sif\sa\smaster-journal\sfile\smay\sbe\ssafely\sdeleted.
+D 2012-01-10T17:28:10.499
F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
F Makefile.in 5b4a3e12a850b021547e43daf886b25133b44c07
F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
F src/os_os2.c 4a75888ba3dfc820ad5e8177025972d74d7f2440
F src/os_unix.c 2ad4366b3c41dc813345d6dbb3cab97d62d60b96
F src/os_win.c e344ccb73aaeb5caab2c3419fba2857f914198d7
-F src/pager.c e7c940ef4a3bad34c9c44ac429257fcf301b828f
+F src/pager.c f2a3a87da34b6e1ff7f74fb22e6014087ecdf5e4
F src/pager.h 5cd760857707529b403837d813d86b68938d6183
F src/parse.y fabb2e7047417d840e6fdb3ef0988a86849a08ba
F src/pcache.c f8043b433a57aba85384a531e3937a804432a346
F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f
F tool/warnings-clang.sh 9f406d66e750e8ac031c63a9ef3248aaa347ef2a
F tool/warnings.sh fbc018d67fd7395f440c28f33ef0f94420226381
-P 7f852ac6435f1c9e25b07f816cca5ba40484579e
-R 0386e0f2452004fbea4274e17c048ecf
+P af59b182d797642e5ec3ddf291cf62662a136bd1
+R 47a7f4ba0fc3538cc9b5e527d944f9de
U dan
-Z d0553b98b27ed93d2ef4aa9f634cdd90
+Z 553d33d7ac54e78ccf7479f534ea4295
rc = sqlite3OsFileSize(pMaster, &nMasterJournal);
if( rc!=SQLITE_OK ) goto delmaster_out;
nMasterPtr = pVfs->mxPathname+1;
- zMasterJournal = sqlite3Malloc((int)nMasterJournal + nMasterPtr + 1);
+ zMasterJournal = sqlite3Malloc((int)nMasterJournal + nMasterPtr + 2);
if( !zMasterJournal ){
rc = SQLITE_NOMEM;
goto delmaster_out;
}
- zMasterPtr = &zMasterJournal[nMasterJournal+1];
+ zMasterPtr = &zMasterJournal[nMasterJournal+2];
rc = sqlite3OsRead(pMaster, zMasterJournal, (int)nMasterJournal, 0);
if( rc!=SQLITE_OK ) goto delmaster_out;
+
+ /* Ensure that even if the contents of the master journal file are corrupt,
+ ** they are terminated by a pair of 0x00 bytes. This prevents buffer
+ ** overreads in any calls made to sqlite3_uri_xxx() via sqlite3OsOpen()
+ ** below. */
zMasterJournal[nMasterJournal] = 0;
+ zMasterJournal[nMasterJournal+1] = 0;
zJournal = zMasterJournal;
while( (zJournal-zMasterJournal)<nMasterJournal ){
+ char c;
int exists;
+ int nJournal = sqlite3Strlen30(zJournal);
+
+ /* The sqlite3OsAccess() and sqlite3OsOpen() functions require argument
+ ** strings that may be passed to the sqlite3_uri_xxx() API functions.
+ ** In this case that means strings terminated by a pair of 0x00 bytes.
+ ** But the master-journal file contains strings terminated by a single
+ ** 0x00 only. So temporarily replace the first byte of the following
+ ** string with a second 0x00. The original value is restored before the
+ ** next iteration of this loop. */
+ assert( &zJournal[nJournal+1] < zMasterPtr );
+ c = zJournal[nJournal+1];
+ zJournal[nJournal+1] = '\0';
+
rc = sqlite3OsAccess(pVfs, zJournal, SQLITE_ACCESS_EXISTS, &exists);
if( rc!=SQLITE_OK ){
goto delmaster_out;
** Open it and check if it points at the master journal. If
** so, return without deleting the master journal file.
*/
- int c;
int flags = (SQLITE_OPEN_READONLY|SQLITE_OPEN_MAIN_JOURNAL);
rc = sqlite3OsOpen(pVfs, zJournal, pJournal, flags, 0);
if( rc!=SQLITE_OK ){
goto delmaster_out;
}
- c = zMasterPtr[0]!=0 && strcmp(zMasterPtr, zMaster)==0;
- if( c ){
+ if( zMasterPtr[0]!=0 && strcmp(zMasterPtr, zMaster)==0 ){
/* We have a match. Do not delete the master journal file. */
goto delmaster_out;
}
}
- zJournal += (sqlite3Strlen30(zJournal)+1);
+ zJournal += nJournal+1;
+ zJournal[0] = c;
}
sqlite3OsClose(pMaster);
projects / thirdparty / sqlite.git / commitdiff
