From: drh Date: Thu, 13 Oct 2016 12:56:18 +0000 (+0000) Subject: Take care to avoid integer overflow when doing the initial page cache X-Git-Tag: version-3.15.0~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=989412a1cf2983e446cc8ae2e5f86895930c0362;p=thirdparty%2Fsqlite.git Take care to avoid integer overflow when doing the initial page cache allocation with an excessively large cache_size setting. FossilOrigin-Name: 4d66ac98deaa85218be7ff0eb254f78b96d8e8d4 --- diff --git a/manifest b/manifest index 9719134aaa..6982d57f42 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Avoid\sreading\sthe\s-1-th\selement\sof\san\sarray\sin\sthe\squery\splanner.\s\sFix\sto\sa\nbug\sintroduced\sby\scheck-in\s[8e2b25f9b8a7]\sfrom\searlier\stoday.\s\sCuriously,\nthe\sproblem\sonly\sappeared\son\s32-bit\ssystems. -D 2016-10-12T18:55:53.185 +C Take\scare\sto\savoid\sinteger\soverflow\swhen\sdoing\sthe\sinitial\spage\scache\nallocation\swith\san\sexcessively\slarge\scache_size\ssetting. +D 2016-10-13T12:56:18.996 F Makefile.in 6fd48ffcf7c2deea7499062d1f3747f986c19678 F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434 F Makefile.msc 5151cc64c4c05f3455f4f692ad11410a810d937f @@ -378,7 +378,7 @@ F src/pager.h 966d2769e76ae347c8a32c4165faf6e6cb64546d F src/parse.y 0338f906b61e311c2b7e11a3f89b0092c780b664 F src/pcache.c 5ff2a08f76a9c1b22f43eb063b7068fb085465ac F src/pcache.h 2cedcd8407eb23017d92790b112186886e179490 -F src/pcache1.c 4bb7a6a5300c67d0b033d25adb509c120c03e812 +F src/pcache1.c e3967219b2a92b9edcb9324a4ba75009090d3953 F src/pragma.c d932ba278654617cdd281f88a790a3185fca7c44 F src/pragma.h 64c78a648751b9f4f297276c4eb7507b14b4628c F src/prepare.c b1140c3d0cf59bc85ace00ce363153041b424b7a @@ -1525,7 +1525,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P e87d02d289a2016ea3ee074e914b07a8ac22b21f -R 347ceac05d5e830be9b0b453b9055752 +P 443913d582bcd953d85159047541592e2f68ade3 +R a065c821855a0dd84a6e1c87c8d5ef05 U drh -Z f6a48b076f4d91846fe2072e2532d39d +Z fa9255d8df284358f598506788fc36f9 diff --git a/manifest.uuid b/manifest.uuid index f1cc7550cb..b4c3b869ac 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -443913d582bcd953d85159047541592e2f68ade3 \ No newline at end of file +4d66ac98deaa85218be7ff0eb254f78b96d8e8d4 \ No newline at end of file diff --git a/src/pcache1.c b/src/pcache1.c index 1b1971a399..110d7ec656 100644 --- a/src/pcache1.c +++ b/src/pcache1.c @@ -279,7 +279,7 @@ static int pcache1InitBulk(PCache1 *pCache){ szBulk = -1024 * (i64)pcache1.nInitPage; } if( szBulk > pCache->szAlloc*(i64)pCache->nMax ){ - szBulk = pCache->szAlloc*pCache->nMax; + szBulk = pCache->szAlloc*(i64)pCache->nMax; } zBulk = pCache->pBulk = sqlite3Malloc( szBulk ); sqlite3EndBenignMalloc();