From fd4b90be1ad0980a590adbf5612e194924ffd6d2 Mon Sep 17 00:00:00 2001
From: mistachkin <mistachkin@noemail.net>
Date: Sat, 9 Nov 2013 21:10:47 +0000
Subject: [PATCH] Furhter cleanup of the winGetTempname function.

FossilOrigin-Name: 674de36bcaafc1130b7603e69616c71fc8cd7de7
---
 manifest      | 12 +++----
 manifest.uuid |  2 +-
 src/os_win.c  | 87 +++++++++++++++++++++++++++++++++------------------
 3 files changed, 63 insertions(+), 38 deletions(-)

diff --git a/manifest b/manifest
index 6514cd4712..53d6f80b12 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Add\smore\sassert()\sstatements\sand\sfix\scompilation\sissues\swhen\sthe\sWin32\snative\sheap\sis\snot\senabled.
-D 2013-11-08T20:10:57.541
+C Furhter\scleanup\sof\sthe\swinGetTempname\sfunction.
+D 2013-11-09T21:10:47.757
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in d12e4455cf7a36e42d3949876c1c3b88ff70867a
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -205,7 +205,7 @@ F src/os.c b4ad71336fd96f97776f75587cd9e8218288f5be
 F src/os.h 4a46270a64e9193af4a0aaa3bc2c66dc07c29b3f
 F src/os_common.h 92815ed65f805560b66166e3583470ff94478f04
 F src/os_unix.c 143624d9eabb3b997c59cf594e0d06c56edd43e9
-F src/os_win.c 0b867befe5225413201099551d16f89359b514af
+F src/os_win.c 4b18ebe9b876c73c53f2f56c136117b7ca112f9a
 F src/pager.c 2aa4444ffe86e9282d03bc349a4a5e49bd77c0e8
 F src/pager.h f094af9f6ececfaa8a1e93876905a4f34233fb0c
 F src/parse.y 073a8294e1826f1b1656e84806b77e4199f4bb57
@@ -1135,7 +1135,7 @@ F tool/vdbe-compress.tcl f12c884766bd14277f4fcedcae07078011717381
 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4
 F tool/warnings.sh d1a6de74685f360ab718efda6265994b99bbea01
 F tool/win/sqlite.vsix 030f3eeaf2cb811a3692ab9c14d021a75ce41fff
-P e9694b877178572665048d1015ca033c469160e7
-R 6187da53e4e28cbae46594a31b7f6cd9
+P fbf8c3828327d19bbce0d7f6735e7577abfd54b3
+R c2f422a7847dd0ab6bc168c95eedae98
 U mistachkin
-Z 404c44102da970339de3158c18d24f41
+Z e44382875c5c1404de09b6986ef3f2a4
diff --git a/manifest.uuid b/manifest.uuid
index abdcd98c85..a044b8bda5 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-fbf8c3828327d19bbce0d7f6735e7577abfd54b3
\ No newline at end of file
+674de36bcaafc1130b7603e69616c71fc8cd7de7
\ No newline at end of file
diff --git a/src/os_win.c b/src/os_win.c
index 21f60a51d1..9b13cbc2f3 100644
--- a/src/os_win.c
+++ b/src/os_win.c
@@ -4126,7 +4126,8 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
     "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
     "0123456789";
   size_t i, j;
-  int nBuf, nLen;
+  int nPre = sqlite3Strlen30(SQLITE_TEMP_FILE_PREFIX);
+  int nMax, nBuf, nDir, nLen;
   char *zBuf;
 
   /* It's odd to simulate an io-error here, but really this is just
@@ -4138,8 +4139,8 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
   /* Allocate a temporary buffer to store the fully qualified file
   ** name for the temporary file.  If this fails, we cannot continue.
   */
-  nBuf = pVfs->mxPathname;
-  zBuf = sqlite3MallocZero( nBuf+3 );
+  nMax = pVfs->mxPathname; nBuf = nMax + 2;
+  zBuf = sqlite3MallocZero( nBuf );
   if( !zBuf ){
     OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
     return SQLITE_IOERR_NOMEM;
@@ -4149,10 +4150,21 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
   ** has been explicitly set by the application; otherwise, use the one
   ** configured by the operating system.
   */
-  assert( nBuf>30 );
+  nDir = nMax - (nPre + 15);
+  assert( nDir>0 );
   if( sqlite3_temp_directory ){
-    sqlite3_snprintf(nBuf-30, zBuf, "%s", sqlite3_temp_directory);
-    winMakeEndInDirSep(nBuf-30, zBuf);
+    int nDirLen = sqlite3Strlen30(sqlite3_temp_directory);
+    if( nDirLen>0 ){
+      if( !winIsDirSep(sqlite3_temp_directory[nDirLen-1]) ){
+        nDirLen++;
+      }
+      if( nDirLen>nDir ){
+        sqlite3_free(zBuf);
+        OSTRACE(("TEMP-FILENAME rc=SQLITE_ERROR\n"));
+        return winLogError(SQLITE_ERROR, 0, "winGetTempname1", 0);
+      }
+      sqlite3_snprintf(nMax, zBuf, "%s", sqlite3_temp_directory);
+    }
   }
 #if defined(__CYGWIN__)
   else{
@@ -4192,14 +4204,13 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
           return SQLITE_IOERR_NOMEM;
         }
         if( winIsDir(zConverted) ){
-          sqlite3_snprintf(nBuf-30, zBuf, "%s", zDir);
-          winMakeEndInDirSep(nBuf-30, zBuf);
+          sqlite3_snprintf(nMax, zBuf, "%s", zDir);
           sqlite3_free(zConverted);
           break;
         }
         sqlite3_free(zConverted);
       }else{
-        zConverted = sqlite3MallocZero( nBuf+1 );
+        zConverted = sqlite3MallocZero( nMax+1 );
         if( !zConverted ){
           sqlite3_free(zBuf);
           OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
@@ -4207,12 +4218,12 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
         }
         if( cygwin_conv_path(
                 osIsNT() ? CCP_POSIX_TO_WIN_W : CCP_POSIX_TO_WIN_A, zDir,
-                zConverted, nBuf+1)<0 ){
+                zConverted, nMax+1)<0 ){
           sqlite3_free(zConverted);
           sqlite3_free(zBuf);
           OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_CONVPATH\n"));
           return winLogError(SQLITE_IOERR_CONVPATH, (DWORD)errno,
-                             "winGetTempname1", zDir);
+                             "winGetTempname2", zDir);
         }
         if( winIsDir(zConverted) ){
           /* At this point, we know the candidate directory exists and should
@@ -4227,14 +4238,12 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
               OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
               return SQLITE_IOERR_NOMEM;
             }
-            sqlite3_snprintf(nBuf-30, zBuf, "%s", zUtf8);
-            winMakeEndInDirSep(nBuf-30, zBuf);
+            sqlite3_snprintf(nMax, zBuf, "%s", zUtf8);
             sqlite3_free(zUtf8);
             sqlite3_free(zConverted);
             break;
           }else{
-            sqlite3_snprintf(nBuf-30, zBuf, "%s", zConverted);
-            winMakeEndInDirSep(nBuf-30, zBuf);
+            sqlite3_snprintf(nMax, zBuf, "%s", zConverted);
             sqlite3_free(zConverted);
             break;
           }
@@ -4246,23 +4255,22 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
 #elif !SQLITE_OS_WINRT && !defined(__CYGWIN__)
   else if( osIsNT() ){
     char *zMulti;
-    LPWSTR zWidePath = sqlite3MallocZero( nBuf*sizeof(WCHAR) );
+    LPWSTR zWidePath = sqlite3MallocZero( nMax*sizeof(WCHAR) );
     if( !zWidePath ){
       sqlite3_free(zBuf);
       OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
       return SQLITE_IOERR_NOMEM;
     }
-    if( osGetTempPathW(nBuf, zWidePath)==0 ){
+    if( osGetTempPathW(nMax, zWidePath)==0 ){
       sqlite3_free(zWidePath);
       sqlite3_free(zBuf);
       OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_GETTEMPPATH\n"));
       return winLogError(SQLITE_IOERR_GETTEMPPATH, osGetLastError(),
-                         "winGetTempname1", 0);
+                         "winGetTempname2", 0);
     }
     zMulti = winUnicodeToUtf8(zWidePath);
     if( zMulti ){
-      sqlite3_snprintf(nBuf-30, zBuf, "%s", zMulti);
-      winMakeEndInDirSep(nBuf-30, zBuf);
+      sqlite3_snprintf(nMax, zBuf, "%s", zMulti);
       sqlite3_free(zMulti);
       sqlite3_free(zWidePath);
     }else{
@@ -4275,22 +4283,21 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
 #ifdef SQLITE_WIN32_HAS_ANSI
   else{
     char *zUtf8;
-    char *zMbcsPath = sqlite3MallocZero( nBuf );
+    char *zMbcsPath = sqlite3MallocZero( nMax );
     if( !zMbcsPath ){
       sqlite3_free(zBuf);
       OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_NOMEM\n"));
       return SQLITE_IOERR_NOMEM;
     }
-    if( osGetTempPathA(nBuf, zMbcsPath)==0 ){
+    if( osGetTempPathA(nMax, zMbcsPath)==0 ){
       sqlite3_free(zBuf);
       OSTRACE(("TEMP-FILENAME rc=SQLITE_IOERR_GETTEMPPATH\n"));
       return winLogError(SQLITE_IOERR_GETTEMPPATH, osGetLastError(),
-                         "winGetTempname2", 0);
+                         "winGetTempname3", 0);
     }
     zUtf8 = sqlite3_win32_mbcs_to_utf8(zMbcsPath);
     if( zUtf8 ){
-      sqlite3_snprintf(nBuf-30, zBuf, "%s", zUtf8);
-      winMakeEndInDirSep(nBuf-30, zBuf);
+      sqlite3_snprintf(nMax, zBuf, "%s", zUtf8);
       sqlite3_free(zUtf8);
     }else{
       sqlite3_free(zBuf);
@@ -4301,18 +4308,36 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
 #endif /* SQLITE_WIN32_HAS_ANSI */
 #endif /* !SQLITE_OS_WINRT */
 
-  /* Check that the output buffer is large enough for the temporary file 
-  ** name. If it is not, return SQLITE_ERROR.
+  /*
+  ** Check to make sure the temporary directory ends with an appropriate
+  ** separator.  If it does not and there is not enough space left to add
+  ** one, fail.
   */
-  nLen = sqlite3Strlen30(zBuf);
+  if( !winMakeEndInDirSep(nDir+1, zBuf) ){
+    sqlite3_free(zBuf);
+    OSTRACE(("TEMP-FILENAME rc=SQLITE_ERROR\n"));
+    return winLogError(SQLITE_ERROR, 0, "winGetTempname4", 0);
+  }
 
-  if( (nLen + sqlite3Strlen30(SQLITE_TEMP_FILE_PREFIX) + 18) >= nBuf ){
+  /*
+  ** Check that the output buffer is large enough for the temporary file 
+  ** name in the following format:
+  **
+  **   "<temporary_directory>/etilqs_XXXXXXXXXXXXXXX\0\0"
+  **
+  ** If not, return SQLITE_ERROR.  The number 17 is used here in order to
+  ** account for the space used by the 15 character random suffix and the
+  ** two trailing NUL characters.  The final directory separator character
+  ** has already added if it was not already present.
+  */
+  nLen = sqlite3Strlen30(zBuf);
+  if( (nLen + nPre + 17) > nBuf ){
     sqlite3_free(zBuf);
     OSTRACE(("TEMP-FILENAME rc=SQLITE_ERROR\n"));
-    return winLogError(SQLITE_ERROR, 0, "winGetTempname3", 0);
+    return winLogError(SQLITE_ERROR, 0, "winGetTempname5", 0);
   }
 
-  sqlite3_snprintf(nBuf-18-nLen, zBuf+nLen, SQLITE_TEMP_FILE_PREFIX);
+  sqlite3_snprintf(nBuf-16-nLen, zBuf+nLen, SQLITE_TEMP_FILE_PREFIX);
 
   j = sqlite3Strlen30(zBuf);
   sqlite3_randomness(15, &zBuf[j]);
-- 
2.47.2