-C Initialize\san\suninitialized\sbuffer\sto\ssilence\sa\svalgrind\swarning\sduring\sa\sVACUUM\soperation.\s(CVS\s6297)
-D 2009-02-17T17:56:30
+C Add\stests\sto\sdouble-check\sthat\snothing\swithin\sSQLite\sever\stries\sto\sallocate\namounts\sof\smemory\sthat\sare\sclose\sto\sthe\smaximum\ssigned\sinteger,\sleading\sto\nan\sinteger\soverflow\swithin\smalloc().\s\sThis\sis\snot\scurrently\sa\sproblem.\nThe\sextra\stests\sjust\sinsure\sit\snever\sbecomes\sa\sproblem.\s(CVS\s6298)
+D 2009-02-17T18:37:29
F Makefile.arm-wince-mingw32ce-gcc fcd5e9cd67fe88836360bb4f9ef4cb7f8e2fb5a0
F Makefile.in c7a5a30fb6852bd7839b1024e1661da8549878ee
F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654
F src/legacy.c 8b3b95d48d202614946d7ce7256e7ba898905c3b
F src/loadext.c 3f96631089fc4f3871a67f02f2e4fc7ea4d51edc
F src/main.c 4912460dab29e4d37e4ba1d78320c6a77bb95ad8
-F src/malloc.c 836bc7ead9b255a61d56d5589b24e1dad6704604
+F src/malloc.c 552d993ee414ead65cafcaa636e22c84085999cb
F src/mem0.c f2f84062d1f35814d6535c9f9e33de3bfb3b132c
F src/mem1.c 3bfb39e4f60b0179713a7c087b2d4f0dc205735f
F src/mem2.c 6f46eef2c2cce452ae38f5b98c2632712e858bc9
F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e
-P 79431c58d964d6057c7f42f7c1df74f3df4493eb
-R d18eb83f62823b052c9f91def439d0bf
-U danielk1977
-Z 202aeb49d99b1391c07f283d43f19e14
+P 8c61968b33dd753618589cb3f859984223161d64
+R 793a2b2b9355549182d95e51bb87d221
+U drh
+Z f91927cefb8ab6069f07082e6447fa2b
**
** Memory allocation functions used throughout sqlite.
**
-** $Id: malloc.c,v 1.55 2009/02/17 16:29:11 danielk1977 Exp $
+** $Id: malloc.c,v 1.56 2009/02/17 18:37:29 drh Exp $
*/
#include "sqliteInt.h"
#include <stdarg.h>
*/
void *sqlite3Malloc(int n){
void *p;
- if( n<=0 ){
+ if( n<=0 || NEVER(n>=0x7fffff00) ){
+ /* The NEVER(n>=0x7fffff00) term is added out of paranoia. We want to make
+ ** absolutely sure that there is nothing within SQLite that can cause a
+ ** memory allocation of a number of bytes which is near the maximum signed
+ ** integer value and thus cause an integer overflow inside of the xMalloc()
+ ** implementation. The n>=0x7fffff00 gives us 255 bytes of headroom. The
+ ** test should never be true because SQLITE_MAX_LENGTH should be much
+ ** less than 0x7fffff00 and it should catch large memory allocations
+ ** before they reach this point. */
p = 0;
}else if( sqlite3GlobalConfig.bMemstat ){
sqlite3_mutex_enter(mem0.mutex);
if( pOld==0 ){
return sqlite3Malloc(nBytes);
}
- if( nBytes<=0 ){
+ if( nBytes<=0 || NEVER(nBytes>=0x7fffff00) ){
+ /* The NEVER(...) term is explained in comments on sqlite3Malloc() */
sqlite3_free(pOld);
return 0;
}
projects / thirdparty / sqlite.git / commitdiff
