mirror of https://github.com/sqlite/sqlite
Fix a bug in sqlite3_mprintf() which could have caused a buffer
overrun if malloc() failed. (CVS 3998) FossilOrigin-Name: 5af49a57d4866be21c0206f34584bcc63adc1315
This commit is contained in:
drh
parent
f764e6fc3d
commit
eaad32b1df
12
manifest
12
manifest
|
|
@ -1,5 +1,5 @@
|
|||
C The\sbuilt-in\ssubstr()\sfunction\sapplied\sto\sa\sBLOB\scounts\sbytes,\snot\scharacters.\s(CVS\s3997)
|
||||
D 2007-05-15T01:13:47
|
||||
C Fix\sa\sbug\sin\ssqlite3_mprintf()\swhich\scould\shave\scaused\sa\sbuffer\noverrun\sif\smalloc()\sfailed.\s(CVS\s3998)
|
||||
D 2007-05-15T02:34:09
|
||||
F Makefile.in 87b200ad9970907f76df734d29dff3d294c10935
|
||||
F Makefile.linux-gcc 2d8574d1ba75f129aba2019f0b959db380a90935
|
||||
F README 9c4e2d6706bdcc3efdd773ce752a8cdab4f90028
|
||||
|
|
@ -97,7 +97,7 @@ F src/pager.h 94110a5570dca30d54a883e880a3633b2e4c05ae
|
|||
F src/parse.y 5d4d60e7e1beb1ad134835ee0624d35617f36c4e
|
||||
F src/pragma.c 6d5eb19feef9e84117b9b17a4c38b12b8c1c6897
|
||||
F src/prepare.c 87c23644986b5e41a58bc76f05abebd899e00089
|
||||
F src/printf.c 05b233c7a39aec4c54c79ef87af24f0a6591175d
|
||||
F src/printf.c cd91e057fa7e2661673eecd4eeecf4900b1e5cfe
|
||||
F src/random.c 6119474a6f6917f708c1dee25b9a8e519a620e88
|
||||
F src/select.c c10b98aeccc67a9724c37bbecd6553e5a8da5bf6
|
||||
F src/server.c 087b92a39d883e3fa113cae259d64e4c7438bc96
|
||||
|
|
@ -491,7 +491,7 @@ F www/tclsqlite.tcl bb0d1357328a42b1993d78573e587c6dcbc964b9
|
|||
F www/vdbe.tcl 87a31ace769f20d3627a64fa1fade7fed47b90d0
|
||||
F www/version3.tcl 890248cf7b70e60c383b0e84d77d5132b3ead42b
|
||||
F www/whentouse.tcl fc46eae081251c3c181bd79c5faef8195d7991a5
|
||||
P d07cdd3c096c120d104ae13f7932c0a955324517
|
||||
R 2be0a4c9f659ac8ba502f4d27f744853
|
||||
P 75d573080d03ee48fe88710f70c6875ff9cae19c
|
||||
R b07b9e5fab6d7eaa0b8188e0005d371e
|
||||
U drh
|
||||
Z 429140db9719a9a8e8c56d1f7aa1fad7
|
||||
Z afee1df567f28ceb1f5fd286b893c976
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
75d573080d03ee48fe88710f70c6875ff9cae19c
|
||||
5af49a57d4866be21c0206f34584bcc63adc1315
|
||||
|
|
@ -729,19 +729,22 @@ static void mout(void *arg, const char *zNewText, int nNewChar){
|
|||
if( pM->xRealloc==0 ){
|
||||
nNewChar = pM->nAlloc - pM->nChar - 1;
|
||||
}else{
|
||||
pM->nAlloc = pM->nChar + nNewChar*2 + 1;
|
||||
int nAlloc = pM->nChar + nNewChar*2 + 1;
|
||||
if( pM->zText==pM->zBase ){
|
||||
pM->zText = pM->xRealloc(0, pM->nAlloc);
|
||||
pM->zText = pM->xRealloc(0, nAlloc);
|
||||
if( pM->zText && pM->nChar ){
|
||||
memcpy(pM->zText, pM->zBase, pM->nChar);
|
||||
}
|
||||
}else{
|
||||
char *zNew;
|
||||
zNew = pM->xRealloc(pM->zText, pM->nAlloc);
|
||||
zNew = pM->xRealloc(pM->zText, nAlloc);
|
||||
if( zNew ){
|
||||
pM->zText = zNew;
|
||||
}else{
|
||||
return;
|
||||
}
|
||||
}
|
||||
pM->nAlloc = nAlloc;
|
||||
}
|
||||
}
|
||||
if( pM->zText ){
|
||||
|
|
|
|||
Loading…
Reference in New Issue