Always use strncmp() rather than memcmp() when comparing strings where one

or other string might be less than the length parameter, since optimized versions of memcmp() might read past the first difference and in so doing generate an access violation. FossilOrigin-Name: d73435587ba7459e2e2c32980d0e17abdeceb4bc
2025-08-07 02:42:48 +03:00 · 2013-03-01 01:07:17 +00:00
parent 016fff2b6e
commit 503a686e09
10 changed files with 29 additions and 29 deletions
--- a/28
+++ b/28
@@ -1,5 +1,5 @@
-C In\sthe\sincrvacuum3\stest,\sadd\smissing\scall\sto\sthe\sTcl\sclose\scommand.
+C Always\suse\sstrncmp()\srather\sthan\smemcmp()\swhen\scomparing\sstrings\swhere\sone\nor\sother\sstring\smight\sbe\sless\sthan\sthe\slength\sparameter,\ssince\soptimized\nversions\sof\smemcmp()\smight\sread\spast\sthe\sfirst\sdifference\sand\sin\sso\sdoing\ngenerate\san\saccess\sviolation.
-D 2013-02-26T18:54:18.663
+D 2013-03-01T01:07:17.783
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in a48faa9e7dd7d556d84f5456eabe5825dd8a6282
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -115,7 +115,7 @@ F sqlite.pc.in 42b7bf0d02e08b9e77734a47798d1a55a9e0716b
 F sqlite3.1 6be1ad09113570e1fc8dcaff84c9b0b337db5ffc
 F sqlite3.pc.in ae6f59a76e862f5c561eb32a380228a02afc3cad
 F src/alter.c f8db986c03eb0bfb221523fc9bbb9d0b70de3168
-F src/analyze.c 7553068d21e32a57fc33ab6b2393fc8c1ba41410
+F src/analyze.c d5f895810e8ff9737c9ec7b76abc3dcff5860335
 F src/attach.c ea5247f240e2c08afd608e9beb380814b86655e1
 F src/auth.c 523da7fb4979469955d822ff9298352d6b31de34
 F src/backup.c b2cac9f7993f3f9588827b824b1501d0c820fa68
@@ -124,13 +124,13 @@ F src/btmutex.c 976f45a12e37293e32cae0281b15a21d48a8aaa7
 F src/btree.c cbad71970cfadfa342fc137ca5e319f98b2d0da1
 F src/btree.h 3ad7964d6c5b1c7bff569aab6adfa075f8bf06cd
 F src/btreeInt.h eecc84f02375b2bb7a44abbcbbe3747dde73edb2
-F src/build.c 73ca65f32938e4e0d94e831b61b5749b211b79be
+F src/build.c 375e5df716e03b9343c5e1211be3b24e6d6dff05
 F src/callback.c d7e46f40c3cf53c43550b7da7a1d0479910b62cc
 F src/complete.c dc1d136c0feee03c2f7550bafc0d29075e36deac
 F src/ctime.c 72a70dcfda75d3a1f81041ce4573e7afddcd8e4e
 F src/date.c 067a81c9942c497aafd2c260e13add8a7d0c7dd4
 F src/delete.c 9b8d308979114991e5dc7cee958316e07186941d
-F src/expr.c f6c20285bd36e87ec47f4d840e90a32755e2a90c
+F src/expr.c a23b4aac2a455b2e76b55bef5dcfbe62b665375c
 F src/fault.c 160a0c015b6c2629d3899ed2daf63d75754a32bb
 F src/fkey.c e16942bd5c8a868ac53287886464a5ed0e72b179
 F src/func.c cac45cca7bbe29bbefef46116174e89e1284763b
@@ -160,7 +160,7 @@ F src/notify.c 976dd0f6171d4588e89e874fcc765e92914b6d30
 F src/os.c e1acdc09ff3ac2412945cca9766e2dcf4675f31c
 F src/os.h 027491c77d2404c0a678bb3fb06286f331eb9b57
 F src/os_common.h 92815ed65f805560b66166e3583470ff94478f04
-F src/os_unix.c dfdc04b126f7b05dcb2e2cc5c1262f98acbb49d9
+F src/os_unix.c 8964f621aaab1f2c9804fbbff4450d9811ef5548
 F src/os_win.c eabd00b813577d36bd66271cb08dd64ea0589dac
 F src/pager.c 0dbf5ff5d5d7d3a21fcab82e9e4d129b6fe6314f
 F src/pager.h 1109a06578ec5574dc2c74cf8d9f69daf36fe3e0
@@ -216,13 +216,13 @@ F src/test_mutex.c a6bd7b9cf6e19d989e31392b06ac8d189f0d573e
 F src/test_onefile.c 0396f220561f3b4eedc450cef26d40c593c69a25
 F src/test_osinst.c 90a845c8183013d80eccb1f29e8805608516edba
 F src/test_pcache.c a5cd24730cb43c5b18629043314548c9169abb00
-F src/test_quota.c 0e0e2e3bf6766b101ecccd8c042b66e44e9be8f5
+F src/test_quota.c 1ec82e02fd3643899e9a5de9684515e84641c91f
 F src/test_quota.h 8761e463b25e75ebc078bd67d70e39b9c817a0cb
-F src/test_regexp.c 58e0349f155bc307dfa209df4b03add0a7749866
+F src/test_regexp.c 08748a68ddb3b29329dbdade5ede849a749f0c07
 F src/test_rtree.c aba603c949766c4193f1068b91c787f57274e0d9
 F src/test_schema.c 8c06ef9ddb240c7a0fcd31bc221a6a2aade58bf0
 F src/test_server.c 2f99eb2837dfa06a4aacf24af24c6affdf66a84f
-F src/test_spellfix.c 83abe9d8c364cdd5f93bc06eaf40a349ebbf6c5c
+F src/test_spellfix.c 56dfa6d583ac34f61af0834d7b58d674e7e18e13
 F src/test_sqllog.c 8acb843ddb9928dea8962e31bb09f421a72ffccb
 F src/test_stat.c d1569c7a4839f13e80187e2c26b2ab4da2d03935
 F src/test_superlock.c 2b97936ca127d13962c3605dbc9a4ef269c424cd
@@ -242,7 +242,7 @@ F src/vacuum.c 2727bdd08847fcb6b2d2da6d14f018910e8645d3
 F src/vdbe.c 292f8f7ced59c29c63fe17830cbe5f5a0230cdf0
 F src/vdbe.h b52887278cb173e66188da84dfab216bea61119d
 F src/vdbeInt.h 396bb03eec560f768d1b86092b00f46c25575d3b
-F src/vdbeapi.c 4c2418161cf45392ba76a7ca92f9a5f06b96f89c
+F src/vdbeapi.c 9616986209cc77822aa9f7d91cf9e6880516d557
 F src/vdbeaux.c 735a6905df302a7f3c715a82bd3af06dc7d74ef2
 F src/vdbeblob.c 32f2a4899d67f69634ea4dd93e3f651936d732cb
 F src/vdbemem.c cb55e84b8e2c15704968ee05f0fae25883299b74
@@ -1036,7 +1036,7 @@ F tool/vdbe-compress.tcl f12c884766bd14277f4fcedcae07078011717381
 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4
 F tool/warnings.sh fbc018d67fd7395f440c28f33ef0f94420226381
 F tool/win/sqlite.vsix 97894c2790eda7b5bce3cc79cb2a8ec2fde9b3ac
-P c2d5a23b1ab39918e97c596cf75c42f86a5fe2b7
+P cd8067238439638bcfd3966d55d2a3990f36d702
-R 687a470b4afc6de785d4ede326493d08
+R 5a3dd033106407aa4f07779dd0d49c1d
-U mistachkin
+U drh
-Z 915aa22c53fd0f2da96b96267104ce14
+Z dd2b43e4a7c5d5f8a543e6614ead6c72
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-cd8067238439638bcfd3966d55d2a3990f36d702
+d73435587ba7459e2e2c32980d0e17abdeceb4bc
--- a/src/analyze.c
+++ b/src/analyze.c
@@ -473,7 +473,7 @@ static void analyzeOneTable(
    /* Do not gather statistics on views or virtual tables */
    return;
  }
-  if( memcmp(pTab->zName, "sqlite_", 7)==0 ){
+  if( sqlite3_strnicmp(pTab->zName, "sqlite_", 7)==0 ){
    /* Do not gather statistics on system tables */
    return;
  }
@@ -883,7 +883,7 @@ static int analysisLoader(void *pData, int argc, char **argv, char **NotUsed){
    if( pIndex==0 ) break;
    pIndex->aiRowEst[i] = v;
    if( *z==' ' ) z++;
-    if( memcmp(z, "unordered", 10)==0 ){
+    if( strcmp(z, "unordered")==0 ){
      pIndex->bUnordered = 1;
      break;
    }
--- a/src/build.c
+++ b/src/build.c
@@ -2594,7 +2594,7 @@ Index *sqlite3CreateIndex(
  assert( pTab!=0 );
  assert( pParse->nErr==0 );
  if( sqlite3StrNICmp(pTab->zName, "sqlite_", 7)==0 
-       && memcmp(&pTab->zName[7],"altertab_",9)!=0 ){
+       && sqlite3StrNICmp(&pTab->zName[7],"altertab_",9)!=0 ){
    sqlite3ErrorMsg(pParse, "table %s may not be indexed", pTab->zName);
    goto exit_create_index;
  }
--- a/src/expr.c
+++ b/src/expr.c
@@ -638,7 +638,7 @@ void sqlite3ExprAssignVarNumber(Parse *pParse, Expr *pExpr){
      */
      ynVar i;
      for(i=0; i<pParse->nzVar; i++){
-        if( pParse->azVar[i] && memcmp(pParse->azVar[i],z,n+1)==0 ){
+        if( pParse->azVar[i] && strcmp(pParse->azVar[i],z)==0 ){
          pExpr->iColumn = x = (ynVar)i+1;
          break;
        }
--- a/src/os_unix.c
+++ b/src/os_unix.c
@@ -4752,7 +4752,7 @@ static int fillInUnixFile(
                           "psow", SQLITE_POWERSAFE_OVERWRITE) ){
    pNew->ctrlFlags |= UNIXFILE_PSOW;
  }
-  if( memcmp(pVfs->zName,"unix-excl",10)==0 ){
+  if( strcmp(pVfs->zName,"unix-excl")==0 ){
    pNew->ctrlFlags |= UNIXFILE_EXCL;
  }
--- a/src/test_quota.c
+++ b/src/test_quota.c
@@ -1295,7 +1295,7 @@ int sqlite3_quota_remove(const char *zFilename){
  if( pGroup ){
    for(pFile=pGroup->pFiles; pFile && rc==SQLITE_OK; pFile=pNextFile){
      pNextFile = pFile->pNext;
-      diff = memcmp(zFull, pFile->zFilename, nFull);
+      diff = strncmp(zFull, pFile->zFilename, nFull);
      if( diff==0 && ((c = pFile->zFilename[nFull])==0 || c=='/' || c=='\\') ){
        if( pFile->nRef ){
          pFile->deleteOnClose = 1;
--- a/src/test_regexp.c
+++ b/src/test_regexp.c
@@ -194,7 +194,7 @@ int re_match(ReCompiled *pRe, const unsigned char *zIn, int nIn){
  if( pRe->nInit ){
    unsigned char x = pRe->zInit[0];
    while( in.i+pRe->nInit<=in.mx 
-        && (zIn[in.i]!=x || memcmp(zIn+in.i, pRe->zInit, pRe->nInit)!=0)
+        && (zIn[in.i]!=x || strncmp(zIn+in.i, pRe->zInit, pRe->nInit)!=0)
    ){
      in.i++;
    }
--- a/src/test_spellfix.c
+++ b/src/test_spellfix.c
@@ -744,22 +744,22 @@ static int utf8Len(unsigned char c, int N){
 }
 /*
-** Return TRUE (non-zero) of the To side of the given cost matches
+** Return TRUE (non-zero) if the To side of the given cost matches
 ** the given string.
 */
 static int matchTo(EditDist3Cost *p, const char *z, int n){
  if( p->nTo>n ) return 0;
-  if( memcmp(p->a+p->nFrom, z, p->nTo)!=0 ) return 0;
+  if( strncmp(p->a+p->nFrom, z, p->nTo)!=0 ) return 0;
  return 1;
 }
 /*
-** Return TRUE (non-zero) of the To side of the given cost matches
+** Return TRUE (non-zero) if the From side of the given cost matches
 ** the given string.
 */
 static int matchFrom(EditDist3Cost *p, const char *z, int n){
  assert( p->nFrom<=n );
-  if( memcmp(p->a, z, p->nFrom)!=0 ) return 0;
+  if( strncmp(p->a, z, p->nFrom)!=0 ) return 0;
  return 1;
 }
@@ -1952,7 +1952,7 @@ static int spellfix1Init(
      );
    }
    for(i=3; rc==SQLITE_OK && i<argc; i++){
-      if( memcmp(argv[i],"edit_cost_table=",16)==0 && pNew->zCostTable==0 ){
+      if( strncmp(argv[i],"edit_cost_table=",16)==0 && pNew->zCostTable==0 ){
        pNew->zCostTable = spellfix1Dequote(&argv[i][16]);
        if( pNew->zCostTable==0 ) rc = SQLITE_NOMEM;
        continue;
@@ -2681,7 +2681,7 @@ static int spellfix1Update(
        p->pConfig3 = 0;
        return SQLITE_OK;
      }
-      if( memcmp(zCmd,"edit_cost_table=",16)==0 ){
+      if( strncmp(zCmd,"edit_cost_table=",16)==0 ){
        editDist3ConfigDelete(p->pConfig3);
        p->pConfig3 = 0;
        sqlite3_free(p->zCostTable);
--- a/src/vdbeapi.c
+++ b/src/vdbeapi.c
@@ -1198,7 +1198,7 @@ int sqlite3VdbeParameterIndex(Vdbe *p, const char *zName, int nName){
  if( zName ){
    for(i=0; i<p->nzVar; i++){
      const char *z = p->azVar[i];
-      if( z && memcmp(z,zName,nName)==0 && z[nName]==0 ){
+      if( z && strncmp(z,zName,nName)==0 && z[nName]==0 ){
        return i+1;
      }
    }
		`@@ -1 +1 @@`
			`cd8067238439638bcfd3966d55d2a3990f36d702`				`d73435587ba7459e2e2c32980d0e17abdeceb4bc`