database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-08-05 15:55:57 +03:00
Code Activity

Use a new technique to detect fresh OOM faults in columnName() that does not

Browse Source 
rely on there being no OOMs prior to entry into columnName(), as
[forum/forumpost/fb6811c2f9|forum post fb6811c2f9] demonstrates a technique
which could cause an OOM prior to entry into columnName().

FossilOrigin-Name: a63346d6a0c0ca7ba4c87499de2e461be9c77e9b5d98f2bebf308cdb6599f33c
This commit is contained in:
drh
2023-04-27 23:59:51 +00:00
parent bfd28f9e01
commit 93b4c3beb8
3 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/vdbeapi.c
View File

@@ -1337,9 +1337,9 @@ static const void *columnName(
assert( db!=0 );
n = sqlite3_column_count(pStmt);
if( N<n && N>=0 ){
u8 prior_mallocFailed = db->mallocFailed;
N += useType*n;
sqlite3_mutex_enter(db->mutex);
assert( db->mallocFailed==0 );
#ifndef SQLITE_OMIT_UTF16
if( useUtf16 ){
ret = sqlite3_value_text16((sqlite3_value*)&p->aColName[N]);
@@ -1351,7 +1351,8 @@ static const void *columnName(
/* A malloc may have failed inside of the _text() call. If this
** is the case, clear the mallocFailed flag and return NULL.
*/
if( db->mallocFailed ){
assert( db->mallocFailed==0 || db->mallocFailed==1 );
if( db->mallocFailed > prior_mallocFailed ){
sqlite3OomClear(db);
ret = 0;
}