1
0
mirror of https://github.com/sqlite/sqlite.git synced 2025-08-07 02:42:48 +03:00

Code changes that make it easier to prove that no 32-bit integer overflows

happen during memory allocation.  No problems fixed; this change is just
to make future maintenance easier.

FossilOrigin-Name: 215650a5a1d55bdbca9c92524804a1a54456a17f42a17e53747b21a6507506f5
This commit is contained in:
drh
2025-02-17 17:33:14 +00:00
parent ad5dcff53b
commit ef86b942b9
21 changed files with 111 additions and 85 deletions

View File

@@ -276,7 +276,7 @@ static VdbeCursor *allocateCursor(
*/
Mem *pMem = iCur>0 ? &p->aMem[p->nMem-iCur] : p->aMem;
int nByte;
i64 nByte;
VdbeCursor *pCx = 0;
nByte =
ROUND8P(sizeof(VdbeCursor)) + 2*sizeof(u32)*nField +
@@ -304,7 +304,7 @@ static VdbeCursor *allocateCursor(
pMem->szMalloc = 0;
return 0;
}
pMem->szMalloc = nByte;
pMem->szMalloc = (int)nByte;
}
p->apCsr[iCur] = pCx = (VdbeCursor*)pMem->zMalloc;
@@ -7325,7 +7325,7 @@ case OP_RowSetTest: { /* jump, in1, in3 */
*/
case OP_Program: { /* jump0 */
int nMem; /* Number of memory registers for sub-program */
int nByte; /* Bytes of runtime space required for sub-program */
i64 nByte; /* Bytes of runtime space required for sub-program */
Mem *pRt; /* Register to allocate runtime space */
Mem *pMem; /* Used to iterate through memory cells */
Mem *pEnd; /* Last memory cell in new array */
@@ -7376,7 +7376,7 @@ case OP_Program: { /* jump0 */
nByte = ROUND8(sizeof(VdbeFrame))
+ nMem * sizeof(Mem)
+ pProgram->nCsr * sizeof(VdbeCursor*)
+ (pProgram->nOp + 7)/8;
+ (7 + (i64)pProgram->nOp)/8;
pFrame = sqlite3DbMallocZero(db, nByte);
if( !pFrame ){
goto no_mem;
@@ -7384,7 +7384,7 @@ case OP_Program: { /* jump0 */
sqlite3VdbeMemRelease(pRt);
pRt->flags = MEM_Blob|MEM_Dyn;
pRt->z = (char*)pFrame;
pRt->n = nByte;
pRt->n = (int)nByte;
pRt->xDel = sqlite3VdbeFrameMemDel;
pFrame->v = p;