/ Check-in [5e472896e0]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix for [9abd6aa831]. Do not overread a buffer used for an %q or %w conversion with a precision specifier.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 5e472896e02eed05c6c0886a48acd0bdc7a38731
User & Date: dan 2010-03-04 17:58:45
Context
2010-03-05
13:41
Adjust some #ifdefs so that the build works on Mac both with and without SQLITE_ENABLE_LOCKING_STYLE. check-in: 0cc981f1cc user: drh tags: trunk
2010-03-04
22:36
Second thoughts: Let Tiger users set SQLITE_ENABLE_LOCKING_STYLE=0. Was: Change SQLITE_ENABLE_LOCKING_STYLE to default off, even on Macs, since older Macs (Tiger) cannot compile the latest proxy locking sources. Closed-Leaf check-in: 1a0fa8d19d user: drh tags: mistake
17:58
Fix for [9abd6aa831]. Do not overread a buffer used for an %q or %w conversion with a precision specifier. check-in: 5e472896e0 user: dan tags: trunk
17:11
Fix an uninitialized variable in printf when compiling with SQLITE_OMIT_FLOATING_POINT. check-in: 14ad62b9a5 user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/printf.c.

651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
        int needQuote;
        char ch;
        char q = ((xtype==etSQLESCAPE3)?'"':'\'');   /* Quote character */
        char *escarg = va_arg(ap,char*);
        isnull = escarg==0;
        if( isnull ) escarg = (xtype==etSQLESCAPE2 ? "NULL" : "(NULL)");
        k = precision;
        for(i=n=0; (ch=escarg[i])!=0 && k!=0; i++, k--){
          if( ch==q )  n++;
        }
        needQuote = !isnull && xtype==etSQLESCAPE2;
        n += i + 1 + needQuote*2;
        if( n>etBUFSIZE ){
          bufpt = zExtra = sqlite3Malloc( n );
          if( bufpt==0 ){







|







651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
        int needQuote;
        char ch;
        char q = ((xtype==etSQLESCAPE3)?'"':'\'');   /* Quote character */
        char *escarg = va_arg(ap,char*);
        isnull = escarg==0;
        if( isnull ) escarg = (xtype==etSQLESCAPE2 ? "NULL" : "(NULL)");
        k = precision;
        for(i=n=0; k!=0 && (ch=escarg[i])!=0; i++, k--){
          if( ch==q )  n++;
        }
        needQuote = !isnull && xtype==etSQLESCAPE2;
        n += i + 1 + needQuote*2;
        if( n>etBUFSIZE ){
          bufpt = zExtra = sqlite3Malloc( n );
          if( bufpt==0 ){