[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Unsafe WC DB calls: sqlite_column_text(..., pool=NULL)

From: Julian Foad <julianfoad_at_btopenworld.com>
Date: Tue, 29 Jan 2013 16:14:58 +0000 (GMT)

I noticed code like this in wc_db.c:

  const char *relpath = svn_sqlite__column_text(stmt, 0, NULL);
  svn_kind_t kind = svn_sqlite__column_token(stmt, 1, kind_map);

According to the docs [1], the second _column_*() call can overwrite the value returned by the first one, since we passed NULL as the 'result_pool' argument.

Since we haven't run into major breakage, I guess the implementations of SQLite we've been using aren't actually overwriting the data in the situations that we've been testing... but unless we learn that they definitely won't, we should fix this potential error.

If no objections, I'll fix this by passing a pool (scratch_pool, iterpool, whatever has sufficient lifetime) instead of NULL, in all places where it is unsafe.

- Julian

[1] <http://www.sqlite.org/c3ref/column_blob.html>

--
Certified & Supported Apache Subversion Downloads: http://www.wandisco.com/subversion/download
Received on 2013-01-29 17:15:42 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.