Unsafe WC DB calls: sqlite_column_text(..., pool=NULL)
From: Julian Foad <julianfoad_at_btopenworld.com>
Date: Tue, 29 Jan 2013 16:14:58 +0000 (GMT)
I noticed code like this in wc_db.c:
const char *relpath = svn_sqlite__column_text(stmt, 0, NULL);
According to the docs , the second _column_*() call can overwrite the value returned by the first one, since we passed NULL as the 'result_pool' argument.
Since we haven't run into major breakage, I guess the implementations of SQLite we've been using aren't actually overwriting the data in the situations that we've been testing... but unless we learn that they definitely won't, we should fix this potential error.
If no objections, I'll fix this by passing a pool (scratch_pool, iterpool, whatever has sufficient lifetime) instead of NULL, in all places where it is unsafe.
-- Certified & Supported Apache Subversion Downloads: http://www.wandisco.com/subversion/downloadReceived on 2013-01-29 17:15:42 CET
This is an archived mail posted to the Subversion Dev mailing list.