diff options
| author | drh <drh@noemail.net> | 2008-10-11 16:47:35 +0000 |
|---|---|---|
| committer | drh <drh@noemail.net> | 2008-10-11 16:47:35 +0000 |
| commit | 10fe840e4dbce702b4d24aa47c61710a97fb673c (patch) | |
| tree | 0d473a718dec7042a0dfb7fd0754b053878edd96 /src | |
| parent | 4150ebf86fd9935a19dbdc67bdd72e45a1d46a13 (diff) | |
| download | sqlite-10fe840e4dbce702b4d24aa47c61710a97fb673c.tar.gz sqlite-10fe840e4dbce702b4d24aa47c61710a97fb673c.zip | |
Fix a memory leak on ORDER BY of a compound select caused by the resolver
on a flattened query. Also fix a OOM segfault in WHERE clause processing. (CVS 5801)
FossilOrigin-Name: d2c252d6bbde4ae14da6c9e6c2683d763d11c59f
Diffstat (limited to 'src')
| -rw-r--r-- | src/expr.c | 16 | ||||
| -rw-r--r-- | src/resolve.c | 5 | ||||
| -rw-r--r-- | src/sqliteInt.h | 3 | ||||
| -rw-r--r-- | src/where.c | 9 |
4 files changed, 20 insertions, 13 deletions
diff --git a/src/expr.c b/src/expr.c index c0760943e..52f7cdb7d 100644 --- a/src/expr.c +++ b/src/expr.c @@ -12,7 +12,7 @@ ** This file contains routines used for analyzing expressions and ** for generating VDBE code that evaluates expressions in SQLite. ** -** $Id: expr.c,v 1.398 2008/10/07 19:53:14 drh Exp $ +** $Id: expr.c,v 1.399 2008/10/11 16:47:36 drh Exp $ */ #include "sqliteInt.h" #include <ctype.h> @@ -601,16 +601,24 @@ void sqlite3ExprAssignVarNumber(Parse *pParse, Expr *pExpr){ } /* -** Recursively delete an expression tree. +** Clear an expression structure without deleting the structure itself. +** Substructure is deleted. */ -void sqlite3ExprDelete(sqlite3 *db, Expr *p){ - if( p==0 ) return; +void sqlite3ExprClear(sqlite3 *db, Expr *p){ if( p->span.dyn ) sqlite3DbFree(db, (char*)p->span.z); if( p->token.dyn ) sqlite3DbFree(db, (char*)p->token.z); sqlite3ExprDelete(db, p->pLeft); sqlite3ExprDelete(db, p->pRight); sqlite3ExprListDelete(db, p->pList); sqlite3SelectDelete(db, p->pSelect); +} + +/* +** Recursively delete an expression tree. +*/ +void sqlite3ExprDelete(sqlite3 *db, Expr *p){ + if( p==0 ) return; + sqlite3ExprClear(db, p); sqlite3DbFree(db, p); } diff --git a/src/resolve.c b/src/resolve.c index 10bbf481a..3f3ac939f 100644 --- a/src/resolve.c +++ b/src/resolve.c @@ -14,7 +14,7 @@ ** resolve all identifiers by associating them with a particular ** table and column. ** -** $Id: resolve.c,v 1.8 2008/10/10 04:34:16 shane Exp $ +** $Id: resolve.c,v 1.9 2008/10/11 16:47:36 drh Exp $ */ #include "sqliteInt.h" #include <stdlib.h> @@ -77,8 +77,7 @@ static void resolveAlias( pDup->pColl = pExpr->pColl; pDup->flags |= EP_ExpCollate; } - if( pExpr->span.dyn ) sqlite3DbFree(db, (char*)pExpr->span.z); - if( pExpr->token.dyn ) sqlite3DbFree(db, (char*)pExpr->token.z); + sqlite3ExprClear(db, pExpr); memcpy(pExpr, pDup, sizeof(*pExpr)); sqlite3DbFree(db, pDup); } diff --git a/src/sqliteInt.h b/src/sqliteInt.h index caf62320b..1d56f01d1 100644 --- a/src/sqliteInt.h +++ b/src/sqliteInt.h @@ -11,7 +11,7 @@ ************************************************************************* ** Internal interface definitions for SQLite. ** -** @(#) $Id: sqliteInt.h,v 1.781 2008/10/10 18:25:46 shane Exp $ +** @(#) $Id: sqliteInt.h,v 1.782 2008/10/11 16:47:36 drh Exp $ */ #ifndef _SQLITEINT_H_ #define _SQLITEINT_H_ @@ -2100,6 +2100,7 @@ Expr *sqlite3ExprAnd(sqlite3*,Expr*, Expr*); void sqlite3ExprSpan(Expr*,Token*,Token*); Expr *sqlite3ExprFunction(Parse*,ExprList*, Token*); void sqlite3ExprAssignVarNumber(Parse*, Expr*); +void sqlite3ExprClear(sqlite3*, Expr*); void sqlite3ExprDelete(sqlite3*, Expr*); ExprList *sqlite3ExprListAppend(Parse*,ExprList*,Expr*,Token*); void sqlite3ExprListDelete(sqlite3*, ExprList*); diff --git a/src/where.c b/src/where.c index fb7b3f90a..22a3598cd 100644 --- a/src/where.c +++ b/src/where.c @@ -16,7 +16,7 @@ ** so is applicable. Because this module is responsible for selecting ** indices, you might also think of this module as the "query optimizer". ** -** $Id: where.c,v 1.325 2008/10/07 23:46:38 drh Exp $ +** $Id: where.c,v 1.326 2008/10/11 16:47:36 drh Exp $ */ #include "sqliteInt.h" @@ -1931,10 +1931,9 @@ static int nQPlan = 0; /* Next free slow in _query_plan[] */ /* ** Free a WhereInfo structure */ -static void whereInfoFree(WhereInfo *pWInfo){ +static void whereInfoFree(sqlite3 *db, WhereInfo *pWInfo){ if( pWInfo ){ int i; - sqlite3 *db = pWInfo->pParse->db; for(i=0; i<pWInfo->nLevel; i++){ sqlite3_index_info *pInfo = pWInfo->a[i].pIdxInfo; if( pInfo ){ @@ -2812,7 +2811,7 @@ WhereInfo *sqlite3WhereBegin( /* Jump here if malloc fails */ whereBeginError: whereClauseClear(&wc); - whereInfoFree(pWInfo); + whereInfoFree(db, pWInfo); return 0; } @@ -2926,6 +2925,6 @@ void sqlite3WhereEnd(WhereInfo *pWInfo){ /* Final cleanup */ - whereInfoFree(pWInfo); + whereInfoFree(db, pWInfo); return; } |