Improved overrun detection in mem2.c (SQLITE_MEMDEBUG). Previously was only checking up to 3 extra bytes allocated due to rounding. (CVS 6261)

FossilOrigin-Name: a6fe3d6b02734b23fe067a373c0232024a782a6c

3 files changed, 15 insertions, 12 deletions

diff --git a/manifest b/manifest
index da8ce35bc..6796ad002 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Add\s"backup"\sand\s"restore"\smethods\sto\sthe\sTCL\sinterfaces\sand\stest\scases\nto\sexercise\sthose\smethods.\s(CVS\s6260)
-D 2009-02-04T22:46:47
+C Improved\soverrun\sdetection\sin\smem2.c\s(SQLITE_MEMDEBUG).\s\sPreviously\swas\sonly\schecking\sup\sto\s3\sextra\sbytes\sallocated\sdue\sto\srounding.\s(CVS\s6261)
+D 2009-02-05T03:00:06
 F Makefile.arm-wince-mingw32ce-gcc fcd5e9cd67fe88836360bb4f9ef4cb7f8e2fb5a0
 F Makefile.in c7a5a30fb6852bd7839b1024e1661da8549878ee
 F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654
@@ -127,7 +127,7 @@ F src/main.c 75e0ec759987984d54b1fe1c75d621f533d9f46c
 F src/malloc.c bc408056b126db37b6fba00e170d578cc67be6b3
 F src/mem0.c f2f84062d1f35814d6535c9f9e33de3bfb3b132c
 F src/mem1.c 3bfb39e4f60b0179713a7c087b2d4f0dc205735f
-F src/mem2.c 4c53c0071d3c68b8f252fe85d1667bad59421396
+F src/mem2.c 6f46eef2c2cce452ae38f5b98c2632712e858bc9
 F src/mem3.c 67153ec933e08b70714055e872efb58a6b287939
 F src/mem5.c 838309b521c96a2a34507f74a5a739d28de4aac6
 F src/memjournal.c 17e9281ea5d7981e3e7b0dd3274921ecba4f773c
@@ -701,7 +701,7 @@ F tool/speedtest16.c c8a9c793df96db7e4933f0852abb7a03d48f2e81
 F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
 F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
 F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e
-P 003e1d62189e9e37f901d86a696cfccd22bd3b38
-R 007c4ac680893970254b4f79c5bdeaaf
-U drh
-Z b11130f7853d25d09c92b1b009dfc517
+P e420a3cedc7ee086a77cd719f6b9fb85415eb5f3
+R 4a184e6c5bd73985f13d3779f47b3ea6
+U shane
+Z c74ee2119d4b4fd3d0ad9086d7b4ece5
diff --git a/manifest.uuid b/manifest.uuid
index b533e76b5..893e1a37d 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-e420a3cedc7ee086a77cd719f6b9fb85415eb5f3
\ No newline at end of file
+a6fe3d6b02734b23fe067a373c0232024a782a6c
\ No newline at end of file
diff --git a/src/mem2.c b/src/mem2.c
index 25a6a56de..156237fcc 100644
--- a/src/mem2.c
+++ b/src/mem2.c
@@ -19,7 +19,7 @@
 ** This file contains implementations of the low-level memory allocation
 ** routines specified in the sqlite3_mem_methods object.
 **
-** $Id: mem2.c,v 1.42 2008/12/10 19:26:24 drh Exp $
+** $Id: mem2.c,v 1.43 2009/02/05 03:00:06 shane Exp $
 */
 #include "sqliteInt.h"
 
@@ -163,9 +163,11 @@ static struct MemBlockHdr *sqlite3MemsysGetHeader(void *pAllocation){
   pInt = (int*)pAllocation;
   pU8 = (u8*)pAllocation;
   assert( pInt[nReserve/sizeof(int)]==(int)REARGUARD );
-  assert( (nReserve-0)<=p->iSize || pU8[nReserve-1]==0x65 );
-  assert( (nReserve-1)<=p->iSize || pU8[nReserve-2]==0x65 );
-  assert( (nReserve-2)<=p->iSize || pU8[nReserve-3]==0x65 );
+  /* This checks any of the "extra" bytes allocated due
+  ** to rounding up to an 8 byte boundary to ensure 
+  ** they haven't been overwritten.
+  */
+  while( nReserve-- > p->iSize ) assert( pU8[nReserve]==0x65 );
   return p;
 }
 
@@ -186,6 +188,7 @@ static int sqlite3MemSize(void *p){
 */
 static int sqlite3MemInit(void *NotUsed){
   UNUSED_PARAMETER(NotUsed);
+  assert( (sizeof(struct MemBlockHdr)&7) == 0 );
   if( !sqlite3GlobalConfig.bMemstat ){
     /* If memory status is enabled, then the malloc.c wrapper will already
     ** hold the STATIC_MEM mutex when the routines here are invoked. */