Fix a bug in sqlite3_realloc() - if called with a size of more than

2147483392 it returns 0 but it also releases the prior allocation. (CVS 6827) FossilOrigin-Name: 653df0afcc58de82c8c1b5f6a7b2f4829ff69792
author: drh <drh@noemail.net> 2009-06-27 00:48:33 +0000
committer: drh <drh@noemail.net> 2009-06-27 00:48:33 +0000
commit: b6063cf8237435bef7743e3e7ff27ed74dceb004 (patch)
tree: ea0c32f3bde8f8e21b377cae326ff52b49d6ca56 /src/malloc.c
parent: e08ed7e71bfcad900e765c2b9e5565845a0fd692 (diff)
download: sqlite-b6063cf8237435bef7743e3e7ff27ed74dceb004.tar.gz
sqlite-b6063cf8237435bef7743e3e7ff27ed74dceb004.zip
1 files changed, 6 insertions, 3 deletions
diff --git a/src/malloc.c b/src/malloc.c
index 5d5fba19c..e89f5ab14 100644
--- a/src/malloc.c
+++ b/src/malloc.c
@@ -12,7 +12,7 @@
 **
 ** Memory allocation functions used throughout sqlite.
 **
-** $Id: malloc.c,v 1.63 2009/06/26 18:35:17 drh Exp $
+** $Id: malloc.c,v 1.64 2009/06/27 00:48:33 drh Exp $
 */
 #include "sqliteInt.h"
 #include <stdarg.h>
@@ -473,11 +473,14 @@ void *sqlite3Realloc(void *pOld, int nBytes){
   if( pOld==0 ){
     return sqlite3Malloc(nBytes);
   }
-  if( nBytes<=0 || nBytes>=0x7fffff00 ){
-    /* The 0x7ffff00 limit term is explained in comments on sqlite3Malloc() */
+  if( nBytes<=0 ){
     sqlite3_free(pOld);
     return 0;
   }
+  if( nBytes>=0x7fffff00 ){
+    /* The 0x7ffff00 limit term is explained in comments on sqlite3Malloc() */
+    return 0;
+  }
   nOld = sqlite3MallocSize(pOld);
   if( sqlite3GlobalConfig.bMemstat ){
     sqlite3_mutex_enter(mem0.mutex);
author	drh <drh@noemail.net>	2009-06-27 00:48:33 +0000
committer	drh <drh@noemail.net>	2009-06-27 00:48:33 +0000
commit	b6063cf8237435bef7743e3e7ff27ed74dceb004 (patch)
tree	ea0c32f3bde8f8e21b377cae326ff52b49d6ca56 /src/malloc.c
parent	e08ed7e71bfcad900e765c2b9e5565845a0fd692 (diff)
download	sqlite-b6063cf8237435bef7743e3e7ff27ed74dceb004.tar.gz sqlite-b6063cf8237435bef7743e3e7ff27ed74dceb004.zip