Hello folks,
I've noticed that the zJournal string in the Pager struct isn't double-null
terminated, but goes through the same open file routines which seem to expect
the double null.
This has caused a crash condition in conjunction with the async module. The
crash happens at line 115866 of the 3.7.12 source:
SQLITE_API const char *sqlite3_uri_parameter(const char *zFilename, const char
*zParam){
if( zFilename==0 ) return 0;
zFilename += sqlite3Strlen30(zFilename) + 1;
while( zFilename[0] ){
int x = strcmp(zFilename, zParam); <========= crash here
zFilename += sqlite3Strlen30(zFilename) + 1;
if( x==0 ) return zFilename;
zFilename += sqlite3Strlen30(zFilename) + 1;
}
return 0;
}
I saw that Pager->zJournal is initialized as below in sqlite3PagerOpen:
memcpy(&pPager->zJournal[nPathname], "-journal\000", 8+1);
And it would seem to me it should be 9+1 since you have the internal \0 within
the string, as well as the terminator of the whole string.
Of course, I'm no sqlite guru, so this may be a case of "you're doing it
wrong", in which case, I do apologize in advance.
Thank you for reviewing this report.
Masashi Ito
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
