On 06/14/2013 10:55 PM, Jan Slodicka wrote:
(Applies to SQLITE 3.7.15.2 (but v3.7.17.0 uses the same code))Pager bug(?): Following code excerpt from sqlite3.c should crash if pPage==NULL && createFlag==0: static sqlite3_pcache_page *pcache1Fetch( sqlite3_pcache *p, unsigned int iKey, int createFlag ){ { ... if( pPage || createFlag==0 ){ pcache1PinPage(pPage); goto fetch_out; } ... fetch_out: ... return &pPage->page; } Note: The funny thing is that when I debugged (VS 2010) the return statement for pPage=NULL, there was no crash and the routine returned NULL value to the caller. In other words a correct return instead of crash. (Probably due to page structure definition, where the member page is located at the offset 0.)
I don't think it would actually matter. The expression in the return statement is only doing pointer arithmetic, not actually dereferencing any pointers. Similar to: return (sqlite4_pcache_page *)((char *)pPage + offsetof(PgHdr1, page)); My guess is that whoever wrote that line thought it slightly less error prone than the equivalent: return (sqlite4_pcache_page *)pPage; Dan. _______________________________________________ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
