Remove use of malloc and free from the Windows VFS. Also, prevent sqlite3BtreeOpen from assuming that sqlite3OsFullPathname cannot fail.
FossilOrigin-Name: 8966ec1797be63d1305628d459bdad5be08cf3ca
diff --git a/manifest b/manifest
index 455829f..0c8720d 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Work\sin\sprogress\sto\simplement\sthe\s'syscall'\sfunctionality\sfor\sWindows.
-D 2011-11-11T22:08:54.567
+C Remove\suse\sof\smalloc\sand\sfree\sfrom\sthe\sWindows\sVFS.\s\sAlso,\sprevent\ssqlite3BtreeOpen\sfrom\sassuming\sthat\ssqlite3OsFullPathname\scannot\sfail.
+D 2011-11-11T23:31:04.676
F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
F Makefile.in 5b4a3e12a850b021547e43daf886b25133b44c07
F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -125,7 +125,7 @@
F src/backup.c 4368158da74d4711888e03264105c5c527d76caf
F src/bitvec.c af50f1c8c0ff54d6bdb7a80e2fceca5a93670bef
F src/btmutex.c 976f45a12e37293e32cae0281b15a21d48a8aaa7
-F src/btree.c 32199e2d939233ade25340eaba450f818b37c079
+F src/btree.c 60e0151ccc9d1d09a3fd2d0e609689ab8544e93f
F src/btree.h f5d775cd6cfc7ac32a2535b70e8d2af48ef5f2ce
F src/btreeInt.h 67978c014fa4f7cc874032dd3aacadd8db656bc3
F src/build.c 8af67a08a852ff4c63701963cb1ab7166f577814
@@ -167,7 +167,7 @@
F src/os_common.h 92815ed65f805560b66166e3583470ff94478f04
F src/os_os2.c 4a75888ba3dfc820ad5e8177025972d74d7f2440
F src/os_unix.c 4fbb91726165e105c1679a2660f49a3f4c376e4f
-F src/os_win.c 1d8fe13d456ef2df6576af55a8b15937244e1e26
+F src/os_win.c ee8ba0846294f154e0822095512a665cdb197c8a
F src/pager.c db33d4bf1e3e019c34c220971cc6c3aa07c30f54
F src/pager.h 9f81b08efb06db4ba8be69446e10b005c351373d
F src/parse.y 12b7ebd61ea54f0e1b1083ff69cc2c8ce9353d58
@@ -974,10 +974,7 @@
F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f
F tool/warnings-clang.sh 9f406d66e750e8ac031c63a9ef3248aaa347ef2a
F tool/warnings.sh fbc018d67fd7395f440c28f33ef0f94420226381
-P 8f28797984c1d4700357a75815ca4b324c3ebf5c
-R 0ef79000409253332bbd2b77a41d7f05
-T *branch * winSyscall
-T *sym-winSyscall *
-T -sym-trunk *
+P ed88fb00240de75457c0da19e87c12082622ca17
+R a35825c17aca6258f92039304b464c67
U mistachkin
-Z 57ebd7677acce4cb8f4dee76b646710f
+Z 93813e17596e2d1608777ccc9fc54b6a
diff --git a/manifest.uuid b/manifest.uuid
index 3546fa2..68895f5 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-ed88fb00240de75457c0da19e87c12082622ca17
\ No newline at end of file
+8966ec1797be63d1305628d459bdad5be08cf3ca
\ No newline at end of file
diff --git a/src/btree.c b/src/btree.c
index d64e172..e28ad0f 100644
--- a/src/btree.c
+++ b/src/btree.c
@@ -1772,7 +1772,12 @@
sqlite3_free(p);
return SQLITE_NOMEM;
}
- sqlite3OsFullPathname(pVfs, zFilename, nFullPathname, zFullPathname);
+ rc = sqlite3OsFullPathname(pVfs, zFilename, nFullPathname, zFullPathname);
+ if( rc!=SQLITE_OK ){
+ sqlite3_free(zFullPathname);
+ sqlite3_free(p);
+ return rc;
+ }
#if SQLITE_THREADSAFE
mutexOpen = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_OPEN);
sqlite3_mutex_enter(mutexOpen);
diff --git a/src/os_win.c b/src/os_win.c
index bc86e98..8550c62 100644
--- a/src/os_win.c
+++ b/src/os_win.c
@@ -15,33 +15,6 @@
#include "sqliteInt.h"
#if SQLITE_OS_WIN /* This file is used for Windows only */
-
-/*
-** A Note About Memory Allocation:
-**
-** This driver uses malloc()/free() directly rather than going through
-** the SQLite-wrappers sqlite3_malloc()/sqlite3_free(). Those wrappers
-** are designed for use on embedded systems where memory is scarce and
-** malloc failures happen frequently. Win32 does not typically run on
-** embedded systems, and when it does the developers normally have bigger
-** problems to worry about than running out of memory. So there is not
-** a compelling need to use the wrappers.
-**
-** But there is a good reason to not use the wrappers. If we use the
-** wrappers then we will get simulated malloc() failures within this
-** driver. And that causes all kinds of problems for our tests. We
-** could enhance SQLite to deal with simulated malloc failures within
-** the OS driver, but the code to deal with those failure would not
-** be exercised on Linux (which does not need to malloc() in the driver)
-** and so we would have difficulty writing coverage tests for that
-** code. Better to leave the code out, we think.
-**
-** The point of this discussion is as follows: When creating a new
-** OS layer for an embedded system, if you use this file as an example,
-** avoid the use of malloc()/free(). Those routines work ok on Windows
-** desktops but not so well in embedded systems.
-*/
-
#ifdef __CYGWIN__
# include <sys/cygwin.h>
#endif
@@ -945,14 +918,14 @@
LPWSTR zWideFilename;
nChar = osMultiByteToWideChar(CP_UTF8, 0, zFilename, -1, NULL, 0);
- zWideFilename = malloc( nChar*sizeof(zWideFilename[0]) );
+ zWideFilename = sqlite3_malloc( nChar*sizeof(zWideFilename[0]) );
if( zWideFilename==0 ){
return 0;
}
nChar = osMultiByteToWideChar(CP_UTF8, 0, zFilename, -1, zWideFilename,
nChar);
if( nChar==0 ){
- free(zWideFilename);
+ sqlite3_free(zWideFilename);
zWideFilename = 0;
}
return zWideFilename;
@@ -960,21 +933,21 @@
/*
** Convert Microsoft Unicode to UTF-8. Space to hold the returned string is
-** obtained from malloc().
+** obtained from sqlite3_malloc().
*/
static char *unicodeToUtf8(LPCWSTR zWideFilename){
int nByte;
char *zFilename;
nByte = osWideCharToMultiByte(CP_UTF8, 0, zWideFilename, -1, 0, 0, 0, 0);
- zFilename = malloc( nByte );
+ zFilename = sqlite3_malloc( nByte );
if( zFilename==0 ){
return 0;
}
nByte = osWideCharToMultiByte(CP_UTF8, 0, zWideFilename, -1, zFilename, nByte,
0, 0);
if( nByte == 0 ){
- free(zFilename);
+ sqlite3_free(zFilename);
zFilename = 0;
}
return zFilename;
@@ -985,7 +958,7 @@
** current codepage settings for file apis.
**
** Space to hold the returned string is obtained
-** from malloc.
+** from sqlite3_malloc.
*/
static LPWSTR mbcsToUnicode(const char *zFilename){
int nByte;
@@ -994,14 +967,14 @@
nByte = osMultiByteToWideChar(codepage, 0, zFilename, -1, NULL,
0)*sizeof(WCHAR);
- zMbcsFilename = malloc( nByte*sizeof(zMbcsFilename[0]) );
+ zMbcsFilename = sqlite3_malloc( nByte*sizeof(zMbcsFilename[0]) );
if( zMbcsFilename==0 ){
return 0;
}
nByte = osMultiByteToWideChar(codepage, 0, zFilename, -1, zMbcsFilename,
nByte);
if( nByte==0 ){
- free(zMbcsFilename);
+ sqlite3_free(zMbcsFilename);
zMbcsFilename = 0;
}
return zMbcsFilename;
@@ -1012,7 +985,7 @@
** user's ANSI codepage.
**
** Space to hold the returned string is obtained from
-** malloc().
+** sqlite3_malloc().
*/
static char *unicodeToMbcs(LPCWSTR zWideFilename){
int nByte;
@@ -1020,14 +993,14 @@
int codepage = osAreFileApisANSI() ? CP_ACP : CP_OEMCP;
nByte = osWideCharToMultiByte(codepage, 0, zWideFilename, -1, 0, 0, 0, 0);
- zFilename = malloc( nByte );
+ zFilename = sqlite3_malloc( nByte );
if( zFilename==0 ){
return 0;
}
nByte = osWideCharToMultiByte(codepage, 0, zWideFilename, -1, zFilename,
nByte, 0, 0);
if( nByte == 0 ){
- free(zFilename);
+ sqlite3_free(zFilename);
zFilename = 0;
}
return zFilename;
@@ -1035,7 +1008,7 @@
/*
** Convert multibyte character string to UTF-8. Space to hold the
-** returned string is obtained from malloc().
+** returned string is obtained from sqlite3_malloc().
*/
char *sqlite3_win32_mbcs_to_utf8(const char *zFilename){
char *zFilenameUtf8;
@@ -1046,13 +1019,13 @@
return 0;
}
zFilenameUtf8 = unicodeToUtf8(zTmpWide);
- free(zTmpWide);
+ sqlite3_free(zTmpWide);
return zFilenameUtf8;
}
/*
** Convert UTF-8 to multibyte character string. Space to hold the
-** returned string is obtained from malloc().
+** returned string is obtained from sqlite3_malloc().
*/
char *sqlite3_win32_utf8_to_mbcs(const char *zFilename){
char *zFilenameMbcs;
@@ -1063,7 +1036,7 @@
return 0;
}
zFilenameMbcs = unicodeToMbcs(zTmpWide);
- free(zTmpWide);
+ sqlite3_free(zTmpWide);
return zFilenameMbcs;
}
@@ -1128,7 +1101,7 @@
/* copy a maximum of nBuf chars to output buffer */
sqlite3_snprintf(nBuf, zBuf, "%s", zOut);
/* free the UTF8 buffer */
- free(zOut);
+ sqlite3_free(zOut);
}
return 0;
}
@@ -1274,9 +1247,15 @@
*/
static BOOL winceCreateLock(const char *zFilename, winFile *pFile){
LPWSTR zTok;
- LPWSTR zName = utf8ToUnicode(zFilename);
+ LPWSTR zName;
BOOL bInit = TRUE;
+ zName = utf8ToUnicode(zFilename);
+ if( zName==0 ){
+ /* out of memory */
+ return FALSE;
+ }
+
/* Initialize the local lockdata */
memset(&pFile->local, 0, sizeof(pFile->local));
@@ -1292,7 +1271,7 @@
if (!pFile->hMutex){
pFile->lastErrno = osGetLastError();
winLogError(SQLITE_ERROR, pFile->lastErrno, "winceCreateLock1", zFilename);
- free(zName);
+ sqlite3_free(zName);
return FALSE;
}
@@ -1314,7 +1293,7 @@
bInit = FALSE;
}
- free(zName);
+ sqlite3_free(zName);
/* If we succeeded in making the shared memory handle, map it. */
if (pFile->hShared){
@@ -1612,7 +1591,7 @@
){
osSleep(100); /* Wait a little before trying again */
}
- free(pFile->zDeleteOnClose);
+ sqlite3_free(pFile->zDeleteOnClose);
}
#endif
OSTRACE(("CLOSE %d %s\n", pFile->h, rc ? "ok" : "failed"));
@@ -2440,13 +2419,13 @@
** allocate space for a new winShmNode and filename.
*/
p = sqlite3_malloc( sizeof(*p) );
- if( p==0 ) return SQLITE_NOMEM;
+ if( p==0 ) return SQLITE_IOERR_NOMEM;
memset(p, 0, sizeof(*p));
nName = sqlite3Strlen30(pDbFd->zPath);
pNew = sqlite3_malloc( sizeof(*pShmNode) + nName + 15 );
if( pNew==0 ){
sqlite3_free(p);
- return SQLITE_NOMEM;
+ return SQLITE_IOERR_NOMEM;
}
memset(pNew, 0, sizeof(*pNew));
pNew->zFilename = (char*)&pNew[1];
@@ -2474,7 +2453,7 @@
pShmNode->mutex = sqlite3_mutex_alloc(SQLITE_MUTEX_FAST);
if( pShmNode->mutex==0 ){
- rc = SQLITE_NOMEM;
+ rc = SQLITE_IOERR_NOMEM;
goto shm_open_err;
}
@@ -2924,9 +2903,9 @@
zMulti = unicodeToUtf8(zWidePath);
if( zMulti ){
sqlite3_snprintf(MAX_PATH-30, zTempPath, "%s", zMulti);
- free(zMulti);
+ sqlite3_free(zMulti);
}else{
- return SQLITE_NOMEM;
+ return SQLITE_IOERR_NOMEM;
}
/* isNT() is 1 if SQLITE_OS_WINCE==1, so this else is never executed.
** Since the ASCII version of these Windows API do not exist for WINCE,
@@ -2940,9 +2919,9 @@
zUtf8 = sqlite3_win32_mbcs_to_utf8(zMbcsPath);
if( zUtf8 ){
sqlite3_snprintf(MAX_PATH-30, zTempPath, "%s", zUtf8);
- free(zUtf8);
+ sqlite3_free(zUtf8);
}else{
- return SQLITE_NOMEM;
+ return SQLITE_IOERR_NOMEM;
}
#endif
}
@@ -3065,7 +3044,7 @@
/* Convert the filename to the system encoding. */
zConverted = convertUtf8Filename(zUtf8Name);
if( zConverted==0 ){
- return SQLITE_NOMEM;
+ return SQLITE_IOERR_NOMEM;
}
if( isReadWrite ){
@@ -3143,7 +3122,7 @@
if( h==INVALID_HANDLE_VALUE ){
pFile->lastErrno = osGetLastError();
winLogError(SQLITE_CANTOPEN, pFile->lastErrno, "winOpen", zUtf8Name);
- free(zConverted);
+ sqlite3_free(zConverted);
if( isReadWrite && !isExclusive ){
return winOpen(pVfs, zName, id,
((flags|SQLITE_OPEN_READONLY)&~(SQLITE_OPEN_CREATE|SQLITE_OPEN_READWRITE)), pOutFlags);
@@ -3174,7 +3153,7 @@
&& !winceCreateLock(zName, pFile)
){
osCloseHandle(h);
- free(zConverted);
+ sqlite3_free(zConverted);
return SQLITE_CANTOPEN_BKPT;
}
if( isTemp ){
@@ -3182,7 +3161,7 @@
}else
#endif
{
- free(zConverted);
+ sqlite3_free(zConverted);
}
OpenCounter(+1);
@@ -3215,7 +3194,7 @@
SimulateIOError(return SQLITE_IOERR_DELETE);
zConverted = convertUtf8Filename(zFilename);
if( zConverted==0 ){
- return SQLITE_NOMEM;
+ return SQLITE_IOERR_NOMEM;
}
if( isNT() ){
rc = 1;
@@ -3240,7 +3219,7 @@
}else{
logIoerr(cnt);
}
- free(zConverted);
+ sqlite3_free(zConverted);
OSTRACE(("DELETE \"%s\" %s\n", zFilename, (rc ? "failed" : "ok" )));
return rc;
}
@@ -3262,7 +3241,7 @@
SimulateIOError( return SQLITE_IOERR_ACCESS; );
zConverted = convertUtf8Filename(zFilename);
if( zConverted==0 ){
- return SQLITE_NOMEM;
+ return SQLITE_IOERR_NOMEM;
}
if( isNT() ){
int cnt = 0;
@@ -3287,7 +3266,7 @@
logIoerr(cnt);
if( lastErrno!=ERROR_FILE_NOT_FOUND ){
winLogError(SQLITE_IOERR_ACCESS, lastErrno, "winAccess", zFilename);
- free(zConverted);
+ sqlite3_free(zConverted);
return SQLITE_IOERR_ACCESS;
}else{
attr = INVALID_FILE_ATTRIBUTES;
@@ -3302,7 +3281,7 @@
attr = osGetFileAttributesA((char*)zConverted);
#endif
}
- free(zConverted);
+ sqlite3_free(zConverted);
switch( flags ){
case SQLITE_ACCESS_READ:
case SQLITE_ACCESS_EXISTS:
@@ -3367,18 +3346,21 @@
SimulateIOError( return SQLITE_ERROR );
UNUSED_PARAMETER(nFull);
zConverted = convertUtf8Filename(zRelative);
+ if( zConverted==0 ){
+ return SQLITE_IOERR_NOMEM;
+ }
if( isNT() ){
LPWSTR zTemp;
nByte = osGetFullPathNameW((LPCWSTR)zConverted, 0, 0, 0) + 3;
- zTemp = malloc( nByte*sizeof(zTemp[0]) );
+ zTemp = sqlite3_malloc( nByte*sizeof(zTemp[0]) );
if( zTemp==0 ){
- free(zConverted);
- return SQLITE_NOMEM;
+ sqlite3_free(zConverted);
+ return SQLITE_IOERR_NOMEM;
}
osGetFullPathNameW((LPCWSTR)zConverted, nByte, zTemp, 0);
- free(zConverted);
+ sqlite3_free(zConverted);
zOut = unicodeToUtf8(zTemp);
- free(zTemp);
+ sqlite3_free(zTemp);
/* isNT() is 1 if SQLITE_OS_WINCE==1, so this else is never executed.
** Since the ASCII version of these Windows API do not exist for WINCE,
** it's important to not reference them for WINCE builds.
@@ -3387,23 +3369,23 @@
}else{
char *zTemp;
nByte = osGetFullPathNameA((char*)zConverted, 0, 0, 0) + 3;
- zTemp = malloc( nByte*sizeof(zTemp[0]) );
+ zTemp = sqlite3_malloc( nByte*sizeof(zTemp[0]) );
if( zTemp==0 ){
- free(zConverted);
- return SQLITE_NOMEM;
+ sqlite3_free(zConverted);
+ return SQLITE_IOERR_NOMEM;
}
osGetFullPathNameA((char*)zConverted, nByte, zTemp, 0);
- free(zConverted);
+ sqlite3_free(zConverted);
zOut = sqlite3_win32_mbcs_to_utf8(zTemp);
- free(zTemp);
+ sqlite3_free(zTemp);
#endif
}
if( zOut ){
sqlite3_snprintf(pVfs->mxPathname, zFull, "%s", zOut);
- free(zOut);
+ sqlite3_free(zOut);
return SQLITE_OK;
}else{
- return SQLITE_NOMEM;
+ return SQLITE_IOERR_NOMEM;
}
#endif
}
@@ -3468,7 +3450,7 @@
&dwDummy,
&dwDummy);
}
- free(zConverted);
+ sqlite3_free(zConverted);
}
if( !dwRet ){
bytesPerSector = SQLITE_DEFAULT_SECTOR_SIZE;
@@ -3505,7 +3487,7 @@
h = osLoadLibraryA((char*)zConverted);
#endif
}
- free(zConverted);
+ sqlite3_free(zConverted);
return (void*)h;
}
static void winDlError(sqlite3_vfs *pVfs, int nBuf, char *zBufOut){
