isaac / libspatialite Goto Github PK
View Code? Open in Web Editor NEWLicense: Other
libspatialite's People
Stargazers
Watchers
libspatialite's Issues
Wrongly using SQLite APIs can cause Dos
There are several bugs due to missing sqlite3_free_table(result) after sqlite3_get_table(db, sql, result, row, column, errmsg) call.
SQLite Documention mentions:
A result table might consist of one or more memory allocations. It is not safe to pass a result table directly to sqlite3_free(). A result table should be deallocated using sqlite3_free_table().
This bug results in memory leak. In some cases, the memory consumption might be huge, which may cause the process to corrupt.
Example source code in test/check_get_normal_row.c:255:
254 ret =
255 sqlite3_get_table (db_handle,
256 "SELECT gpkgGetNormalRow(\"test1_matrix_tiles\", 5, 0)",
257 &results, &rows, &columns, &err_msg);
258 if (ret != SQLITE_ERROR)
259 {
260 fprintf (stderr, "Expected error for overrange zoom level, got %i\n",
261 ret);
262 sqlite3_free (err_msg);
263 return -18;
264 }There is the whole list of locations related to this problem:
test/check_get_normal_row.c:255
test/check_get_normal_row.c:277
test/check_get_normal_row.c:300
test/check_get_normal_row.c:322
test/check_get_normal_row.c:344
test/check_get_normal_row.c:367
test/check_get_normal_row.c:390
test/check_get_normal_row.c:415
test/check_get_normal_row_bad_geopackage.c:126
test/check_get_normal_row_bad_geopackage.c:149
test/check_get_normal_row_bad_geopackage2.c:94
test/check_get_normal_zoom.c:224
test/check_get_normal_zoom.c:248
test/check_get_normal_zoom.c:273
test/check_get_normal_zoom.c:296
test/check_get_normal_zoom.c:318
test/check_get_normal_zoom_bad_geopackage.c:115
test/check_get_normal_zoom_bad_geopackage2.c:135
test/check_get_normal_zoom_extension_load.c:235
test/check_get_normal_zoom_extension_load.c:259
test/check_get_normal_zoom_extension_load.c:284
test/check_get_normal_zoom_extension_load.c:307
test/check_get_normal_zoom_extension_load.c:329
test/check_stored_proc.c:1058potential memory leak: forgetting to free table after using libsqlite3 API 'sqlite3_get_table'
I found a potential memory leak when reading the source code '/test/check_recover_geom.c'.
The issue is caused because forgetting to free the second argument of libsqlite3 API 'sqlite3_get_table' when meeting an error and return, such as 1525-1548 line.
According to libsqlite3 API document, "After the application has finished with the result from sqlite3_get_table(), it must pass the result table pointer to sqlite3_free_table() in order to release the memory that was malloced. "
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.