Hello !
When testing one application that uses sqlite3 with "-fsanitize=address" I
was getting an error:
==1310==ERROR: AddressSanitizer: heap-use-after-free on address
And after study the code I found that the problem is in the function
openDatabase in src/main.c , it only happens when SQLITE_HAS_CODEC is
defined.
And because "zOpen" was passed to "free" some lines up we have the problem.
One solution I found is to move the call to "free(zOpen);" to just before
return;
---------
--- /home/xxxxx/dev/sqlite3-00/src/main.c
+++ /home/xxxxx/sqlite3-00/src/main2.c
@@ -2969,7 +2969,6 @@
?? sqlite3_wal_autocheckpoint(db, SQLITE_DEFAULT_WAL_AUTOCHECKPOINT);
?
?opendb_out:
-? sqlite3_free(zOpen);
?? if( db ){
???? assert( db->mutex!=0 || isThreadsafe==0
??????????? || sqlite3GlobalConfig.bFullMutex==0 );
@@ -3006,6 +3005,8 @@
???? }
?? }
?#endif
+? /*moved here because when SQLITE_HAS_CODEC is defined it access zOpen*/
+? sqlite3_free(zOpen);
?? return rc & 0xff;
?}
-------
Cheers !
?
