jitendar kumar wrote:
>Actually it has been customized in case of the memcpy() with checks for Src
>= NULL and length = 0. and whever at run-time it encounters, alarm is
>generated.
>
>So, we had a concern for future use such that any case where such condition
>can occur and also segfault crash can occur if the src=NULL and length !=0.
Why do you think that length>0 can happen, when it has
never been reported (neither by your tool, nor by anybody
else)?
>Also, I have a suggestion of a memcpy_safe wrapper in sqlite3.c which
>ensures such safety before any memcpy is called.
>
>void * memcpy_safe( void *dest, const void *src, int length)
>{
> if ( dest !=0 && src != 0 )
>
> return memcpy(dest , src , length )
> else
> return dest
>}
Even if we ignore the syntax errors and the truncation bug
in this function, why would it be safer?
Would you prefer a crash, or that the application continues
and silently corrupts the database?
Regards,
Clemens
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
