diff options
| author | unknown <serg@serg.mylan> | 2004-11-28 15:53:17 +0100 |
|---|---|---|
| committer | unknown <serg@serg.mylan> | 2004-11-28 15:53:17 +0100 |
| commit | 30db8445c10b0ae44077f1b2739a3bb07b4735a4 (patch) | |
| tree | 46d7ffed3e41aa68db463fe32568cb1f56dc23f2 | |
| parent | 7a1ffc062ecfafe9f1f7d4c15d7c8cc9815a7d3d (diff) | |
| download | mariadb-git-30db8445c10b0ae44077f1b2739a3bb07b4735a4.tar.gz | |
protection: TRASH in delete
fixed a bug that it discovered
include/my_sys.h:
move TRASH to my_sys.h from sql_list.h
sql/field.h:
use TRASH macro
sql/item.h:
TRASH in delete
sql/item_func.h:
never delete item's manually!
sql/opt_range.cc:
TRASH in delete
sql/sql_lex.h:
TRASH in delete
sql/sql_list.h:
move TRASH to my_sys.h from sql_list.h
sql/sql_parse.cc:
don't use properties of deleted objects (even when it's safe)
sql/sql_select.cc:
TRASH in delete
sql/sql_show.cc:
TRASH in delete
sql/sql_string.h:
TRASH in delete
| -rw-r--r-- | include/my_sys.h | 2 | ||||
| -rw-r--r-- | sql/field.h | 6 | ||||
| -rw-r--r-- | sql/item.h | 5 | ||||
| -rw-r--r-- | sql/item_func.h | 6 | ||||
| -rw-r--r-- | sql/opt_range.cc | 2 | ||||
| -rw-r--r-- | sql/sql_lex.h | 8 | ||||
| -rw-r--r-- | sql/sql_list.h | 6 | ||||
| -rw-r--r-- | sql/sql_parse.cc | 6 | ||||
| -rw-r--r-- | sql/sql_select.cc | 8 | ||||
| -rw-r--r-- | sql/sql_show.cc | 8 | ||||
| -rw-r--r-- | sql/sql_string.h | 4 |
11 files changed, 32 insertions, 29 deletions
diff --git a/include/my_sys.h b/include/my_sys.h index 6a20f6aa9dd..3de3ec9687c 100644 --- a/include/my_sys.h +++ b/include/my_sys.h @@ -138,6 +138,7 @@ extern int NEAR my_errno; /* Last error in mysys */ #define my_memdup(A,B,C) _my_memdup((A),(B), __FILE__,__LINE__,C) #define my_strdup(A,C) _my_strdup((A), __FILE__,__LINE__,C) #define my_strdup_with_length(A,B,C) _my_strdup_with_length((A),(B),__FILE__,__LINE__,C) +#define TRASH(A,B) bfill(A, B, 0x8F) #define QUICK_SAFEMALLOC sf_malloc_quick=1 #define NORMAL_SAFEMALLOC sf_malloc_quick=0 extern uint sf_malloc_prehunc,sf_malloc_endhunc,sf_malloc_quick; @@ -164,6 +165,7 @@ extern char *my_strdup_with_length(const byte *from, uint length, #define CALLER_INFO_PROTO /* nothing */ #define CALLER_INFO /* nothing */ #define ORIG_CALLER_INFO /* nothing */ +#define TRASH(A,B) /* nothing */ #endif #ifdef HAVE_ALLOCA diff --git a/sql/field.h b/sql/field.h index 50ea1450085..d1c2fa3b6fd 100644 --- a/sql/field.h +++ b/sql/field.h @@ -37,11 +37,7 @@ class Field void operator=(Field &); public: static void *operator new(size_t size) {return (void*) sql_alloc((uint) size); } - static void operator delete(void *ptr_arg, size_t size) { -#ifdef SAFEMALLOC - bfill(ptr_arg, size, 0x8F); -#endif - } + static void operator delete(void *ptr_arg, size_t size) { TRASH(ptr_arg, size); } char *ptr; // Position to field in record uchar *null_ptr; // Byte where null_bit is diff --git a/sql/item.h b/sql/item.h index 8f6d6581884..2c2978e841c 100644 --- a/sql/item.h +++ b/sql/item.h @@ -120,8 +120,9 @@ public: static void *operator new(size_t size) {return (void*) sql_alloc((uint) size); } static void *operator new(size_t size, MEM_ROOT *mem_root) { return (void*) alloc_root(mem_root, (uint) size); } - static void operator delete(void *ptr,size_t size) {} - static void operator delete(void *ptr,size_t size, MEM_ROOT *mem_root) {} + static void operator delete(void *ptr,size_t size) { TRASH(ptr, size); } + static void operator delete(void *ptr,size_t size, MEM_ROOT *mem_root) + { TRASH(ptr, size); } enum Type {FIELD_ITEM, FUNC_ITEM, SUM_FUNC_ITEM, STRING_ITEM, INT_ITEM, REAL_ITEM, NULL_ITEM, VARBIN_ITEM, diff --git a/sql/item_func.h b/sql/item_func.h index 03df78d721d..241240a49ca 100644 --- a/sql/item_func.h +++ b/sql/item_func.h @@ -1035,11 +1035,7 @@ public: table->file->ft_handler=0; table->fulltext_searched=0; } - if (concat) - { - delete concat; - concat= 0; - } + concat= 0; DBUG_VOID_RETURN; } enum Functype functype() const { return FT_FUNC; } diff --git a/sql/opt_range.cc b/sql/opt_range.cc index 6392a2fee32..ab2eb4fdb72 100644 --- a/sql/opt_range.cc +++ b/sql/opt_range.cc @@ -1360,7 +1360,7 @@ public: /* Table read plans are allocated on MEM_ROOT and are never deleted */ static void *operator new(size_t size, MEM_ROOT *mem_root) { return (void*) alloc_root(mem_root, (uint) size); } - static void operator delete(void *ptr,size_t size) {} + static void operator delete(void *ptr,size_t size) { TRASH(ptr, size); } }; class TRP_ROR_INTERSECT; diff --git a/sql/sql_lex.h b/sql/sql_lex.h index fef78a363fe..e99e6138b6d 100644 --- a/sql/sql_lex.h +++ b/sql/sql_lex.h @@ -283,8 +283,9 @@ public: } static void *operator new(size_t size, MEM_ROOT *mem_root) { return (void*) alloc_root(mem_root, (uint) size); } - static void operator delete(void *ptr,size_t size) {} - static void operator delete(void *ptr,size_t size, MEM_ROOT *mem_root) {} + static void operator delete(void *ptr,size_t size) { TRASH(ptr, size); } + static void operator delete(void *ptr,size_t size, MEM_ROOT *mem_root) + { TRASH(ptr, size); } st_select_lex_node(): linkage(UNSPECIFIED_TYPE) {} virtual ~st_select_lex_node() {} inline st_select_lex_node* get_master() { return master; } @@ -820,7 +821,8 @@ struct st_lex_local: public st_lex { return (void*) alloc_root(mem_root, (uint) size); } - static void operator delete(void *ptr,size_t size) {} + static void operator delete(void *ptr,size_t size) + { TRASH(ptr, size); } }; void lex_init(void); diff --git a/sql/sql_list.h b/sql/sql_list.h index 141742c3d4a..657943f1e69 100644 --- a/sql/sql_list.h +++ b/sql/sql_list.h @@ -21,12 +21,6 @@ /* mysql standard class memory allocator */ -#ifdef SAFEMALLOC -#define TRASH(XX,YY) bfill((XX), (YY), 0x8F) -#else -#define TRASH(XX,YY) /* no-op */ -#endif - class Sql_alloc { public: diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 785d5a329ba..c04312f6ded 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -1175,9 +1175,13 @@ end: void free_items(Item *item) { + Item *next; DBUG_ENTER("free_items"); - for (; item ; item=item->next) + for (; item ; item=next) + { + next=item->next; item->delete_self(); + } DBUG_VOID_RETURN; } diff --git a/sql/sql_select.cc b/sql/sql_select.cc index d31305c5dd2..fb8e074ebf8 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -6025,9 +6025,13 @@ static void clear_tables(JOIN *join) class COND_CMP :public ilink { public: - static void *operator new(size_t size) {return (void*) sql_alloc((uint) size); } + static void *operator new(size_t size) + { + return (void*) sql_alloc((uint) size); + } static void operator delete(void *ptr __attribute__((unused)), - size_t size __attribute__((unused))) {} /*lint -e715 */ + size_t size __attribute__((unused))) + { TRASH(ptr, size); } Item *and_level; Item_func *cmp_func; diff --git a/sql/sql_show.cc b/sql/sql_show.cc index 19b5562cb8b..eb9ca43b56a 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -1257,9 +1257,13 @@ view_store_create_info(THD *thd, TABLE_LIST *table, String *buff) class thread_info :public ilink { public: - static void *operator new(size_t size) {return (void*) sql_alloc((uint) size); } + static void *operator new(size_t size) + { + return (void*) sql_alloc((uint) size); + } static void operator delete(void *ptr __attribute__((unused)), - size_t size __attribute__((unused))) {} /*lint -e715 */ + size_t size __attribute__((unused))) + { TRASH(ptr, size); } ulong thread_id; time_t start_time; diff --git a/sql/sql_string.h b/sql/sql_string.h index 2101db40f92..cb9db52c830 100644 --- a/sql/sql_string.h +++ b/sql/sql_string.h @@ -72,9 +72,9 @@ public: static void *operator new(size_t size, MEM_ROOT *mem_root) { return (void*) alloc_root(mem_root, (uint) size); } static void operator delete(void *ptr_arg,size_t size) - {} + { TRASH(ptr_arg, size); } static void operator delete(void *ptr_arg,size_t size, MEM_ROOT *mem_root) - {} + { TRASH(ptr_arg, size); } ~String() { free(); } inline void set_charset(CHARSET_INFO *charset) { str_charset= charset; } |