Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix an assert() in btree routine freeSpace() that may be false if the database is corrupt. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
00a473c56188cd60a74559effb114140 |
| User & Date: | dan 2015-05-25 15:03:49 |
Context
|
2015-05-25
| ||
| 17:07 | Fix a case where database corruption may cause SQLite to write past the end of a buffer. (check-in: 97806a7814 user: dan tags: trunk) | |
| 15:03 | Fix an assert() in btree routine freeSpace() that may be false if the database is corrupt. (check-in: 00a473c561 user: dan tags: trunk) | |
| 10:57 | Fix an fts4 matchinf() problem triggered by deferred tokens that are part of phrases that are part of AND expressions. (check-in: f1e942a1dd user: dan tags: trunk) | |
Changes
Changes to src/btree.c.
1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 |
u16 iOrigSize = iSize; /* Original value of iSize */ u32 iLast = pPage->pBt->usableSize-4; /* Largest possible freeblock offset */ u32 iEnd = iStart + iSize; /* First byte past the iStart buffer */ unsigned char *data = pPage->aData; /* Page content */ assert( pPage->pBt!=0 ); assert( sqlite3PagerIswriteable(pPage->pDbPage) ); assert( iStart>=pPage->hdrOffset+6+pPage->childPtrSize ); assert( CORRUPT_DB || iEnd <= pPage->pBt->usableSize ); assert( sqlite3_mutex_held(pPage->pBt->mutex) ); assert( iSize>=4 ); /* Minimum cell size is 4 */ assert( iStart<=iLast ); /* Overwrite deleted information with zeros when the secure_delete ** option is enabled */ |
| |
1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 |
u16 iOrigSize = iSize; /* Original value of iSize */
u32 iLast = pPage->pBt->usableSize-4; /* Largest possible freeblock offset */
u32 iEnd = iStart + iSize; /* First byte past the iStart buffer */
unsigned char *data = pPage->aData; /* Page content */
assert( pPage->pBt!=0 );
assert( sqlite3PagerIswriteable(pPage->pDbPage) );
assert( CORRUPT_DB || iStart>=pPage->hdrOffset+6+pPage->childPtrSize );
assert( CORRUPT_DB || iEnd <= pPage->pBt->usableSize );
assert( sqlite3_mutex_held(pPage->pBt->mutex) );
assert( iSize>=4 ); /* Minimum cell size is 4 */
assert( iStart<=iLast );
/* Overwrite deleted information with zeros when the secure_delete
** option is enabled */
|
Changes to test/corruptI.test.
101 102 103 104 105 106 107 108 |
db close
sqlite3 db test.db
do_catchsql_test 3.3 {
INSERT INTO t1 VALUES(9, 'klmnopqrst');
} {1 {database disk image is malformed}}
} ;# end-if !defined(ENABLE_OVERSIZE_CELL_CHECK)
finish_test
|
> > > > > > > > > > > > > > > > > > > > > > > > > > |
101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 |
db close
sqlite3 db test.db
do_catchsql_test 3.3 {
INSERT INTO t1 VALUES(9, 'klmnopqrst');
} {1 {database disk image is malformed}}
} ;# end-if !defined(ENABLE_OVERSIZE_CELL_CHECK)
#-------------------------------------------------------------------------
# Test that an assert() failure discovered by AFL corrupt database file
# testing has been fixed.
#
reset_db
do_execsql_test 4.0 {
PRAGMA page_size = 65536;
PRAGMA autovacuum = 0;
CREATE TABLE t1(a INTEGER PRIMARY KEY, b);
INSERT INTO t1 VALUES(-1, 'abcdefghij');
INSERT INTO t1 VALUES(0, 'abcdefghij');
}
set root [db one {SELECT rootpage FROM sqlite_master}]
set offset [expr ($root-1) * 65536]
do_test 4.1 {
db close
hexio_write test.db [expr $offset + 8 + 2] 0000
hexio_write test.db [expr $offset + 5] 0000
sqlite3 db test.db
execsql { DELETE FROM t1 WHERE a=0 }
} {}
finish_test
|