Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch dbfuzz2-cases Excluding Merge-Ins
This is equivalent to a diff from e3bf1d3ea5 to b386fce9a2
2018-12-13
| ||
21:11 | Add extra tests for database corruption inside the defragmentPage() routine, as dbfuzz2 has found ways for corruption to leak into that point. Add test cases in fuzzdata7.db. (check-in: 997b65117f user: drh tags: trunk) | |
18:30 | Fix the CLI so that the ".open --hexdb" command works even if it is contained in a subscript that is read using ".read". (check-in: 67a87399b8 user: drh tags: trunk) | |
15:52 | Merge the dbtotxt enhancement from trunk. (Closed-Leaf check-in: b386fce9a2 user: drh tags: dbfuzz2-cases) | |
15:06 | Add the "dbtotxt" utility program and the ability to read "dbtotxt" output as a deserialized input database in the CLI, using the --hexdb option to the ".open" command. (check-in: e3bf1d3ea5 user: drh tags: trunk) | |
12:37 | Include OPTS in the build of dbfuzz2. (check-in: eac9c0c496 user: drh tags: trunk) | |
03:36 | New database corruption test cases discovered by dbfuzz2. The new cases have been added to test/fuzzdata7.db, but have not yet all been fixed, so tests will not currently pass. (check-in: b4210d320c user: drh tags: dbfuzz2-cases) | |
Changes to src/btree.c.
︙ | ︙ | |||
1408 1409 1410 1411 1412 1413 1414 | /* This block handles pages with two or fewer free blocks and nMaxFrag ** or fewer fragmented bytes. In this case it is faster to move the ** two (or one) blocks of cells using memmove() and add the required ** offsets to each pointer in the cell-pointer array than it is to ** reconstruct the entire page. */ if( (int)data[hdr+7]<=nMaxFrag ){ int iFree = get2byte(&data[hdr+1]); | < < < < > > | < < < | | | | | | | 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 | /* This block handles pages with two or fewer free blocks and nMaxFrag ** or fewer fragmented bytes. In this case it is faster to move the ** two (or one) blocks of cells using memmove() and add the required ** offsets to each pointer in the cell-pointer array than it is to ** reconstruct the entire page. */ if( (int)data[hdr+7]<=nMaxFrag ){ int iFree = get2byte(&data[hdr+1]); /* If the initial freeblock offset were out of bounds, that would ** have been detected by btreeInitPage() when it was computing the ** number of free bytes on the page. */ assert( iFree<=usableSize-4 ); if( iFree ){ int iFree2 = get2byte(&data[iFree]); if( iFree2>usableSize-4 ) return SQLITE_CORRUPT_PAGE(pPage); if( 0==iFree2 || (data[iFree2]==0 && data[iFree2+1]==0) ){ u8 *pEnd = &data[cellOffset + nCell*2]; u8 *pAddr; int sz2 = 0; int sz = get2byte(&data[iFree+2]); int top = get2byte(&data[hdr+5]); if( top>=iFree ){ return SQLITE_CORRUPT_PAGE(pPage); } if( iFree2 ){ if( iFree+sz>iFree2 ) return SQLITE_CORRUPT_PAGE(pPage); sz2 = get2byte(&data[iFree2+2]); if( iFree2+sz2 > usableSize ) return SQLITE_CORRUPT_PAGE(pPage); memmove(&data[iFree+sz+sz2], &data[iFree+sz], iFree2-(iFree+sz)); sz += sz2; } cbrk = top+sz; assert( cbrk+(iFree-top) <= usableSize ); memmove(&data[cbrk], &data[top], iFree-top); for(pAddr=&data[cellOffset]; pAddr<pEnd; pAddr+=2){ |
︙ | ︙ |
Changes to test/fuzzdata7.db.
cannot compute difference between binary files