/ Changes On Branch fuzzcheck-fix
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Changes In Branch fuzzcheck-fix Excluding Merge-Ins

This is equivalent to a diff from 18740bd448 to 3036fd71ac

2018-12-14
03:16
Report corruption when an attempt is made to write a pointer-map page that is also being used as a btree page. Also, fix a bug in fuzzcheck that cause it to overlook a pointer-map bug that was trigger by the fuzzcheck test data, and also fix the pointer-map bug. (check-in: cc42dd1510 user: drh tags: trunk)
03:14
Detect when an attempt is made to write to a pointer map page that is also being used as a btree page and report corruption. (Closed-Leaf check-in: 3036fd71ac user: drh tags: fuzzcheck-fix)
02:29
Fix a bug in the custom in-memory VFS used by fuzzcheck. This bug masks other bugs that should have caused some existing fuzzdata7.db entries to fail, and so this fix is initially on a branch until those other bugs can be repaired. (check-in: e0994e9995 user: drh tags: fuzzcheck-fix)
2018-12-13
22:58
Fix the dbtotxt decoder in the CLI so that it ignores excess bytes. (check-in: 18740bd448 user: drh tags: trunk)
21:52
dbfuzz2 found a NEVER() that is sometimes true. (check-in: 1201615cbb user: drh tags: trunk)

Changes to src/btree.c.

987
988
989
990
991
992
993







994
995
996
997
998
999
1000
    return;
  }
  iPtrmap = PTRMAP_PAGENO(pBt, key);
  rc = sqlite3PagerGet(pBt->pPager, iPtrmap, &pDbPage, 0);
  if( rc!=SQLITE_OK ){
    *pRC = rc;
    return;







  }
  offset = PTRMAP_PTROFFSET(iPtrmap, key);
  if( offset<0 ){
    *pRC = SQLITE_CORRUPT_BKPT;
    goto ptrmap_exit;
  }
  assert( offset <= (int)pBt->usableSize-5 );







>
>
>
>
>
>
>







987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
    return;
  }
  iPtrmap = PTRMAP_PAGENO(pBt, key);
  rc = sqlite3PagerGet(pBt->pPager, iPtrmap, &pDbPage, 0);
  if( rc!=SQLITE_OK ){
    *pRC = rc;
    return;
  }
  if( ((char*)sqlite3PagerGetExtra(pDbPage))[0]!=0 ){
    /* The first byte of the extra data is the MemPage.isInit byte.
    ** If that byte is set, it means this page is also being used
    ** as a btree page. */
    *pRC = SQLITE_CORRUPT_BKPT;
    goto ptrmap_exit;
  }
  offset = PTRMAP_PTROFFSET(iPtrmap, key);
  if( offset<0 ){
    *pRC = SQLITE_CORRUPT_BKPT;
    goto ptrmap_exit;
  }
  assert( offset <= (int)pBt->usableSize-5 );

Changes to test/fuzzcheck.c.

443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
  if( iOfst<0 || iOfst>=pVFile->sz ){
    memset(pData, 0, iAmt);
    return SQLITE_IOERR_SHORT_READ;
  }
  if( iOfst+iAmt>pVFile->sz ){
    memset(pData, 0, iAmt);
    iAmt = (int)(pVFile->sz - iOfst);
    memcpy(pData, pVFile->a, iAmt);
    return SQLITE_IOERR_SHORT_READ;
  }
  memcpy(pData, pVFile->a + iOfst, iAmt);
  return SQLITE_OK;
}
static int inmemWrite(
  sqlite3_file *pFile,   /* Write to this file */







|







443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
  if( iOfst<0 || iOfst>=pVFile->sz ){
    memset(pData, 0, iAmt);
    return SQLITE_IOERR_SHORT_READ;
  }
  if( iOfst+iAmt>pVFile->sz ){
    memset(pData, 0, iAmt);
    iAmt = (int)(pVFile->sz - iOfst);
    memcpy(pData, pVFile->a + iOfst, iAmt);
    return SQLITE_IOERR_SHORT_READ;
  }
  memcpy(pData, pVFile->a + iOfst, iAmt);
  return SQLITE_OK;
}
static int inmemWrite(
  sqlite3_file *pFile,   /* Write to this file */