database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-08-07 02:42:48 +03:00
Code Activity

The defragmentPage() routine detects corruption in the first-free-slot fields

Browse Source 
at offset 1 in the header and throws an error, rather than asserting.

FossilOrigin-Name: fb125bd338ab32b33d02fe61b76497b6d4a2a160056d6e759e15c94903e61a41
This commit is contained in:
drh
2019-03-30 18:39:13 +00:00
parent 2c794b15a0
commit 119e1ffc5e
3 changed files with 8 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/btree.c
View File

@@ -1432,11 +1432,7 @@ static int defragmentPage(MemPage *pPage, int nMaxFrag){
** reconstruct the entire page. */
if( (int)data[hdr+7]<=nMaxFrag ){
int iFree = get2byte(&data[hdr+1]);
/* If the initial freeblock offset were out of bounds, that would have
** been detected by btreeComputeFreeSpace() when it was computing the
** number of free bytes on the page. */
assert( iFree<=usableSize-4 );
if( iFree>usableSize-4 ) return SQLITE_CORRUPT_PAGE(pPage);
if( iFree ){
int iFree2 = get2byte(&data[iFree]);
if( iFree2>usableSize-4 ) return SQLITE_CORRUPT_PAGE(pPage);