From 146ba99061505865acbf1a318e78991947da4e72 Mon Sep 17 00:00:00 2001
From: danielk1977 <danielk1977@noemail.net>
Date: Wed, 22 Jul 2009 14:08:13 +0000
Subject: [PATCH] Fix a double-free that can occur after database corruption is
 detected. (CVS 6921)

FossilOrigin-Name: 5260e8b1048af2e00d49706466d9aded90c24ed2
---
 manifest      | 14 +++++++-------
 manifest.uuid |  2 +-
 src/btree.c   |  6 +++---
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/manifest b/manifest
index e4349fbdb4..98fe468e41 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Add\sa\sNEVER()\smacro\saround\sa\spager.c\sconditional\sthat\smust\salways\sbe\sfalse\nin\sthe\scurrent\simplementation.\s(CVS\s6920)
-D 2009-07-22T13:19:20
+C Fix\sa\sdouble-free\sthat\scan\soccur\safter\sdatabase\scorruption\sis\sdetected.\s(CVS\s6921)
+D 2009-07-22T14:08:14
 F Makefile.arm-wince-mingw32ce-gcc fcd5e9cd67fe88836360bb4f9ef4cb7f8e2fb5a0
 F Makefile.in df9359da7a726ccb67a45db905c5447d5c00c6ef
 F Makefile.linux-gcc d53183f4aa6a9192d249731c90dbdffbd2c68654
@@ -106,7 +106,7 @@ F src/auth.c 802a9439dfa0b8c208b10055cba400e82ef18025
 F src/backup.c 6f1c2d9862c8a3feb7739dfcca02c1f5352e37f3
 F src/bitvec.c cfbf6af5b0ababb4f06ed3e75c616dadaf47fcbd
 F src/btmutex.c 0f43a75bb5b8147b386e8e1c3e71ba734e3863b7
-F src/btree.c ece7e39b72fb42af1811c3388bbd0724fec4a664
+F src/btree.c 74655dc71c61130c7328e3cdee3c86b86ce8ce0f
 F src/btree.h 577448a890c2ab9b21e6ab74f073526184bceebe
 F src/btreeInt.h 1c86297e69380f6577e7ae67452597dd8d5c2705
 F src/build.c 867028ee9f63f7bc8eb8d4a720bb98cf9b9a12b4
@@ -741,7 +741,7 @@ F tool/speedtest2.tcl ee2149167303ba8e95af97873c575c3e0fab58ff
 F tool/speedtest8.c 2902c46588c40b55661e471d7a86e4dd71a18224
 F tool/speedtest8inst1.c 293327bc76823f473684d589a8160bde1f52c14e
 F tool/vdbe-compress.tcl 672f81d693a03f80f5ae60bfefacd8a349e76746
-P 7f3fc7f20f6dc205eedbe445e35f5071f1c01185
-R e3ef698fad4351a97409de00b6e0d6d6
-U drh
-Z 371d58c5e4ad95a5753bcee60ee41151
+P 1e510d7fc5cc47fe2714dbb1ed3ea7e90acbff7b
+R 4924080796614e12c97e50a70e0d2fae
+U danielk1977
+Z a8cabae79b26acd1023037532366e880
diff --git a/manifest.uuid b/manifest.uuid
index a2d1b2f47a..1ac2b442fd 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-1e510d7fc5cc47fe2714dbb1ed3ea7e90acbff7b
\ No newline at end of file
+5260e8b1048af2e00d49706466d9aded90c24ed2
\ No newline at end of file
diff --git a/src/btree.c b/src/btree.c
index ddfebd5681..86ab551cac 100644
--- a/src/btree.c
+++ b/src/btree.c
@@ -9,7 +9,7 @@
 **    May you share freely, never taking more than you give.
 **
 *************************************************************************
-** $Id: btree.c,v 1.698 2009/07/22 00:35:24 drh Exp $
+** $Id: btree.c,v 1.699 2009/07/22 14:08:14 danielk1977 Exp $
 **
 ** This file implements a external (disk-based) database using BTrees.
 ** See the header comment on "btreeInt.h" for additional information.
@@ -6830,7 +6830,7 @@ static int clearDatabasePage(
   int freePageFlag,     /* Deallocate page if true */
   int *pnChange
 ){
-  MemPage *pPage = 0;
+  MemPage *pPage;
   int rc;
   unsigned char *pCell;
   int i;
@@ -6841,7 +6841,7 @@ static int clearDatabasePage(
   }
 
   rc = getAndInitPage(pBt, pgno, &pPage);
-  if( rc ) goto cleardatabasepage_out;
+  if( rc ) return rc;
   for(i=0; i<pPage->nCell; i++){
     pCell = findCell(pPage, i);
     if( !pPage->leaf ){