database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-08-08 14:02:16 +03:00
Code Activity

Back out changes [00286ca5d998d802] and [6844ede29e1dac93] (replacing the

Browse Source 
associated branches with NEVER()) and add a single new test to
btreeOverwriteCell() that detects when an overflow pages is also mapped
into a b-tree page and raises and immediate SQLITE_CORRUPT error before
making any changes.
dbsqlfuzz 81791bd980fe6935ff2c7334ec8bef11c1c12b82 and others.

FossilOrigin-Name: 32210fa4ac4f06e1705ef808731c7be040a23f9a8630986440100c5d4e76dc07
This commit is contained in:
drh
2021-09-10 01:02:42 +00:00
parent 3acb3b7845
commit 7f58117921
4 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/btree.c
View File

@@ -7096,7 +7096,7 @@ static int rebuildPage(
assert( i<iEnd );
j = get2byte(&aData[hdr+5]);
if( j>(u32)usableSize ){ j = 0; }
if( NEVER(j>(u32)usableSize) ){ j = 0; }
memcpy(&pTmp[j], &aData[j], usableSize - j);
for(k=0; pCArray->ixNx[k]<=i && ALWAYS(k<NB*2); k++){}
@@ -7327,7 +7327,7 @@ static int editPage(
pData = &aData[get2byteNotZero(&aData[hdr+5])];
if( pData<pBegin ) goto editpage_fail;
if( pData>pPg->aDataEnd ) goto editpage_fail;
if( NEVER(pData>pPg->aDataEnd) ) goto editpage_fail;
/* Add cells to the start of the page */
if( iNew<iOld ){
@@ -8733,7 +8733,7 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){
do{
rc = btreeGetPage(pBt, ovflPgno, &pPage, 0);
if( rc ) return rc;
if( sqlite3PagerPageRefcount(pPage->pDbPage)!=1 ){
if( sqlite3PagerPageRefcount(pPage->pDbPage)!=1 || pPage->isInit ){
rc = SQLITE_CORRUPT_BKPT;
}else{
if( iOffset+ovflPageSize<(u32)nTotal ){