More robust handling of corrupt database file in the rebalance operation of

the btree logic. FossilOrigin-Name: 97704cb7d29fa7cc4ea9a6761a7844c1946d637ea2b22d287fc787ae0f63c407
2025-08-08 14:02:16 +03:00 · 2019-01-29 16:41:13 +00:00
parent e25646d64c
commit a046643820
4 changed files with 20 additions and 12 deletions
--- a/16
+++ b/16
@@ -1,5 +1,5 @@
-C Avoid\san\sinteger\soverflow\sin\sthe\sfts5\ssnippet()\sfunction\striggered\sby\sa\scorrupt\sdatabase\srecord.
+C More\srobust\shandling\sof\scorrupt\sdatabase\sfile\sin\sthe\srebalance\soperation\sof\nthe\sbtree\slogic.
-D 2019-01-29T16:34:45.443
+D 2019-01-29T16:41:13.847
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F Makefile.in 9947eae873c07ae894d4c8633b76c0a0daca7b9fd54401096a77d1a6c7b74359
@@ -455,7 +455,7 @@ F src/auth.c 0fac71038875693a937e506bceb492c5f136dd7b1249fbd4ae70b4e8da14f9df
 F src/backup.c 78d3cecfbe28230a3a9a1793e2ead609f469be43e8f486ca996006be551857ab
 F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33
 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6
-F src/btree.c 3378f2f410af2db1c4603fb085d71139811a7c86f8de8511da3acbae984c1cf4
+F src/btree.c af023d6caa0957c707719a1b609e80c81bf6a3ee1729921e4ae2444d66c3ee1f
 F src/btree.h febb2e817be499570b7a2e32a9bbb4b607a9234f6b84bb9ae84916d4806e96f2
 F src/btreeInt.h cd82f0f08886078bf99b29e1a7045960b1ca5d9d5829c38607e1299c508eaf00
 F src/build.c f07c0b154c23737d1699ee63bba31c8ca8b323e2446b957bc6bfec81a62295fc
@@ -992,7 +992,7 @@ F test/fuzzdata4.db b502c7d5498261715812dd8b3c2005bad08b3a26e6489414bd13926cd3e4
 F test/fuzzdata5.db e35f64af17ec48926481cfaf3b3855e436bd40d1cfe2d59a9474cb4b748a52a5
 F test/fuzzdata6.db 92a80e4afc172c24f662a10a612d188fb272de4a9bd19e017927c95f737de6d7
 F test/fuzzdata7.db 3fc78e65dfe0be9df9e262075d5a335f18f627da47dfc691d1a7b822f34d4b99
-F test/fuzzdata8.db 946a59b0b322b560fdcb22707ecb1e4dfaca2f5ac5115315c4b29c9d912a54c2
+F test/fuzzdata8.db c1a6960cf891c6f4a85ea07beff8927c1c8934fc662974b4b1b2e6c6d8b66b7c
 F test/fuzzer1.test 3d4c4b7e547aba5e5511a2991e3e3d07166cfbb8
 F test/fuzzer2.test a85ef814ce071293bce1ad8dffa217cbbaad4c14
 F test/fuzzerfault.test 8792cd77fd5bce765b05d0c8e01b9edcf8af8536
@@ -1804,7 +1804,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 9d58a15737f7379fed724749cfd5b4de5b44231870e99fc664683ad483c3e6ba
+P 7c862c4655841e1263cf548d01f5b4331685ab7d396494891cad0a5f50c63e16
-R f9b47c0d05c57f00332b53dd657e7eed
+R 96aafeb8260648211b6bea0fb008afe8
-U dan
+U drh
-Z bb520f4b6056204d5dc48f97f21ffc56
+Z bef176324bb0771b0a0008f0c29c6e8d
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-7c862c4655841e1263cf548d01f5b4331685ab7d396494891cad0a5f50c63e16
+97704cb7d29fa7cc4ea9a6761a7844c1946d637ea2b22d287fc787ae0f63c407
--- a/src/btree.c
+++ b/src/btree.c
@@ -6814,7 +6814,7 @@ static int rebuildPage(
  const int usableSize = pPg->pBt->usableSize;
  u8 * const pEnd = &aData[usableSize];
  int i = iFirst;                 /* Which cell to copy from pCArray*/
-  int j;                          /* Start of cell content area */
+  u32 j;                          /* Start of cell content area */
  int iEnd = i+nCell;             /* Loop terminator */
  u8 *pCellptr = pPg->aCellIdx;
  u8 *pTmp = sqlite3PagerTempSpace(pPg->pBt->pPager);
@@ -6824,6 +6824,7 @@ static int rebuildPage(
  assert( i<iEnd );
  j = get2byte(&aData[hdr+5]);
  if( NEVER(j>usableSize) ){ j = 0; }
  memcpy(&pTmp[j], &aData[j], usableSize - j);
  for(k=0; pCArray->ixNx[k]<=i && ALWAYS(k<NB*2); k++){}
@@ -7003,7 +7004,7 @@ static int pageFreeArray(
 }
 /*
-** pCArray contains pointers to and sizes of all cells in the pages being
+** pCArray contains pointers to and sizes of all cells in the page being
 ** balanced.  The current page, pPg, has pPg->nCell cells starting with
 ** pCArray->apCell[iOld].  After balancing, this page should hold nNew cells
 ** starting at apCell[iNew].
@@ -7037,13 +7038,17 @@ static int editPage(
 #endif
  /* Remove cells from the start and end of the page */
  assert( nCell>=0 );
  if( iOld<iNew ){
    int nShift = pageFreeArray(pPg, iOld, iNew-iOld, pCArray);
    if( nShift>nCell ) return SQLITE_CORRUPT_BKPT;
    memmove(pPg->aCellIdx, &pPg->aCellIdx[nShift*2], nCell*2);
    nCell -= nShift;
  }
  if( iNewEnd < iOldEnd ){
-    nCell -= pageFreeArray(pPg, iNewEnd, iOldEnd - iNewEnd, pCArray);
+    int nTail = pageFreeArray(pPg, iNewEnd, iOldEnd - iNewEnd, pCArray);
    assert( nCell>=nTail );
    nCell -= nTail;
  }
  pData = &aData[get2byteNotZero(&aData[hdr+5])];
@@ -7053,6 +7058,7 @@ static int editPage(
  if( iNew<iOld ){
    int nAdd = MIN(nNew,iOld-iNew);
    assert( (iOld-iNew)<nNew || nCell==0 || CORRUPT_DB );
    assert( nAdd>=0 );
    pCellptr = pPg->aCellIdx;
    memmove(&pCellptr[nAdd*2], pCellptr, nCell*2);
    if( pageInsertArray(
@@ -7067,6 +7073,7 @@ static int editPage(
    int iCell = (iOld + pPg->aiOvfl[i]) - iNew;
    if( iCell>=0 && iCell<nNew ){
      pCellptr = &pPg->aCellIdx[iCell * 2];
      assert( nCell>=iCell );
      memmove(&pCellptr[2], pCellptr, (nCell - iCell) * 2);
      nCell++;
      if( pageInsertArray(
@@ -7077,6 +7084,7 @@ static int editPage(
  }
  /* Append cells to the end of the page */
  assert( nCell>=0 );
  pCellptr = &pPg->aCellIdx[nCell*2];
  if( pageInsertArray(
        pPg, pBegin, &pData, pCellptr,
--- a/test/fuzzdata8.db
+++ b/test/fuzzdata8.db
		`@@ -1 +1 @@`
			`7c862c4655841e1263cf548d01f5b4331685ab7d396494891cad0a5f50c63e16`				`97704cb7d29fa7cc4ea9a6761a7844c1946d637ea2b22d287fc787ae0f63c407`