database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-07-29 08:01:23 +03:00
Code Activity

Fix a problem causing an infinite loop in the recovery extension when processing a corrupt free-block list.

Browse Source 
FossilOrigin-Name: 5a516c6c7a25cec4d0a0cca530017a3299f7a332319f3e1f7cf12f53c32b88ca
This commit is contained in:
dan
2023-05-31 11:03:17 +00:00
parent 8eb9c06e65
commit d8091fe979
4 changed files with 192 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

182
ext/recover/recovercorrupt2.test
View File

@ -342,5 +342,187 @@ do_test 6.3 {
list [catch { $R finish } msg] $msg
} {0 {}}
reset_db
breakpoint
do_test 7.0 {
sqlite3 db {}
db deserialize [decode_hexdb {
| size 4108 pagesize 4096 filename x1.db
| page 1 offset 0
| 0: 02 01 00 00 00 00 14 15 40 00 00 00 00 00 00 00 ........@.......
| 16: 33 3a 6d 65 6d 6f 72 79 3a 02 02 02 02 02 02 02 3:memory:.......
| 32: 02 02 02 02 02 02 12 02 02 02 63 6f 6c 6f 72 20 ..........color
| 48: 73 70 61 63 00 f3 a0 81 a1 00 00 a0 02 02 02 02 spac............
| 64: 69 95 73 6f 36 00 ff 0d 00 97 8c 90 3f 0a 70 02 i.so6.......?.p.
| 80: 02 02 02 02 02 02 02 02 02 02 02 02 02 01 00 00 ................
| 96: 06 02 02 02 02 5f 02 02 02 2c 02 02 02 02 02 02 ....._...,......
| 112: 02 02 02 02 02 02 02 02 02 12 02 02 02 63 6f 6c .............col
| 128: 6f 72 20 73 70 61 63 00 f3 a0 81 a1 00 00 a0 02 or spac.........
| 144: 02 02 02 69 95 73 6f 36 00 ff 0d 00 97 8c 90 3f ...i.so6.......?
| 160: 0a 70 02 02 02 02 02 02 02 02 02 02 02 02 02 02 .p..............
| 176: 01 00 00 06 02 02 02 02 5f 02 02 02 2c 02 02 00 ........_...,...
| 192: 00 01 00 01 00 00 00 01 00 02 fe 00 00 03 00 01 ................
| 208: 00 00 00 01 c5 04 00 00 00 01 00 01 00 00 00 01 ................
| 224: 00 fa 02 00 00 00 03 00 01 00 00 00 81 00 04 00 ................
| 240: 00 00 01 00 01 00 00 00 01 00 02 00 fe 00 03 00 ................
| 256: 01 00 00 00 01 00 04 00 00 00 01 00 01 00 00 00 ................
| 272: 01 00 02 00 00 00 03 00 01 00 00 00 01 00 04 00 ................
| 288: 00 00 01 00 01 00 00 00 01 00 02 00 00 00 03 00 ................
| 304: 01 00 00 00 01 00 04 00 00 00 01 00 01 00 00 00 ................
| 320: 01 00 02 00 00 00 03 00 01 00 00 00 40 00 84 00 ............@...
| 336: 84 00 84 00 01 00 00 00 09 00 06 00 f5 00 01 00 ................
| 352: 08 01 03 00 03 00 62 00 62 00 23 00 01 00 62 00 ......b.b.#...b.
| 368: 04 00 1e 00 62 00 62 00 62 00 01 00 00 00 0a 00 ....b.b.b.......
| 384: 01 00 03 00 01 00 03 00 04 00 02 00 01 00 01 00 ................
| 400: 08 00 01 00 31 c6 00 03 00 0c 00 12 00 18 00 02 ....1...........
| 416: 00 05 00 08 00 02 00 06 00 08 00 02 00 07 00 08 ................
| 432: 00 02 00 01 00 01 00 08 00 01 00 0c 00 03 00 16 ................
| 448: 00 1c 00 22 00 01 00 03 00 05 00 06 00 07 00 02 ................
| 464: 00 05 00 09 00 02 00 06 00 09 00 02 00 07 00 09 ................
| 480: 00 00 00 00 01 00 05 00 00 00 01 00 01 00 00 00 ................
| 496: 01 00 02 00 00 00 03 00 01 00 00 00 01 00 04 00 ................
| 512: 00 00 01 00 01 00 00 00 01 00 02 00 00 00 03 00 ................
| 528: 01 00 00 00 01 00 04 00 00 00 01 00 01 00 00 00 ................
| 544: 01 00 02 00 00 f6 03 00 00 02 00 00 01 00 04 00 ................
| 560: 00 00 01 00 01 00 00 00 01 00 02 00 00 00 03 00 ................
| 576: 01 00 00 00 01 00 04 00 00 00 01 00 01 00 00 00 ................
| 592: 01 00 02 00 00 00 03 00 01 00 00 00 01 00 04 00 ................
| 608: 00 00 01 00 01 00 00 00 01 00 02 00 00 00 03 00 ................
| 624: 01 00 00 00 01 00 04 00 00 00 01 00 01 00 00 00 ................
| 640: 01 3d 02 00 00 00 03 00 06 00 00 00 01 00 01 00 .=..............
| 656: 00 00 01 00 01 00 00 00 01 00 02 00 00 00 03 00 ................
| 672: 01 00 00 00 01 00 04 00 00 00 01 00 01 00 00 00 ................
| 688: 01 00 02 00 00 00 55 52 4c 52 65 71 75 65 73 74 ......URLRequest
| 704: 43 6f 6e 00 00 00 01 01 0e d4 00 04 00 00 00 01 Con.............
| 720: 0e f8 00 04 00 00 00 01 0f 1c 00 04 00 00 00 01 ................
| 736: 0f 00 00 01 00 00 00 01 0f 86 00 01 00 00 00 01 ................
| 752: 0f 84 00 01 00 00 00 01 00 00 01 0f c0 00 01 00 ................
| 768: 00 00 01 0f e8 00 d6 0f 00 01 6f 00 02 0f d6 00 ..........o.....
| 784: 02 34 03 03 03 00 01 00 00 00 01 00 05 00 00 00 .4..............
| 800: 01 00 01 00 00 00 01 00 02 00 00 00 03 00 01 00 ................
| 816: 00 00 01 00 04 00 00 00 01 00 01 00 00 00 01 00 ................
| 832: 02 00 00 00 03 00 01 00 10 00 01 00 04 00 00 00 ................
| 848: 01 00 01 00 00 00 01 00 02 00 00 00 03 00 00 02 ................
| 864: 00 00 01 40 04 00 00 03 01 00 01 00 00 00 01 00 ...@............
| 880: 02 00 00 00 03 00 01 00 00 00 00 00 01 0e f8 00 ................
| 896: 04 77 4f 46 32 73 40 23 70 00 00 00 70 00 1f 00 .wOF2s@#p...p...
| 912: 00 00 d8 00 00 00 ff ff 00 00 00 00 43 00 00 00 ............C...
| 928: 00 00 ff ff ff ff ff 00 00 a8 00 00 0c 00 00 00 ................
| 1024: 00 00 00 00 00 00 00 00 00 00 10 22 00 22 0f 00 ................
| 1040: 00 00 00 00 00 00 10 22 00 00 70 00 1f 00 00 0f ..........p.....
| 1056: d8 00 00 00 00 00 00 00 00 00 03 00 00 00 00 00 ................
| 1072: 00 01 00 00 00 3f 23 70 00 00 00 01 0f 1c 00 04 .....?#p........
| 1088: 00 00 00 01 0f 40 00 01 00 00 00 01 0f 86 00 01 .....@..........
| 1104: 00 00 00 01 0f 84 00 01 00 00 00 01 00 00 01 0f ................
| 1120: c0 00 01 00 00 00 01 0f e8 00 01 0f d6 00 6f 00 ..............o.
| 1136: 02 0f d6 00 03 02 31 03 2b 03 2a f2 00 0f d4 00 ......1.+.*.....
| 1152: 01 00 08 00 01 00 04 03 2b 00 02 02 32 00 01 0f ........+...2...
| 1168: c8 01 15 00 02 20 c8 00 02 12 ad 02 00 24 06 c0 ..... .......$..
| 1184: 00 00 00 03 00 00 01 24 00 2a 06 e4 00 00 00 03 .......$.*......
| 1200: 00 00 01 25 00 38 07 0e 00 00 00 03 00 00 01 26 ...%.8.........&
| 1216: 00 34 07 46 00 00 00 03 00 00 01 27 00 1c 07 7a .4.F.......'...z
| 1232: 00 00 00 03 00 00 01 28 00 2a 07 96 00 00 00 03 .......(.*......
| 1248: 00 e5 01 29 00 34 07 c0 00 00 00 03 00 00 01 2a ...).4.........*
| 1264: 67 34 07 f4 00 00 00 03 00 00 01 2b 00 22 08 28 g4.........+...(
| 1280: 00 00 00 00 01 00 01 00 00 00 01 00 02 00 00 00 ................
| 1296: 03 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 ................
| 1312: 01 00 00 00 01 00 02 00 00 00 03 00 00 02 00 00 ................
| 1328: 01 00 04 00 00 00 01 00 01 00 00 00 01 00 02 00 ................
| 1344: 00 00 03 00 01 00 00 00 01 00 04 00 00 00 01 00 ................
| 1360: 01 00 00 00 01 00 02 00 00 00 03 00 01 00 00 21 ...............!
| 1376: 04 00 01 00 00 00 00 00 01 00 00 00 01 00 02 00 ................
| 1392: 00 00 03 00 01 00 00 00 01 00 04 00 00 00 01 00 ................
| 1408: 01 00 00 00 01 00 02 00 00 00 03 00 01 00 00 00 ................
| 1424: 01 00 05 00 00 00 01 00 01 00 00 01 00 02 02 02 ................
| 1440: 12 02 02 02 63 6f 6c 6f 72 20 73 70 61 63 00 f3 ....color spac..
| 1456: a0 81 a1 00 00 a0 02 02 02 02 69 95 73 6f 36 00 ..........i.so6.
| 1472: ff 0d 00 97 8c 90 3f 0a 70 02 02 02 02 02 02 02 ......?.p.......
| 1488: 02 02 02 02 02 02 02 01 00 00 06 02 02 02 02 5f ..............._
| 1504: 02 02 02 2c 02 02 00 00 01 00 01 00 00 00 01 00 ...,............
| 1520: 02 fe 00 00 03 00 01 00 00 00 01 c5 04 00 00 00 ................
| 1536: 01 00 01 00 00 00 01 00 02 00 00 00 03 00 01 00 ................
| 1552: 00 00 81 00 04 00 00 00 01 00 01 00 00 00 01 00 ................
| 1568: 02 00 fe 00 03 00 01 00 00 00 01 00 04 00 00 00 ................
| 1584: 01 00 01 00 00 00 01 00 02 00 00 00 03 00 01 00 ................
| 1600: 00 00 01 00 04 00 00 00 01 00 01 00 00 00 01 00 ................
| 1616: 02 00 00 00 03 00 01 00 00 00 01 00 04 00 00 00 ................
| 1632: 01 00 01 00 00 00 01 00 02 00 00 00 03 00 01 00 ................
| 1648: 00 00 40 00 84 00 84 00 84 00 01 00 00 00 09 00 ..@.............
| 1664: 06 00 f5 00 01 00 08 01 03 15 15 15 15 15 15 15 ................
| 1680: 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 ................
| 1696: 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 ................
| 1712: 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 ................
| 1728: 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 ................
| 1744: 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 ................
| 1760: 15 15 15 15 15 15 15 15 15 15 15 00 03 00 62 00 ..............b.
| 1776: 62 00 23 00 01 00 62 00 04 00 1e 00 62 00 62 00 b.#...b.....b.b.
| 1792: 62 00 01 00 00 00 0a 00 01 00 03 00 01 00 03 00 b...............
| 1808: 04 00 02 00 01 00 01 00 08 00 01 00 31 c6 00 03 ............1...
| 1824: 00 0c 00 12 00 18 00 02 00 05 00 08 00 02 00 06 ................
| 1840: 00 08 00 02 00 07 00 08 00 02 00 01 00 01 00 08 ................
| 1856: 00 01 00 0c 00 03 00 16 00 1c 00 22 00 01 00 03 ................
| 1872: 00 05 00 06 00 07 00 02 00 05 00 09 00 02 00 06 ................
| 1888: 00 09 00 02 00 07 00 09 00 00 00 00 01 00 05 00 ................
| 1904: 00 00 01 00 01 00 00 00 01 00 02 00 00 00 03 00 ................
| 1920: 01 00 00 00 01 00 04 00 00 00 01 00 01 00 00 00 ................
| 1936: 01 00 02 00 00 00 03 00 01 00 00 00 01 00 04 00 ................
| 1952: 00 00 01 0f d6 00 02 34 03 03 03 00 01 00 00 00 .......4........
| 1968: 01 00 05 00 00 00 01 00 01 00 00 00 01 00 02 00 ................
| 1984: 00 00 03 00 01 00 00 00 01 00 04 00 00 00 01 00 ................
| 2000: 01 00 00 00 01 00 02 fc 42 dc 19 5c 74 23 18 cd ........B...t#..
| 2016: b3 a5 a8 7a 90 40 1d 66 12 5d e5 4f 85 00 68 f4 ...z.@.f.].O..h.
| 2032: 05 98 86 25 24 dd bc c2 f6 f6 4e a3 e2 61 d2 c6 ...%$.....N..a..
| 2048: aa c1 56 50 d4 80 82 35 f1 e2 59 41 50 a6 da 51 ..VP...5..YAP..Q
| 2064: d4 62 9c 19 94 58 aa 31 30 8a 22 c2 5f 33 2b c9 .b...X.10..._3+.
| 2080: b6 e6 b4 11 4e 51 82 c4 d8 b6 d8 b4 06 04 fb 68 ....NQ.........h
| 2096: f4 d2 6f e7 cb 8a a8 82 d5 74 00 00 00 00 00 00 ..o......t......
| 2368: 00 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 ................
| 2432: 00 00 00 00 00 03 00 01 00 10 00 01 00 04 00 00 ................
| 2448: 00 01 00 01 00 00 00 01 00 02 00 00 00 03 00 00 ................
| 2464: 02 00 00 01 40 04 00 00 03 01 00 01 00 00 00 01 ....@...........
| 2480: 00 02 00 00 00 03 00 01 00 00 00 00 00 01 0e f8 ................
| 2496: 00 04 77 4f 46 32 73 40 23 70 00 00 00 70 00 1f ..wOF2s@#p...p..
| 2512: 00 00 00 d8 00 00 00 ff ff 00 00 00 00 43 00 00 .............C..
| 2528: 00 00 00 ff ff ff ff ff 00 00 a8 00 00 0c 00 00 ................
| 2624: 00 00 00 00 00 00 00 00 00 00 00 10 22 00 22 0f ................
| 2640: 00 00 00 00 00 00 00 10 22 00 00 70 00 1f 00 00 ...........p....
| 2656: 0f d8 00 00 00 00 00 00 00 00 00 03 00 00 00 00 ................
| 2672: 00 00 01 00 00 00 3f 23 70 00 00 00 01 0f 1c 00 ......?#p.......
| 2688: 04 00 00 00 01 0f 40 00 01 00 00 00 01 0f 86 00 ......@.........
| 2704: 01 00 00 00 01 0f 84 00 01 00 00 00 01 00 00 01 ................
| 2720: 0f c0 00 01 00 00 00 01 0f e8 00 01 0f d6 00 6f ...............o
| 2736: 00 02 0f d6 00 03 02 31 03 2b 03 2a f2 00 0f d4 .......1.+.*....
| 2752: 00 01 00 08 00 01 00 04 03 2b 00 02 02 32 00 01 .........+...2..
| 2768: 0f c8 01 15 00 02 20 c8 00 02 12 ad 02 00 24 06 ...... .......$.
| 2784: c0 00 00 5a 03 00 00 01 24 00 2a 06 e4 00 00 00 ...Z....$.*.....
| 2800: 03 00 00 01 25 00 38 07 0e 00 00 00 03 00 00 01 ....%.8.........
| 2816: 26 00 34 07 46 00 00 00 03 00 00 01 27 00 1c 07 &.4.F.......'...
| 2832: 7a 00 00 00 03 00 00 01 28 00 2a 07 96 00 00 00 z.......(.*.....
| 2848: 03 00 e5 01 29 00 34 07 c0 00 00 00 03 00 00 01 ....).4.........
| 2864: 2a 67 34 07 f4 00 00 00 03 00 00 01 2b 00 22 08 *g4.........+...
| 2880: 28 00 00 00 00 01 00 01 00 00 00 01 00 02 00 00 (...............
| 2896: 00 03 00 01 00 00 00 01 00 00 00 01 00 00 00 01 ................
| 2912: 00 01 00 00 00 01 00 02 00 00 00 03 00 00 02 00 ................
| 2928: 00 01 00 04 00 00 00 01 00 01 00 00 00 00 00 00 ................
| 2992: 00 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .H..............
| 3504: 00 00 00 00 00 00 00 00 00 00 00 97 00 00 00 00 ................
| 3904: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 ................
| 3920: 03 fe 00 00 01 36 00 3c 0a 38 00 00 00 03 00 00 .....6.<.8......
| 3936: 01 37 00 20 0a 74 00 00 00 fb ff ff 00 38 00 2a .7. .t.......8.*
| 3952: 0a 94 00 00 00 03 00 00 01 39 4f 54 54 4f 00 0e .........9OTTO..
| 3968: 00 80 00 03 00 60 43 46 46 20 e3 ae 89 2a 00 00 .....`CFF ...*..
| 3984: 02 b0 00 00 02 76 42 50 4f 53 00 15 00 0a 00 00 .....vBPOS......
| 4000: 05 28 00 00 00 0c 54 53 55 42 c9 70 c3 06 00 00 .(....TSUB.p....
| 4016: 05 34 1f 00 40 00 48 00 00 00 00 00 00 00 00 00 .4..@.H.........
| 4064: 00 00 00 00 00 08 00 01 00 01 00 01 00 01 00 06 ................
| 4080: 00 02 00 08 00 01 00 01 00 01 00 01 00 00 00 00 ................
| end x1.db
}]} {}
do_test 7.1 {
set R [sqlite3_recover_init db main test.db2]
catch { $R run }
list [catch { $R finish } msg] $msg
} {1 {file is not a database}}
finish_test

2
ext/recover/sqlite3recover.c
View File

@ -2103,7 +2103,7 @@ static int recoverIsValidPage(u8 *aTmp, const u8 *a, int n){
if( iFree>(n-4) ) return 0;
iNext = recoverGetU16(&a[iFree]);
nByte = recoverGetU16(&a[iFree+2]);
if( iFree+nByte>n ) return 0;
if( iFree+nByte>n || nByte<4 ) return 0;
if( iNext && iNext<iFree+nByte ) return 0;
memset(&aUsed[iFree], 0xFF, nByte);
iFree = iNext;