database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-08-08 14:02:16 +03:00
Code Activity

Add checks to make sure cells in corrupt database files

Browse Source 
do not overflow a page when doing autovacuum.
Problem detected by valgrind.

FossilOrigin-Name: d0b347b412376d22e9f0770ac083dafb5e480dd0
This commit is contained in:
drh
2011-08-31 13:27:19 +00:00
parent 0ee469c9a8
commit e42a9b431b
3 changed files with 16 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
manifest
View File

@@ -1,5 +1,5 @@
C Enable\sthe\sthread\stest\slogic\sto\swork\swith\sthe\sSQLITE_HAS_CODEC\scompile-time\noption. C Add\schecks\sto\smake\ssure\scells\sin\scorrupt\sdatabase\sfiles\s\ndo\snot\soverflow\sa\spage\swhen\sdoing\sautovacuum.\nProblem\sdetected\sby\svalgrind.
D 2011-08-30T19:52:32.227 D 2011-08-31T13:27:19.588
F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
F Makefile.in d314143fa6be24828021d3f583ad37d9afdce505 F Makefile.in d314143fa6be24828021d3f583ad37d9afdce505
F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -124,7 +124,7 @@ F src/auth.c 523da7fb4979469955d822ff9298352d6b31de34
F src/backup.c 28a4fe55327ff708bfaf9d4326d02686f7a553c3 F src/backup.c 28a4fe55327ff708bfaf9d4326d02686f7a553c3
F src/bitvec.c af50f1c8c0ff54d6bdb7a80e2fceca5a93670bef F src/bitvec.c af50f1c8c0ff54d6bdb7a80e2fceca5a93670bef
F src/btmutex.c 976f45a12e37293e32cae0281b15a21d48a8aaa7 F src/btmutex.c 976f45a12e37293e32cae0281b15a21d48a8aaa7
F src/btree.c bd89d604a532063da8ed1a095f1805db49896325 F src/btree.c 4a2856b3bde9959986a7b9327841b3ff94023784
F src/btree.h 9ddf04226eac592d4cc3709c5a8b33b2351ff5f7 F src/btree.h 9ddf04226eac592d4cc3709c5a8b33b2351ff5f7
F src/btreeInt.h 67978c014fa4f7cc874032dd3aacadd8db656bc3 F src/btreeInt.h 67978c014fa4f7cc874032dd3aacadd8db656bc3
F src/build.c 2d5de52df616a3bf5a659cbca85211c46e2ba9bd F src/build.c 2d5de52df616a3bf5a659cbca85211c46e2ba9bd
@@ -961,7 +961,7 @@ F tool/symbols.sh caaf6ccc7300fd43353318b44524853e222557d5
F tool/tostr.awk 11760e1b94a5d3dcd42378f3cc18544c06cfa576 F tool/tostr.awk 11760e1b94a5d3dcd42378f3cc18544c06cfa576
F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f F tool/vdbe-compress.tcl d70ea6d8a19e3571d7ab8c9b75cba86d1173ff0f
F tool/warnings.sh b7fdb2cc525f5ef4fa43c80e771636dd3690f9d2 F tool/warnings.sh b7fdb2cc525f5ef4fa43c80e771636dd3690f9d2
P f1bd5bbae505068d24bfd9cc6bab6a8b8940bad6 P 20ddfb4780b87953718f3a8e67b777dcff0e3b5e
R 6d1c7722e8d08f5c9ec39c32c435674d R 513927bc09bdb01972234dc3d07878fd
U drh U drh
Z 883417057169f45a687263a717525500 Z 7574b78d098e12a356337eb2bfd798e6

2
manifest.uuid
View File

@@ -1 +1 @@
20ddfb4780b87953718f3a8e67b777dcff0e3b5e d0b347b412376d22e9f0770ac083dafb5e480dd0

10
src/btree.c
View File

@@ -2754,12 +2754,13 @@ static int modifyPagePointer(MemPage *pPage, Pgno iFrom, Pgno iTo, u8 eType){
if( eType==PTRMAP_OVERFLOW1 ){ if( eType==PTRMAP_OVERFLOW1 ){
CellInfo info; CellInfo info;
btreeParseCellPtr(pPage, pCell, &info); btreeParseCellPtr(pPage, pCell, &info);
if( info.iOverflow ){ if( info.iOverflow
if( iFrom==get4byte(&pCell[info.iOverflow]) ){ && pCell+info.iOverflow+3<=pPage->aData+pPage->maskPage
&& iFrom==get4byte(&pCell[info.iOverflow])
){
put4byte(&pCell[info.iOverflow], iTo); put4byte(&pCell[info.iOverflow], iTo);
break; break;
} }
}
}else{ }else{
if( get4byte(pCell)==iFrom ){ if( get4byte(pCell)==iFrom ){
put4byte(pCell, iTo); put4byte(pCell, iTo);
@@ -5190,6 +5191,9 @@ static int clearCell(MemPage *pPage, unsigned char *pCell){
if( info.iOverflow==0 ){ if( info.iOverflow==0 ){
return SQLITE_OK; /* No overflow pages. Return without doing anything */ return SQLITE_OK; /* No overflow pages. Return without doing anything */
} }
if( pCell+info.iOverflow+3 > pPage->aData+pPage->maskPage ){
return SQLITE_CORRUPT; /* Cell extends past end of page */
}
ovflPgno = get4byte(&pCell[info.iOverflow]); ovflPgno = get4byte(&pCell[info.iOverflow]);
assert( pBt->usableSize > 4 ); assert( pBt->usableSize > 4 );
ovflPageSize = pBt->usableSize - 4; ovflPageSize = pBt->usableSize - 4;