SQLite

Check-in [d0971b7913]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Strengthen the KeyInfo number-of-columns assert() added by the previous check-in.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | tkt-f97c4637
Files: files | file ages | folders
SHA1: d0971b79131175709b2df678c80890f9a6a9de96
User & Date: drh 2015-01-19 18:18:25.332
Context
2015-01-19
18:18
Strengthen the KeyInfo number-of-columns assert() added by the previous check-in. (Closed-Leaf check-in: d0971b7913 user: drh tags: tkt-f97c4637)
17:28
Add an assert() to verify that the nField+nXField values of a KeyInfo object are never less then the number of columns in a row for a non-corrupt database. This assert() currently fails, which is the root of the problem with ticket [f97c4637102a3ae72b]. (check-in: 083f523d2f user: drh tags: tkt-f97c4637)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/vdbeaux.c. 
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291

3292
3293
3294
3295
3296
3297
3298

  int nField = 0;    /* Number of fields seen in the pKey1 record */
  int rc = 0;
  const unsigned char *aKey1 = (const unsigned char *)pKey1;
  KeyInfo *pKeyInfo;
  Mem mem1;

  pKeyInfo = pPKey2->pKeyInfo;
  if( pKeyInfo->db==0 ) return 1;
  mem1.enc = pKeyInfo->enc;
  mem1.db = pKeyInfo->db;
  /* mem1.flags = 0;  // Will be initialized by sqlite3VdbeSerialGet() */
  VVA_ONLY( mem1.szMalloc = 0; ) /* Only needed by assert() statements */

  /* Compilers may complain that mem1.u.i is potentially uninitialized.
  ** We could initialize it, as shown here, to silence those complaints.
  ** But in fact, mem1.u.i will never actually be used uninitialized, and doing 
  ** the unnecessary initialization has a measurable negative performance
  ** impact, since this routine is a very high runner.  And so, we choose
  ** to ignore the compiler warnings and leave this variable uninitialized.
  */
  /*  mem1.u.i = 0;  // not needed, here to silence compiler warning */
  
  idx1 = getVarint32(aKey1, szHdr1);

  d1 = szHdr1;
  assert( pKeyInfo->nField+pKeyInfo->nXField>=pPKey2->nField || CORRUPT_DB );
  assert( pKeyInfo->aSortOrder!=0 );
  assert( pKeyInfo->nField>0 );
  assert( idx1<=szHdr1 || CORRUPT_DB );
  do{
    u32 serial_type1;








<















>








3269
3270
3271
3272
3273
3274
3275

3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298

  int nField = 0;    /* Number of fields seen in the pKey1 record */
  int rc = 0;
  const unsigned char *aKey1 = (const unsigned char *)pKey1;
  KeyInfo *pKeyInfo;
  Mem mem1;

  pKeyInfo = pPKey2->pKeyInfo;

  mem1.enc = pKeyInfo->enc;
  mem1.db = pKeyInfo->db;
  /* mem1.flags = 0;  // Will be initialized by sqlite3VdbeSerialGet() */
  VVA_ONLY( mem1.szMalloc = 0; ) /* Only needed by assert() statements */

  /* Compilers may complain that mem1.u.i is potentially uninitialized.
  ** We could initialize it, as shown here, to silence those complaints.
  ** But in fact, mem1.u.i will never actually be used uninitialized, and doing 
  ** the unnecessary initialization has a measurable negative performance
  ** impact, since this routine is a very high runner.  And so, we choose
  ** to ignore the compiler warnings and leave this variable uninitialized.
  */
  /*  mem1.u.i = 0;  // not needed, here to silence compiler warning */
  
  idx1 = getVarint32(aKey1, szHdr1);
  if( pKeyInfo->db==0 ) goto debugCompareEnd;
  d1 = szHdr1;
  assert( pKeyInfo->nField+pKeyInfo->nXField>=pPKey2->nField || CORRUPT_DB );
  assert( pKeyInfo->aSortOrder!=0 );
  assert( pKeyInfo->nField>0 );
  assert( idx1<=szHdr1 || CORRUPT_DB );
  do{
    u32 serial_type1;

3339
3340
3341
3342
3343
3344
3345
3346


3347
3348
3349
3350
3351
3352
3353
3354

3355
3356
3357
3358
3359
3360
3361

  /* rc==0 here means that one of the keys ran out of fields and
  ** all the fields up to that point were equal. Return the default_rc
  ** value.  */
  rc = pPKey2->default_rc;

debugCompareEnd:
  /* Verify that the total number of columns in the record does not
  ** exceed pKeyInfo->nField + pKeyInfo->nXField.  


  */
  while( idx1<szHdr1 ){
    u32 serial_type1;
    idx1 += getVarint32( aKey1+idx1, serial_type1);
    nField++;
  }
  assert( nField <= pKeyInfo->nField + pKeyInfo->nXField || CORRUPT_DB );


  if( desiredResult==0 && rc==0 ) return 1;
  if( desiredResult<0 && rc<0 ) return 1;
  if( desiredResult>0 && rc>0 ) return 1;
  if( CORRUPT_DB ) return 1;
  if( pKeyInfo->db->mallocFailed ) return 1;
  return 0;
}








|
>
>








>








3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364

  /* rc==0 here means that one of the keys ran out of fields and
  ** all the fields up to that point were equal. Return the default_rc
  ** value.  */
  rc = pPKey2->default_rc;

debugCompareEnd:
  /* Verify that the total number of columns in the record does not
  ** exceed pKeyInfo->nField + pKeyInfo->nXField.  This is an assumption
  ** that was made by sqlite3VdbeFindCompare() and if it is wrong then
  ** comparison results can be invalid.  Ticket [f97c4637102a3ae72b].
  */
  while( idx1<szHdr1 ){
    u32 serial_type1;
    idx1 += getVarint32( aKey1+idx1, serial_type1);
    nField++;
  }
  assert( nField <= pKeyInfo->nField + pKeyInfo->nXField || CORRUPT_DB );

  if( pKeyInfo->db==0 ) return 1;
  if( desiredResult==0 && rc==0 ) return 1;
  if( desiredResult<0 && rc<0 ) return 1;
  if( desiredResult>0 && rc>0 ) return 1;
  if( CORRUPT_DB ) return 1;
  if( pKeyInfo->db->mallocFailed ) return 1;
  return 0;
}