Index: src/btree.c ================================================================== --- src/btree.c +++ src/btree.c @@ -7,11 +7,11 @@ ** May you do good and not evil. ** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* -** $Id: btree.c,v 1.528 2008/11/10 17:14:58 shane Exp $ +** $Id: btree.c,v 1.529 2008/11/11 17:36:30 shane Exp $ ** ** This file implements a external (disk-based) database using BTrees. ** See the header comment on "btreeInt.h" for additional information. ** Including a description of file format and an overview of operation. */ @@ -6798,12 +6798,18 @@ hdr = pPage->hdrOffset; hit = sqlite3PageMalloc( pBt->pageSize ); if( hit==0 ){ pCheck->mallocFailed = 1; }else{ - memset(hit, 0, usableSize ); - memset(hit, 1, get2byte(&data[hdr+5])); + u16 contentOffset = get2byte(&data[hdr+5]); + if (contentOffset > usableSize) { + checkAppendMsg(pCheck, 0, + "Corruption detected in header on page %d",iPage,0); + contentOffset = usableSize; /* try to keep going */ + } + memset(hit+contentOffset, 0, usableSize-contentOffset); + memset(hit, 1, contentOffset); nCell = get2byte(&data[hdr+3]); cellStart = hdr + 12 - 4*pPage->leaf; for(i=0; i13} set x {} } {} - do_test corruptC-2.$tn.$i.4 { + do_test corruptC-3.$tn.$i.4 { catchsql {SELECT count(*) FROM t2} set x {} } {} - do_test corruptC-2.$tn.$i.5 { + do_test corruptC-3.$tn.$i.5 { catchsql {SELECT count(*) FROM t2 WHERE x<13} set x {} } {} # check the integrity of the database. @@ -128,11 +152,11 @@ set last -1 } } # Check that no page references were leaked. - do_test corruptC-2.$tn.$i.6 { + do_test corruptC-3.$tn.$i.6 { set bt [btree_from_db db] db_enter db array set stats [btree_pager_stats $bt] db_leave db set stats(ref)