/ Check-in [32754ca6]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Expand the size of the temporary page used during btree rebalancing by a few bytes, to avoid problems with small buffer overreads that can occur on corrupted database files.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256:32754ca6f86da8165e274f98f35fc3df3aebd273e9da08387e2d0c3c89abda0f
User & Date: drh 2018-12-14 13:35:48
References
2018-12-14
16:20
Back out the expansion of the temporary buffer size from [32754ca6f86da816] and replace it with an explicit test for buffer overreads. check-in: 8ba3d9f3 user: drh tags: trunk
Context
2018-12-14
13:47
Fix a harmless compiler warning in Sessions. check-in: fc9791ea user: drh tags: trunk
13:35
Expand the size of the temporary page used during btree rebalancing by a few bytes, to avoid problems with small buffer overreads that can occur on corrupted database files. check-in: 32754ca6 user: drh tags: trunk
13:18
When saving the position of a cursor at the b-tree layer, allocate a few extra bytes at the end of the buffer used to save the key. Otherwise, if the key is corrupt, the code that restores the cursor position may overread the buffer by a little. check-in: 160b1e31 user: dan tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/pcache1.c.

473
474
475
476
477
478
479



480
481
482
483
484
485
486
487

/*
** Malloc function used by SQLite to obtain space from the buffer configured
** using sqlite3_config(SQLITE_CONFIG_PAGECACHE) option. If no such buffer
** exists, this function falls back to sqlite3Malloc().
*/
void *sqlite3PageMalloc(int sz){



  return pcache1Alloc(sz);
}

/*
** Free an allocated buffer obtained from sqlite3PageMalloc().
*/
void sqlite3PageFree(void *p){
  pcache1Free(p);







>
>
>
|







473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490

/*
** Malloc function used by SQLite to obtain space from the buffer configured
** using sqlite3_config(SQLITE_CONFIG_PAGECACHE) option. If no such buffer
** exists, this function falls back to sqlite3Malloc().
*/
void *sqlite3PageMalloc(int sz){
  /* During rebalance operations on a corrupt database file, it is sometimes
  ** (rarely) possible to overread the temporary page buffer by a few bytes.
  ** Enlarge the allocation slightly so that this does not cause problems. */
  return pcache1Alloc(sz + 32);
}

/*
** Free an allocated buffer obtained from sqlite3PageMalloc().
*/
void sqlite3PageFree(void *p){
  pcache1Free(p);