Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Fix a crash in the sqlite_dbdata module that could occur if a pointer within an overflow chain in a corrupt database pointed past the end of the db. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
3eae4e301e3e4bcf14e96066f77be143 |
User & Date: | dan 2019-05-09 17:54:27.219 |
Context
2019-05-09
| ||
18:13 | Make the ".schema" command in the CLI resistant to corrupt database files. (check-in: f22c7e229e user: drh tags: trunk) | |
17:54 | Fix a crash in the sqlite_dbdata module that could occur if a pointer within an overflow chain in a corrupt database pointed past the end of the db. (check-in: 3eae4e301e user: dan tags: trunk) | |
17:10 | Disable the optimization where a REAL value with no fractional part is stored as an INTEGER when the integer uses as much space as the real value it proposes to stand in for (8 bytes). This avoids corner cases of comparing integers against real values that are beyond the resolution of an IEEE 754 double. Fix for ticket [6c1d3febc00b22d457c78c2] (check-in: 9b0915272f user: drh tags: trunk) | |
Changes
Changes to ext/misc/dbdata.c.
︙ | ︙ | |||
583 584 585 586 587 588 589 | sqlite3_int64 nRem = nPayload - nLocal; unsigned int pgnoOvfl = get_uint32(&pCsr->aPage[iOff]); while( nRem>0 ){ u8 *aOvfl = 0; int nOvfl = 0; int nCopy; rc = dbdataLoadPage(pCsr, pgnoOvfl, &aOvfl, &nOvfl); | | > | 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 | sqlite3_int64 nRem = nPayload - nLocal; unsigned int pgnoOvfl = get_uint32(&pCsr->aPage[iOff]); while( nRem>0 ){ u8 *aOvfl = 0; int nOvfl = 0; int nCopy; rc = dbdataLoadPage(pCsr, pgnoOvfl, &aOvfl, &nOvfl); assert( rc!=SQLITE_OK || aOvfl==0 || nOvfl==pCsr->nPage ); if( rc!=SQLITE_OK ) return rc; if( aOvfl==0 ) break; nCopy = U-4; if( nCopy>nRem ) nCopy = nRem; memcpy(&pCsr->pRec[nPayload-nRem], &aOvfl[4], nCopy); nRem -= nCopy; pgnoOvfl = get_uint32(aOvfl); |
︙ | ︙ |