Overview
| Comment: | Enable cell overflow checking in sqlite3BtreeInitPage() using the compile-time option SQLITE_ENABLE_OVERSIZE_CELL_CHECK. Change the tests so that they recognize different error messages depending on the setting of this macro. (CVS 6735) |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | 56bff6eb2fc5f0afbd96afc986671ec744bd40e1 |
| User & Date: | drh 2009-06-09 13:42:25 |
Context
|
2009-06-09
| ||
| 14:27 | Modify mkkeywordhash.c so that it puts the original text of each token in a comment beside the "testcase()" macros. (CVS 6736) check-in: a7d0817c user: drh tags: trunk | |
| 13:42 | Enable cell overflow checking in sqlite3BtreeInitPage() using the compile-time option SQLITE_ENABLE_OVERSIZE_CELL_CHECK. Change the tests so that they recognize different error messages depending on the setting of this macro. (CVS 6735) check-in: 56bff6eb user: drh tags: trunk | |
| 11:34 | Avoid calling fillInCell() to create an internal node intkey cell from balance_nonroot(). A single putVarint() does the same thing more quickly. (CVS 6734) check-in: 2e5d42ae user: danielk1977 tags: trunk | |
Changes
Changes to src/btree.c.
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
....
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
|
** a legal notice, here is a blessing: ** ** May you do good and not evil. ** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** $Id: btree.c,v 1.623 2009/06/09 11:34:11 danielk1977 Exp $ ** ** This file implements a external (disk-based) database using BTrees. ** See the header comment on "btreeInt.h" for additional information. ** Including a description of file format and an overview of operation. */ #include "btreeInt.h" ................................................................................ /* A malformed database page might cause use to read past the end ** of page when parsing a cell. ** ** The following block of code checks early to see if a cell extends ** past the end of a page boundary and causes SQLITE_CORRUPT to be ** returned if it does. */ #if defined(SQLITE_OVERREAD_CHECK) { int iCellFirst; /* First allowable cell index */ int iCellLast; /* Last possible cell index */ int i; /* Index into the cell pointer array */ int sz; /* Size of a cell */ iCellFirst = cellOffset + 2*pPage->nCell; |
|
|
|
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
....
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
|
** a legal notice, here is a blessing: ** ** May you do good and not evil. ** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** $Id: btree.c,v 1.624 2009/06/09 13:42:25 drh Exp $ ** ** This file implements a external (disk-based) database using BTrees. ** See the header comment on "btreeInt.h" for additional information. ** Including a description of file format and an overview of operation. */ #include "btreeInt.h" ................................................................................ /* A malformed database page might cause use to read past the end ** of page when parsing a cell. ** ** The following block of code checks early to see if a cell extends ** past the end of a page boundary and causes SQLITE_CORRUPT to be ** returned if it does. */ #if defined(SQLITE_ENABLE_OVERSIZE_CELL_CHECK) { int iCellFirst; /* First allowable cell index */ int iCellLast; /* Last possible cell index */ int i; /* Index into the cell pointer array */ int sz; /* Size of a cell */ iCellFirst = cellOffset + 2*pPage->nCell; |
Changes to src/test_config.c.
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
...
172
173
174
175
176
177
178
179
180
181
182
183
184
185
|
** ** This file contains code used for testing the SQLite system. ** None of the code in this file goes into a deliverable build. ** ** The focus of this file is providing the TCL testing layer ** access to compile-time constants. ** ** $Id: test_config.c,v 1.48 2009/03/16 13:19:36 danielk1977 Exp $ */ #include "sqliteLimit.h" #include "sqliteInt.h" #include "tcl.h" #include <stdlib.h> ................................................................................ #endif #ifdef SQLITE_ENABLE_COLUMN_METADATA Tcl_SetVar2(interp, "sqlite_options", "columnmetadata", "1", TCL_GLOBAL_ONLY); #else Tcl_SetVar2(interp, "sqlite_options", "columnmetadata", "0", TCL_GLOBAL_ONLY); #endif #ifdef SQLITE_OMIT_COMPLETE Tcl_SetVar2(interp, "sqlite_options", "complete", "0", TCL_GLOBAL_ONLY); #else Tcl_SetVar2(interp, "sqlite_options", "complete", "1", TCL_GLOBAL_ONLY); #endif |
|
>
>
>
>
>
>
>
>
>
>
|
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
...
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
|
** ** This file contains code used for testing the SQLite system. ** None of the code in this file goes into a deliverable build. ** ** The focus of this file is providing the TCL testing layer ** access to compile-time constants. ** ** $Id: test_config.c,v 1.49 2009/06/09 13:42:25 drh Exp $ */ #include "sqliteLimit.h" #include "sqliteInt.h" #include "tcl.h" #include <stdlib.h> ................................................................................ #endif #ifdef SQLITE_ENABLE_COLUMN_METADATA Tcl_SetVar2(interp, "sqlite_options", "columnmetadata", "1", TCL_GLOBAL_ONLY); #else Tcl_SetVar2(interp, "sqlite_options", "columnmetadata", "0", TCL_GLOBAL_ONLY); #endif #ifdef SQLITE_ENABLE_OVERSIZE_CELL_CHECK Tcl_SetVar2(interp, "sqlite_options", "oversize_cell_check", "1", TCL_GLOBAL_ONLY); #else Tcl_SetVar2(interp, "sqlite_options", "oversize_cell_check", "0", TCL_GLOBAL_ONLY); #endif #ifdef SQLITE_OMIT_COMPLETE Tcl_SetVar2(interp, "sqlite_options", "complete", "0", TCL_GLOBAL_ONLY); #else Tcl_SetVar2(interp, "sqlite_options", "complete", "1", TCL_GLOBAL_ONLY); #endif |
Changes to test/corrupt7.test.
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
..
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
#*********************************************************************** # This file implements regression tests for SQLite library. # # This file implements tests to make sure SQLite does not crash or # segfault if it sees a corrupt database file. It specifically focuses # on corrupt cell offsets in a btree page. # # $Id: corrupt7.test,v 1.6 2009/06/04 17:02:51 drh Exp $ set testdir [file dirname $argv0] source $testdir/tester.tcl # We must have the page_size pragma for these tests to work. # ifcapable !pager_pragmas { ................................................................................ } 0 ;# Unused bytes per page is 0 integrity_check corrupt7-1.4 # Deliberately corrupt some of the cell offsets in the btree page # on page 2 of the database. # do_test corrupt7-2.1 { db close hexio_write test.db 1062 FF sqlite3 db test.db db eval {PRAGMA integrity_check(1)} } {{*** in database main *** Page 2: sqlite3BtreeInitPage() returns error code 11}} do_test corrupt7-2.2 { db close hexio_write test.db 1062 04 sqlite3 db test.db db eval {PRAGMA integrity_check(1)} } {{*** in database main *** Page 2: sqlite3BtreeInitPage() returns error code 11}} # The code path that was causing the buffer overrun that this test # case was checking for was removed. # #do_test corrupt7-3.1 { # execsql { # DROP TABLE t1; # CREATE TABLE t1(a, b); |
|
>
>
>
>
|
|
|
|
|
|
|
|
|
|
|
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
>
|
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
..
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
#*********************************************************************** # This file implements regression tests for SQLite library. # # This file implements tests to make sure SQLite does not crash or # segfault if it sees a corrupt database file. It specifically focuses # on corrupt cell offsets in a btree page. # # $Id: corrupt7.test,v 1.7 2009/06/09 13:42:25 drh Exp $ set testdir [file dirname $argv0] source $testdir/tester.tcl # We must have the page_size pragma for these tests to work. # ifcapable !pager_pragmas { ................................................................................ } 0 ;# Unused bytes per page is 0 integrity_check corrupt7-1.4 # Deliberately corrupt some of the cell offsets in the btree page # on page 2 of the database. # # The error message is different depending on whether or not the # SQLITE_ENABLE_OVERSIZE_CELL_CHECK compile-time option is engaged. # ifcapable oversize_cell_check { do_test corrupt7-2.1 { db close hexio_write test.db 1062 FF sqlite3 db test.db db eval {PRAGMA integrity_check(1)} } {{*** in database main *** Page 2: sqlite3BtreeInitPage() returns error code 11}} do_test corrupt7-2.2 { db close hexio_write test.db 1062 04 sqlite3 db test.db db eval {PRAGMA integrity_check(1)} } {{*** in database main *** Page 2: sqlite3BtreeInitPage() returns error code 11}} } else { do_test corrupt7-2.1 { db close hexio_write test.db 1062 FF sqlite3 db test.db db eval {PRAGMA integrity_check(1)} } {{*** in database main *** Corruption detected in cell 15 on page 2}} do_test corrupt7-2.2 { db close hexio_write test.db 1062 04 sqlite3 db test.db db eval {PRAGMA integrity_check(1)} } {{*** in database main *** Corruption detected in cell 15 on page 2}} } # The code path that was causing the buffer overrun that this test # case was checking for was removed. # #do_test corrupt7-3.1 { # execsql { # DROP TABLE t1; # CREATE TABLE t1(a, b); |