/ Check-in [6b360bc0]
Login
Home Timeline Branches Tags Tickets Wiki More...

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:When parsing the schema, check for duplicate index root page numbers before adding the index to the schema hash table.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 6b360bc0b9ad18ccda9d58d43a8388d19999432bfdf294abcf5beb44ef990cb4
User & Date: dan 2019-01-30 19:12:13
Context
2019-01-30
19:50
Change the error message slightly for when two or more indexes have the same rootpage. check-in: 916c52da user: drh tags: trunk
19:12
When parsing the schema, check for duplicate index root page numbers before adding the index to the schema hash table. check-in: 6b360bc0 user: dan tags: trunk
18:47
Add test case for the previous commit. check-in: 197edb23 user: dan tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/build.c. 

3483
3484
3485
3486
3487
3488
3489








3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512

    ** in-memory database structures. 
    */
    assert( pParse->nErr==0 );
    if( db->init.busy ){
      Index *p;
      assert( !IN_SPECIAL_PARSE );
      assert( sqlite3SchemaMutexHeld(db, 0, pIndex->pSchema) );








      p = sqlite3HashInsert(&pIndex->pSchema->idxHash, 
          pIndex->zName, pIndex);
      if( p ){
        assert( p==pIndex );  /* Malloc must have failed */
        sqlite3OomFault(db);
        goto exit_create_index;
      }
      db->mDbFlags |= DBFLAG_SchemaChange;
      if( pTblName!=0 ){
        pIndex->tnum = db->init.newTnum;
        if( sqlite3IndexHasDuplicateRootPage(pIndex) ){
          sqlite3ErrorMsg(pParse, "invalid root page");
          pParse->rc = SQLITE_CORRUPT_BKPT;
          goto exit_create_index;
        }
      }
    }

    /* If this is the initial CREATE INDEX statement (or CREATE TABLE if the
    ** index is an implied index for a UNIQUE or PRIMARY KEY constraint) then
    ** emit code to allocate the index rootpage on disk and make an entry for
    ** the index in the sqlite_master table and populate the index with
    ** content.  But, do not do this if we are simply reading the sqlite_master








>
>
>
>
>
>
>
>








<
<
<
<
<
<
<
<








3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505








3506
3507
3508
3509
3510
3511
3512

    ** in-memory database structures. 
    */
    assert( pParse->nErr==0 );
    if( db->init.busy ){
      Index *p;
      assert( !IN_SPECIAL_PARSE );
      assert( sqlite3SchemaMutexHeld(db, 0, pIndex->pSchema) );
      if( pTblName!=0 ){
        pIndex->tnum = db->init.newTnum;
        if( sqlite3IndexHasDuplicateRootPage(pIndex) ){
          sqlite3ErrorMsg(pParse, "invalid root page");
          pParse->rc = SQLITE_CORRUPT_BKPT;
          goto exit_create_index;
        }
      }
      p = sqlite3HashInsert(&pIndex->pSchema->idxHash, 
          pIndex->zName, pIndex);
      if( p ){
        assert( p==pIndex );  /* Malloc must have failed */
        sqlite3OomFault(db);
        goto exit_create_index;
      }
      db->mDbFlags |= DBFLAG_SchemaChange;








    }

    /* If this is the initial CREATE INDEX statement (or CREATE TABLE if the
    ** index is an implied index for a UNIQUE or PRIMARY KEY constraint) then
    ** emit code to allocate the index rootpage on disk and make an entry for
    ** the index in the sqlite_master table and populate the index with
    ** content.  But, do not do this if we are simply reading the sqlite_master

Changes to test/corruptL.test. 

624
625
626
627
628
629
630
631





























































































632


do_catchsql_test 6.1 {
  BEGIN;
    INSERT INTO t1(b) VALUES(1);
    INSERT INTO t1(b) VALUES(2);
  COMMIT;
} {1 {malformed database schema (t1b) - invalid root page}}






























































































finish_test









>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>


624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725


do_catchsql_test 6.1 {
  BEGIN;
    INSERT INTO t1(b) VALUES(1);
    INSERT INTO t1(b) VALUES(2);
  COMMIT;
} {1 {malformed database schema (t1b) - invalid root page}}

#-------------------------------------------------------------------------
reset_db
do_test 7.0 {
  sqlite3 db {}
  db deserialize [decode_hexdb {
| size 20480 pagesize 4096 filename crash-8391315d75edff.db
| page 1 offset 0
|      0: 53 51 4c 69 74 65 20 66 6f 72 6d 61 74 20 33 00   SQLite format 3.
|     16: 10 00 01 01 00 40 20 20 00 00 00 00 00 00 00 05   .....@  ........
|     32: 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 04   ................
|     48: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00   ................
|     96: 00 00 00 00 0d 00 00 00 05 0e 55 00 0f 74 0f 3c   ..........U..t.<
|    112: 0e f9 0e d1 0e 55 00 00 00 00 00 00 00 00 00 00   .....U..........
|   3664: 00 00 00 00 00 7a 05 07 15 11 11 08 81 63 76 69   .....z.......cvi
|   3680: 65 77 76 31 76 31 43 52 45 41 54 45 20 56 49 45   ewv1v1CREATE VIE
|   3696: 57 20 76 31 28 78 2c 69 29 20 41 53 0a 53 45 4c   W v1(x,i) AS.SEL
|   3712: 45 43 54 20 74 31 2e 62 2c 74 32 2e 62 20 46 52   ECT t1.b,t2.b FR
|   3728: 4f 4d 20 74 31 2c 74 32 20 57 48 45 52 45 20 74   OM t1,t2 WHERE t
|   3744: 31 2e 61 3d 74 32 2e 61 20 47 52 4f 55 50 20 42   1.a=t2.a GROUP B
|   3760: 59 20 31 20 48 41 56 49 4e 47 20 74 32 2e 63 20   Y 1 HAVING t2.c 
|   3776: 4e 4f 54 20 4e 55 4c 4c 0a 4c 49 4d 49 54 20 31   NOT NULL.LIMIT 1
|   3792: 30 26 04 06 17 11 11 01 39 74 61 62 6c 65 74 32   0&......9tablet2
|   3808: 74 32 05 43 52 45 41 54 45 20 54 41 42 4c 45 20   t2.CREATE TABLE 
|   3824: 74 32 28 61 2c 62 2c 63 29 41 03 06 17 15 11 01   t2(a,b,c)A......
|   3840: 6b 69 6e 64 65 78 74 31 78 31 74 31 03 43 52 45   kindext1x1t1.CRE
|   3856: 41 54 45 20 49 4e 44 45 58 20 74 31 78 31 20 4f   ATE INDEX t1x1 O
|   3872: 4e 20 74 31 28 64 29 20 57 48 45 52 45 20 65 65   N t1(d) WHERE ee
|   3888: 20 49 53 20 4e 4f 54 20 4e 55 4c 4c 36 02 06 17    IS NOT NULL6...
|   3904: 17 11 01 53 69 6e 64 65 78 74 31 61 62 63 74 31   ...Sindext1abct1
|   3920: 03 43 52 45 41 54 45 20 49 4e 44 45 58 20 74 31   .CREATE INDEX t1
|   3936: 61 62 63 20 4f 4e 20 74 31 28 61 2c 62 2c 63 2b   abc ON t1(a,b,c+
|   3952: 64 2b 65 29 81 09 01 07 17 11 11 01 81 7d 74 61   d+e)..........ta
|   3968: 62 6c 65 74 31 74 31 02 43 52 45 41 54 45 20 54   blet1t1.CREATE T
|   3984: 41 42 4c 45 20 74 31 28 61 2c 62 2c 63 2c 64 2c   ABLE t1(a,b,c,d,
|   4000: 65 2c 66 2c 67 2c 68 2c 6a 2c 6a 6a 2c 6a 6a 6a   e,f,g,h,j,jj,jjj
|   4016: 2c 6b 2c 61 61 2c 62 69 8c 63 63 2c 64 64 2c 65   ,k,aa,bi.cc,dd,e
|   4032: 65 20 44 45 46 41 55 4c 54 20 33 2e 31 34 2c 0a   e DEFAULT 3.14,.
|   4048: 66 66 20 44 45 46 41 55 4c 54 28 27 68 69 63 63   ff DEFAULT('hicc
|   4064: 75 70 27 29 2c 67 67 20 4e 4f 54 20 4e 55 4c 4c   up'),gg NOT NULL
|   4080: 20 44 45 46 41 55 4c 54 28 66 61 6c 73 65 29 29    DEFAULT(false))
| page 2 offset 4096
|      0: 0d 00 00 00 0a 0e 7b 00 0f dc 0f b6 0f 8f 0f 68   ...............h
|     16: 0f 41 0f 1a 0e f3 0e cb 0e a3 0e 22 00 00 00 00   .A..............
|   3696: 00 00 00 00 00 00 00 00 00 00 00 26 0a 14 01 01   ...........&....
|   3712: 02 08 00 00 00 00 00 00 00 00 00 00 00 00 07 19   ................
|   3728: 08 09 5a 00 b4 40 09 1e b8 51 eb 95 1f 68 69 63   ..Z..@...Q...hic
|   3744: 63 75 70 26 09 14 01 01 02 08 00 00 00 00 00 00   cup&............
|   3760: 00 00 00 00 00 00 07 19 08 08 50 00 a0 40 09 1e   ..........P..@..
|   3776: b8 51 eb 85 1f 68 69 63 63 74 70 26 08 14 01 01   .Q...hicctp&....
|   3792: 03 08 00 00 00 00 00 00 00 00 00 00 00 00 07 19   ................
|   3808: 08 07 46 00 8c 40 09 1e b8 51 eb 85 1f 68 69 63   ..F..@...Q...hic
|   3824: 63 75 70 25 07 14 01 01 01 08 00 00 00 00 00 00   cup%............
|   3840: 00 00 00 00 00 10 07 19 08 06 3c 78 40 09 1e b8   ..........<x@...
|   3856: 51 eb 85 1f 68 69 63 63 75 70 25 06 14 01 01 01   Q...hiccup%.....
|   3872: 08 00 00 00 00 00 00 00 00 00 00 00 00 07 19 08   ................
|   3888: 05 32 64 40 09 1e b8 51 eb 85 1f 68 69 63 63 75   .2d@...Q...hiccu
|   3904: 70 25 05 14 01 01 01 08 00 00 00 00 00 00 00 00   p%..............
|   3920: 00 00 00 00 07 19 08 04 28 50 40 09 1e b8 51 eb   ........(P@...Q.
|   3936: 85 1f 68 69 63 63 75 70 25 04 14 01 00 f1 08 00   ..hiccup%.......
|   3952: 00 00 00 00 00 00 00 00 00 00 00 07 19 08 03 1e   ................
|   3968: 3c 40 09 1e b8 51 eb 85 1f 68 69 63 63 75 70 25   <@...Q...hiccup%
|   3984: 03 14 01 01 01 08 00 00 00 00 00 00 00 00 00 00   ................
|   4000: 00 00 07 19 08 02 14 28 40 09 1e b8 51 eb 85 1f   .......(@...Q...
|   4016: 68 69 63 63 75 70 24 02 14 09 01 01 08 00 00 00   hiccup$.........
|   4032: 00 00 00 00 00 00 00 00 00 07 19 08 0a 14 40 09   ..............@.
|   4048: 1e b8 51 eb 85 1f 68 69 63 63 75 70 22 01 14 08   ..Q...hiccup....
|   4064: 08 08 08 00 00 00 00 00 00 00 00 00 00 00 00 07   ................
|   4080: 19 08 40 09 1e b8 51 eb 85 1f 68 69 63 63 75 70   ..@...Q...hiccup
| page 3 offset 8192
|      0: 0a 00 00 00 0a 0f aa 00 0f fa 0f f2 0f e9 0f e0   ................
|     16: 0f d7 0f ce 0f c5 0f bc 0f b3 0f aa 00 00 00 00   ................
|   4000: 00 00 00 00 00 00 00 00 00 00 08 05 01 01 00 01   ................
|   4016: 09 5a 0a d8 05 01 01 00 01 08 50 09 08 05 01 01   .Z........P.....
|   4032: 00 01 07 46 08 08 05 01 01 00 01 06 3c 07 08 05   ...F........<...
|   4048: 01 01 00 01 05 32 06 08 05 01 01 00 01 04 28 05   .....2........(.
|   4064: 08 05 01 02 60 01 03 1e 04 08 05 01 01 00 01 02   ....`...........
|   4080: 14 03 07 05 09 01 00 01 0a 02 05 05 08 08 00 09   ................
| page 4 offset 12288
|      0: 0a 00 00 00 0a 0f cf 00 0f fc 0f f7 0f f2 0f ed   ................
|     16: 0f e8 0f e3 0f de 0f d9 0f d4 0f cf 00 00 00 00   ................
|   4032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04   ................
|   4048: 03 08 01 0a 04 03 08 01 09 04 03 08 01 08 04 03   ................
|   4064: 08 01 07 04 03 08 01 06 04 03 08 01 05 04 03 08   ................
|   4080: 01 04 04 03 08 01 03 04 03 08 01 02 03 03 08 09   ................
| page 5 offset 16384
|      0: 0d 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00   ................
| end crash-8391315d75edff.db
}]} {}

do_catchsql_test 7.1 {
  SELECT * FROM sqlite_master;
} {1 {malformed database schema (t1x1) - invalid root page}}

finish_test

This page was generated in about 0.009s by Fossil 2.9 [5b6be64760] 2019-06-14 00:24:04