Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Avoid exceeding array bounds when reading a corrupt database file in autovacuum mode. Fixes a problem discovered by John Regehr and Peng Li using a customized clang compiler. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
f7c525f5fc31e909721df2b1e66fc62d |
| User & Date: | drh 2011-05-17 15:21:56 |
Context
|
2011-05-17
| ||
| 15:56 | Add extended return code SQLITE_CORRUPT_VTAB. Returned when the tcontents of the sqlite tables used internally by a virtual table module are invalid or inconsistent. (check-in: 8844e8bf user: dan tags: trunk) | |
| 15:21 | Avoid exceeding array bounds when reading a corrupt database file in autovacuum mode. Fixes a problem discovered by John Regehr and Peng Li using a customized clang compiler. (check-in: f7c525f5 user: drh tags: trunk) | |
| 14:41 | Avoid including fts3_term.c in the amalgamation, as it contains test code only. (check-in: f392b7ae user: dan tags: trunk) | |
Changes
Changes to src/btree.c.
| ︙ | ︙ | |||
784 785 786 787 788 789 790 791 792 793 794 795 796 797 |
return;
}
offset = PTRMAP_PTROFFSET(iPtrmap, key);
if( offset<0 ){
*pRC = SQLITE_CORRUPT_BKPT;
goto ptrmap_exit;
}
pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
if( eType!=pPtrmap[offset] || get4byte(&pPtrmap[offset+1])!=parent ){
TRACE(("PTRMAP_UPDATE: %d->(%d,%d)\n", key, eType, parent));
*pRC= rc = sqlite3PagerWrite(pDbPage);
if( rc==SQLITE_OK ){
pPtrmap[offset] = eType;
| > | 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 |
return;
}
offset = PTRMAP_PTROFFSET(iPtrmap, key);
if( offset<0 ){
*pRC = SQLITE_CORRUPT_BKPT;
goto ptrmap_exit;
}
assert( offset <= (int)pBt->usableSize-5 );
pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
if( eType!=pPtrmap[offset] || get4byte(&pPtrmap[offset+1])!=parent ){
TRACE(("PTRMAP_UPDATE: %d->(%d,%d)\n", key, eType, parent));
*pRC= rc = sqlite3PagerWrite(pDbPage);
if( rc==SQLITE_OK ){
pPtrmap[offset] = eType;
|
| ︙ | ︙ | |||
823 824 825 826 827 828 829 830 831 832 833 834 835 836 |
rc = sqlite3PagerGet(pBt->pPager, iPtrmap, &pDbPage);
if( rc!=0 ){
return rc;
}
pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
offset = PTRMAP_PTROFFSET(iPtrmap, key);
assert( pEType!=0 );
*pEType = pPtrmap[offset];
if( pPgno ) *pPgno = get4byte(&pPtrmap[offset+1]);
sqlite3PagerUnref(pDbPage);
if( *pEType<1 || *pEType>5 ) return SQLITE_CORRUPT_BKPT;
return SQLITE_OK;
| > > > > > | 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 |
rc = sqlite3PagerGet(pBt->pPager, iPtrmap, &pDbPage);
if( rc!=0 ){
return rc;
}
pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
offset = PTRMAP_PTROFFSET(iPtrmap, key);
if( offset<0 ){
sqlite3PagerUnref(pDbPage);
return SQLITE_CORRUPT_BKPT;
}
assert( offset <= (int)pBt->usableSize-5 );
assert( pEType!=0 );
*pEType = pPtrmap[offset];
if( pPgno ) *pPgno = get4byte(&pPtrmap[offset+1]);
sqlite3PagerUnref(pDbPage);
if( *pEType<1 || *pEType>5 ) return SQLITE_CORRUPT_BKPT;
return SQLITE_OK;
|
| ︙ | ︙ |