Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Avoid a buffer overread in ptrmapPutOvflPtr() that can occurs in a corrupt database file that has large entries and uses autovacuum. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
f8b781cf41800e9f61a1c5376404a97e |
User & Date: | drh 2018-12-14 16:00:38.064 |
Context
2018-12-14
| ||
16:20 | Back out the expansion of the temporary buffer size from [32754ca6f86da816] and replace it with an explicit test for buffer overreads. (check-in: 8ba3d9f380 user: drh tags: trunk) | |
16:00 | Avoid a buffer overread in ptrmapPutOvflPtr() that can occurs in a corrupt database file that has large entries and uses autovacuum. (check-in: f8b781cf41 user: drh tags: trunk) | |
13:47 | Fix a harmless compiler warning in Sessions. (check-in: fc9791ea98 user: drh tags: trunk) | |
Changes
Changes to src/btree.c.
︙ | ︙ | |||
1365 1366 1367 1368 1369 1370 1371 | */ static void ptrmapPutOvflPtr(MemPage *pPage, u8 *pCell, int *pRC){ CellInfo info; if( *pRC ) return; assert( pCell!=0 ); pPage->xParseCell(pPage, pCell, &info); if( info.nLocal<info.nPayload ){ | > > > > > | | 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 | */ static void ptrmapPutOvflPtr(MemPage *pPage, u8 *pCell, int *pRC){ CellInfo info; if( *pRC ) return; assert( pCell!=0 ); pPage->xParseCell(pPage, pCell, &info); if( info.nLocal<info.nPayload ){ Pgno ovfl; if( SQLITE_WITHIN(pPage->aDataEnd, pCell, pCell+info.nLocal) ){ *pRC = SQLITE_CORRUPT_BKPT; return; } ovfl = get4byte(&pCell[info.nSize-4]); ptrmapPut(pPage->pBt, ovfl, PTRMAP_OVERFLOW1, pPage->pgno, pRC); } } #endif /* |
︙ | ︙ |