/ Check-in [7373a004]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:All bytes of a page are initialized, even bytes that follow a 2-byte cell on a malformed page.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 7373a004ed0e2781cda503c73e9a94f24350ef79
User & Date: drh 2015-05-27 18:13:35
Context
2015-05-27
18:19
Fix a minor and harmless memory leak in fuzzcheck. Adjust the makefiles to run fuzzcheck with --quiet on valgrind tests. check-in: 8bfe8344 user: drh tags: trunk
18:13
All bytes of a page are initialized, even bytes that follow a 2-byte cell on a malformed page. check-in: 7373a004 user: drh tags: trunk
15:42
A different approach to preventing buffer overreads when comparing a vector of values with a corrupt index record that spans at least one overflow page. check-in: 95eaa49f user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/btree.c.

  6893   6893           assert( leafCorrection==0 );
  6894   6894           assert( pOld->hdrOffset==0 );
  6895   6895           /* The right pointer of the child page pOld becomes the left
  6896   6896           ** pointer of the divider cell */
  6897   6897           memcpy(apCell[nCell], &pOld->aData[8], 4);
  6898   6898         }else{
  6899   6899           assert( leafCorrection==4 );
  6900         -        if( szCell[nCell]<4 ){
         6900  +        while( szCell[nCell]<4 ){
  6901   6901             /* Do not allow any cells smaller than 4 bytes. If a smaller cell
  6902   6902             ** does exist, pad it with 0x00 bytes. */
  6903   6903             assert( szCell[nCell]==3 || CORRUPT_DB );
  6904   6904             assert( apCell[nCell]==&aSpace1[iSpace1-3] || CORRUPT_DB );
  6905   6905             aSpace1[iSpace1++] = 0x00;
  6906         -          szCell[nCell] = 4;
         6906  +          szCell[nCell]++;
  6907   6907           }
  6908   6908         }
  6909   6909         nCell++;
  6910   6910       }
  6911   6911     }
  6912   6912   
  6913   6913     /*