I'm not using sqlite.exe but compiling the amalgamation version of sqlite3.c into my code. The overrun is being detected by a checked heap.
I've reduced the number of SQL statements to just two:
```
CREATE TABLE aaaaaa (bbb_id TEXT,ccccccc_id TEXT,ddd TEXT);
CREATE INDEX aaaaaa_ccccccc_id ON aaaaaa (bbb_id ASC,ccccccc_id ASC);
```
If it helps, at some point sqlite3StrAccumEnlarge() gets called with N=8. The string at this point is 0x44 bytes long `"INSERT INTO 'main'.sqlite_master VALUES('index','aaaaaa_ccccccc_id',"`. sqlite3DbRealloc() then gets called with p->nAlloc = 0x91.
It's that allocation that gets rounded up to 0x98 and then overrun by 1 byte. I haven't been able to follow what's happening to see why yet.
Mark