SQLite

Check-in [3cc01a0eaf]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Improvements to the -fsanitize=fuzzer based database file fuzzer. (Cherrypick from the rubust-against-damaged-db branch.)
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 3cc01a0eaf54e3d5adf206825cfcab15edf73bd5aea10dfc497efd78071a17d0
User & Date: drh 2018-10-30 15:20:35.806
Context
2018-10-30
15:31
Modify the CLI so that the --deserialize option is only available if it is compiled with SQLITE_ENABLE_DESERIALIZE. DESERIALIZE is now off by default for the main.mk makefile, but on for Makefile.in and Makefile.msc. (check-in: 90b2a684f7 user: drh tags: trunk)
15:20
Improvements to the -fsanitize=fuzzer based database file fuzzer. (Cherrypick from the rubust-against-damaged-db branch.) (check-in: 3cc01a0eaf user: drh tags: trunk)
14:36
In the CLI, when opening a file that begins with the normal SQLite prefix, open the file as a normal database even if it has a ZIP for AppendVFS record at the end. (check-in: 7989bbda70 user: drh tags: trunk)
00:06
Improvements to the -fsanitize=fuzzer based database file fuzzer. (Closed-Leaf check-in: 585c94db09 user: drh tags: robust-against-damaged-db)
Changes
Unified Diff Ignore Whitespace Patch
Changes to test/dbfuzz2.c. 
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96



97



98

99
100
101
102
103
104
105

  int rc;
  int i;

  if( eVerbosity>=1 ){
    printf("************** nByte=%d ***************\n", (int)nByte);
    fflush(stdout);
  }
  rc = sqlite3_open(":memory:", &db);
  if( rc ) return 1;
  a = sqlite3_malloc64(nByte);
  if( a==0 ) return 1;
  memcpy(a, aData, nByte);
  sqlite3_deserialize(db, "main", a, nByte, nByte,
        SQLITE_DESERIALIZE_RESIZEABLE |
        SQLITE_DESERIALIZE_FREEONCLOSE);
  for(i=0; i<sizeof(azSql)/sizeof(azSql[0]); i++){
    if( eVerbosity>=1 ){
      printf("%s\n", azSql[i]);
      fflush(stdout);
    }
    sqlite3_exec(db, azSql[i], 0, 0, 0);
  }
  sqlite3_close(db);



  if( sqlite3_memory_used()!=0 ){



    fprintf(stderr,"Memory leak: %lld bytes\n", sqlite3_memory_used());

    exit(1);
  }
  return 0;
}

/* libFuzzer invokes this routine once when the executable starts, to
** process the command-line arguments.








|

|












|
>
>
>

>
>
>
|
>








74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

  int rc;
  int i;

  if( eVerbosity>=1 ){
    printf("************** nByte=%d ***************\n", (int)nByte);
    fflush(stdout);
  }
  rc = sqlite3_open(0, &db);
  if( rc ) return 1;
  a = sqlite3_malloc64(nByte+1);
  if( a==0 ) return 1;
  memcpy(a, aData, nByte);
  sqlite3_deserialize(db, "main", a, nByte, nByte,
        SQLITE_DESERIALIZE_RESIZEABLE |
        SQLITE_DESERIALIZE_FREEONCLOSE);
  for(i=0; i<sizeof(azSql)/sizeof(azSql[0]); i++){
    if( eVerbosity>=1 ){
      printf("%s\n", azSql[i]);
      fflush(stdout);
    }
    sqlite3_exec(db, azSql[i], 0, 0, 0);
  }
  rc = sqlite3_close(db);
  if( rc!=SQLITE_OK ){
    fprintf(stdout, "sqlite3_close() returns %d\n", rc);
  }
  if( sqlite3_memory_used()!=0 ){
    int nAlloc = 0;
    int nNotUsed = 0;
    sqlite3_status(SQLITE_STATUS_MALLOC_COUNT, &nAlloc, &nNotUsed, 0);
    fprintf(stderr,"Memory leak: %lld bytes in %d allocations\n",
            sqlite3_memory_used(), nAlloc);
    exit(1);
  }
  return 0;
}

/* libFuzzer invokes this routine once when the executable starts, to
** process the command-line arguments.