/ Check-in [585c94db]
Login
SQLite training in Houston TX on 2019-11-05 (details)
Part of the 2019 Tcl Conference

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Improvements to the -fsanitize=fuzzer based database file fuzzer.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | robust-against-damaged-db
Files: files | file ages | folders
SHA3-256: 585c94db09d21ce5c5275537014ba5cfe75d4df9274d6fd8d07f754e4aa2c640
User & Date: drh 2018-10-30 00:06:52
Context
2018-10-30
15:20
Improvements to the -fsanitize=fuzzer based database file fuzzer. (Cherrypick from the rubust-against-damaged-db branch.) check-in: 3cc01a0e user: drh tags: trunk
00:06
Improvements to the -fsanitize=fuzzer based database file fuzzer. Closed-Leaf check-in: 585c94db user: drh tags: robust-against-damaged-db
00:06
In the VACUUM command, defer setting writable_schema until after it has been determined that the schema is not corrupt. check-in: 3afec260 user: drh tags: robust-against-damaged-db
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to test/dbfuzz2.c.

74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96



97



98

99
100
101
102
103
104
105
  int rc;
  int i;

  if( eVerbosity>=1 ){
    printf("************** nByte=%d ***************\n", (int)nByte);
    fflush(stdout);
  }
  rc = sqlite3_open(":memory:", &db);
  if( rc ) return 1;
  a = sqlite3_malloc64(nByte);
  if( a==0 ) return 1;
  memcpy(a, aData, nByte);
  sqlite3_deserialize(db, "main", a, nByte, nByte,
        SQLITE_DESERIALIZE_RESIZEABLE |
        SQLITE_DESERIALIZE_FREEONCLOSE);
  for(i=0; i<sizeof(azSql)/sizeof(azSql[0]); i++){
    if( eVerbosity>=1 ){
      printf("%s\n", azSql[i]);
      fflush(stdout);
    }
    sqlite3_exec(db, azSql[i], 0, 0, 0);
  }
  sqlite3_close(db);



  if( sqlite3_memory_used()!=0 ){



    fprintf(stderr,"Memory leak: %lld bytes\n", sqlite3_memory_used());

    exit(1);
  }
  return 0;
}

/* libFuzzer invokes this routine once when the executable starts, to
** process the command-line arguments.







|

|












|
>
>
>

>
>
>
|
>







74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
  int rc;
  int i;

  if( eVerbosity>=1 ){
    printf("************** nByte=%d ***************\n", (int)nByte);
    fflush(stdout);
  }
  rc = sqlite3_open(0, &db);
  if( rc ) return 1;
  a = sqlite3_malloc64(nByte+1);
  if( a==0 ) return 1;
  memcpy(a, aData, nByte);
  sqlite3_deserialize(db, "main", a, nByte, nByte,
        SQLITE_DESERIALIZE_RESIZEABLE |
        SQLITE_DESERIALIZE_FREEONCLOSE);
  for(i=0; i<sizeof(azSql)/sizeof(azSql[0]); i++){
    if( eVerbosity>=1 ){
      printf("%s\n", azSql[i]);
      fflush(stdout);
    }
    sqlite3_exec(db, azSql[i], 0, 0, 0);
  }
  rc = sqlite3_close(db);
  if( rc!=SQLITE_OK ){
    fprintf(stdout, "sqlite3_close() returns %d\n", rc);
  }
  if( sqlite3_memory_used()!=0 ){
    int nAlloc = 0;
    int nNotUsed = 0;
    sqlite3_status(SQLITE_STATUS_MALLOC_COUNT, &nAlloc, &nNotUsed, 0);
    fprintf(stderr,"Memory leak: %lld bytes in %d allocations\n",
            sqlite3_memory_used(), nAlloc);
    exit(1);
  }
  return 0;
}

/* libFuzzer invokes this routine once when the executable starts, to
** process the command-line arguments.