Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix a problem in fts5 where a corrupt db could lead to a (huge) buffer overread. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
c9a30e117f2c6c9ef0cc0c6ca5227d29 |
| User & Date: | dan 2016-02-29 17:34:16 |
References
|
2016-03-01
| ||
| 14:51 | Fix a problem in fts5 where a corrupt db could lead to a (huge) buffer overread. Cherrypick of [c9a30e117f]. (Closed-Leaf check-in: daef5869 user: dan tags: branch-3.11-matchinfo) | |
Context
|
2016-03-01
| ||
| 14:51 | Fix a problem in fts5 where a corrupt db could lead to a (huge) buffer overread. Cherrypick of [c9a30e117f]. (Closed-Leaf check-in: daef5869 user: dan tags: branch-3.11-matchinfo) | |
| 02:11 | Better estimatedCost in the xBestIndex method of the generate_series vtab. (check-in: f2c16094 user: drh tags: trunk) | |
|
2016-02-29
| ||
| 18:30 | Modify the ANALYZE command to store worst-case statistics in sqlite_stat1, rather thn average case. (check-in: 5a0143c9 user: drh tags: analyze-worst-case) | |
| 17:34 | Fix a problem in fts5 where a corrupt db could lead to a (huge) buffer overread. (check-in: c9a30e11 user: dan tags: trunk) | |
| 17:16 | Fix an fts5 problem causing 'optimize' to corrupt the fts index under some circumstances. (check-in: 251d6473 user: dan tags: trunk) | |
Changes
Changes to ext/fts5/fts5_index.c.
| ︙ | ︙ | |||
693 694 695 696 697 698 699 700 701 702 703 704 705 706 |
p->rc = rc;
p->nRead++;
}
assert( (pRet==0)==(p->rc!=SQLITE_OK) );
return pRet;
}
/*
** Release a reference to data record returned by an earlier call to
** fts5DataRead().
*/
static void fts5DataRelease(Fts5Data *pData){
sqlite3_free(pData);
| > | 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 |
p->rc = rc;
p->nRead++;
}
assert( (pRet==0)==(p->rc!=SQLITE_OK) );
return pRet;
}
/*
** Release a reference to data record returned by an earlier call to
** fts5DataRead().
*/
static void fts5DataRelease(Fts5Data *pData){
sqlite3_free(pData);
|
| ︙ | ︙ | |||
2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 |
int bEndOfPage = 0;
assert( p->rc==SQLITE_OK );
iPgidx = szLeaf;
iPgidx += fts5GetVarint32(&a[iPgidx], iTermOff);
iOff = iTermOff;
while( 1 ){
/* Figure out how many new bytes are in this term */
fts5FastGetVarint32(a, iOff, nNew);
if( nKeep<nMatch ){
goto search_failed;
| > > > > | 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 |
int bEndOfPage = 0;
assert( p->rc==SQLITE_OK );
iPgidx = szLeaf;
iPgidx += fts5GetVarint32(&a[iPgidx], iTermOff);
iOff = iTermOff;
if( iOff>n ){
p->rc = FTS5_CORRUPT;
return;
}
while( 1 ){
/* Figure out how many new bytes are in this term */
fts5FastGetVarint32(a, iOff, nNew);
if( nKeep<nMatch ){
goto search_failed;
|
| ︙ | ︙ |