SQLite

Check-in [e35d8c76aa]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Further improvements to shadow table corruption detection in FTS3.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: e35d8c76aae59f57cc5193f79b21b4298029bea78e1aab7af67432162ce63e00
User & Date: drh 2019-11-18 12:04:17.276
Context
2019-11-18
14:04
Improvements to detection of corruption in the %_stat shadow table of FTS4. (check-in: 6b67eba54e user: drh tags: trunk)
12:04
Further improvements to shadow table corruption detection in FTS3. (check-in: e35d8c76aa user: drh tags: trunk)
11:14
Detect and prevent infinite recursion in fts3SelectLeaf() due to a malformed FTS3 btree. (check-in: dfcf081d84 user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to ext/fts3/fts3_write.c. 
4241
4242
4243
4244
4245
4246
4247




4248
4249
4250
4251
4252
4253
4254

      fts3ReadEndBlockField(pSelect, 3, &iEnd, &pWriter->nLeafData);
      if( pWriter->nLeafData<0 ){
        pWriter->nLeafData = pWriter->nLeafData * -1;
      }
      pWriter->bNoLeafData = (pWriter->nLeafData==0);
      nRoot = sqlite3_column_bytes(pSelect, 4);
      aRoot = sqlite3_column_blob(pSelect, 4);




    }else{
      return sqlite3_reset(pSelect);
    }

    /* Check for the zero-length marker in the %_segments table */
    rc = fts3IsAppendable(p, iEnd, &bAppendable);









>
>
>
>








4241
4242
4243
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258

      fts3ReadEndBlockField(pSelect, 3, &iEnd, &pWriter->nLeafData);
      if( pWriter->nLeafData<0 ){
        pWriter->nLeafData = pWriter->nLeafData * -1;
      }
      pWriter->bNoLeafData = (pWriter->nLeafData==0);
      nRoot = sqlite3_column_bytes(pSelect, 4);
      aRoot = sqlite3_column_blob(pSelect, 4);
      if( aRoot==0 ){
        sqlite3_reset(pSelect);
        return nRoot ? SQLITE_NOMEM : FTS_CORRUPT_VTAB;
      }
    }else{
      return sqlite3_reset(pSelect);
    }

    /* Check for the zero-length marker in the %_segments table */
    rc = fts3IsAppendable(p, iEnd, &bAppendable);
Changes to test/fts3corrupt.test. 
161
162
163
164
165
166
167















168
169

do_test 5.2.1 { sqlite3_extended_errcode db } SQLITE_CORRUPT_VTAB
do_catchsql_test 5.3 {
  UPDATE t1_stat SET value = NULL;
  SELECT matchinfo(t1, 'nxa') FROM t1 WHERE t1 MATCH 't*';
} {1 {database disk image is malformed}}
do_test 5.3.1 { sqlite3_extended_errcode db } SQLITE_CORRUPT_VTAB

















finish_test








>
>
>
>
>
>
>
>
>
>
>
>
>
>
>



161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184

do_test 5.2.1 { sqlite3_extended_errcode db } SQLITE_CORRUPT_VTAB
do_catchsql_test 5.3 {
  UPDATE t1_stat SET value = NULL;
  SELECT matchinfo(t1, 'nxa') FROM t1 WHERE t1 MATCH 't*';
} {1 {database disk image is malformed}}
do_test 5.3.1 { sqlite3_extended_errcode db } SQLITE_CORRUPT_VTAB

# 2019-11-18 https://bugs.chromium.org/p/chromium/issues/detail?id=1025467
# bug1
db close
sqlite3 db :memory:
do_catchsql_test 6.10 {
  CREATE VIRTUAL TABLE f using fts3(a,b);
  CREATE TABLE f_stat(id INTEGER PRIMARY KEY, value BLOB);
  INSERT INTO f_segdir VALUES (2000, 0,0,0, '16', '');
  INSERT INTO f_segdir VALUES (1999, 0,0,0, '0 18',
                               x'000131030102000103323334050101010200');
  INSERT INTO f_segments (blockid) values (16);
  INSERT INTO f_segments values (0, x'');
  INSERT INTO f_stat VALUES (1,x'cf0f01');
  INSERT INTO f(f) VALUES ("merge=1");
} {1 {database disk image is malformed}}

finish_test