Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch no-overread Excluding Merge-Ins
This is equivalent to a diff from d73e93cf to 9e5add51
2012-01-04
| ||
12:57 | Fix typos and comments and make minor changes to a few function names, as suggested by readership. (check-in: e9d05cbb user: drh tags: trunk) | |
2012-01-03
| ||
21:54 | Pull all the latest trunk changes over into the apple-osx branch. (check-in: 8a048423 user: drh tags: apple-osx) | |
21:33 | Experimental changes to prevent buffer overreads when parsing a corrupt database file. (Closed-Leaf check-in: 9e5add51 user: drh tags: no-overread) | |
14:50 | Make sure filenames passed into sqlite3OsOpen() always have the extra zero-terminators needed by sqlite3_uri_parameter(). (check-in: d73e93cf user: drh tags: trunk) | |
2012-01-02
| ||
18:20 | Remove the code that attempts to find the sector size from the OS and hardcode the xSectorSize methods of the unix and windows VFSes to return SQLITE_DEFAULT_SECTOR_SIZE, which is now set to 4096 unless overridden. (check-in: 03d8362c user: drh tags: trunk) | |
Changes to src/btree.c.
︙ | ︙ | |||
897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 | static void btreeParseCellPtr( MemPage *pPage, /* Page containing the cell */ u8 *pCell, /* Pointer to the cell text. */ CellInfo *pInfo /* Fill in this structure */ ){ u16 n; /* Number bytes in cell content header */ u32 nPayload; /* Number of bytes of cell payload */ assert( sqlite3_mutex_held(pPage->pBt->mutex) ); pInfo->pCell = pCell; assert( pPage->leaf==0 || pPage->leaf==1 ); n = pPage->childPtrSize; assert( n==4-4*pPage->leaf ); if( pPage->intKey ){ if( pPage->hasData ){ n += getVarint32(&pCell[n], nPayload); }else{ | > > > > > > > | 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 | static void btreeParseCellPtr( MemPage *pPage, /* Page containing the cell */ u8 *pCell, /* Pointer to the cell text. */ CellInfo *pInfo /* Fill in this structure */ ){ u16 n; /* Number bytes in cell content header */ u32 nPayload; /* Number of bytes of cell payload */ u8 cellBuf[20]; assert( sqlite3_mutex_held(pPage->pBt->mutex) ); pInfo->pCell = pCell; if( pCell >= pPage->aDataEnd - sizeof(cellBuf) && pCell < pPage->aDataEnd ){ int x = pPage->aDataEnd - pCell; memcpy(cellBuf, pCell, x); memset(&cellBuf[x], 0, sizeof(cellBuf)-x); pCell = cellBuf; } assert( pPage->leaf==0 || pPage->leaf==1 ); n = pPage->childPtrSize; assert( n==4-4*pPage->leaf ); if( pPage->intKey ){ if( pPage->hasData ){ n += getVarint32(&pCell[n], nPayload); }else{ |
︙ | ︙ | |||
973 974 975 976 977 978 979 | /* ** Compute the total number of bytes that a Cell needs in the cell ** data area of the btree-page. The return number includes the cell ** data header and the local payload, but not any overflow page or ** the space used by the cell pointer. */ static u16 cellSizePtr(MemPage *pPage, u8 *pCell){ | | > > > > > > > > | | | | | | 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 | /* ** Compute the total number of bytes that a Cell needs in the cell ** data area of the btree-page. The return number includes the cell ** data header and the local payload, but not any overflow page or ** the space used by the cell pointer. */ static u16 cellSizePtr(MemPage *pPage, u8 *pCell){ u8 *pX = pCell; u32 nSize; u8 cellBuf[25]; #ifdef SQLITE_DEBUG /* The value returned by this function should always be the same as ** the (CellInfo.nSize) value found by doing a full parse of the ** cell. If SQLITE_DEBUG is defined, an assert() at the bottom of ** this function verifies that this invariant is not violated. */ CellInfo debuginfo; btreeParseCellPtr(pPage, pCell, &debuginfo); #endif if( pX >= pPage->aDataEnd - sizeof(cellBuf) && pX < pPage->aDataEnd ){ int x = pPage->aDataEnd - pX; memcpy(cellBuf, pCell, x); memset(&cellBuf[x], 0, sizeof(cellBuf)-x); pX = pCell = cellBuf; } pX += pPage->childPtrSize; if( pPage->intKey ){ u8 *pEnd; if( pPage->hasData ){ pX += getVarint32(pX, nSize); }else{ nSize = 0; } /* pIter now points at the 64-bit integer key value, a variable length ** integer. The following block moves pIter to point at the first byte ** past the end of the key value. */ pEnd = &pX[9]; while( (*pX++)&0x80 && pX<pEnd ); }else{ pX += getVarint32(pX, nSize); } testcase( nSize==pPage->maxLocal ); testcase( nSize==pPage->maxLocal+1 ); if( nSize>pPage->maxLocal ){ int minLocal = pPage->minLocal; nSize = minLocal + (nSize - minLocal) % (pPage->pBt->usableSize - 4); testcase( nSize==pPage->maxLocal ); testcase( nSize==pPage->maxLocal+1 ); if( nSize>pPage->maxLocal ){ nSize = minLocal; } nSize += 4; } nSize += (u32)(pX - pCell); /* The minimum size of any cell is 4 bytes. */ if( nSize<4 ){ nSize = 4; } assert( nSize==debuginfo.nSize ); |
︙ | ︙ |