SQLite

Check-in [083f523d2f]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Add an assert() to verify that the nField+nXField values of a KeyInfo object are never less then the number of columns in a row for a non-corrupt database. This assert() currently fails, which is the root of the problem with ticket [f97c4637102a3ae72b].
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | tkt-f97c4637
Files: files | file ages | folders
SHA1: 083f523d2f6702d4836d71986043db058e2c2356
User & Date: drh 2015-01-19 17:28:16.013
Context
2015-01-19
18:18
Strengthen the KeyInfo number-of-columns assert() added by the previous check-in. (Closed-Leaf check-in: d0971b7913 user: drh tags: tkt-f97c4637)
17:28
Add an assert() to verify that the nField+nXField values of a KeyInfo object are never less then the number of columns in a row for a non-corrupt database. This assert() currently fails, which is the root of the problem with ticket [f97c4637102a3ae72b]. (check-in: 083f523d2f user: drh tags: tkt-f97c4637)
15:05
Enhance the command-line shell with the ability to set the SQLITE_TESTCTRL_NEVER_CORRUPT flag using: ".testctrl never_corrupt 1". (check-in: 824328f983 user: drh tags: trunk)
Changes
Side-by-Side Diff Ignore Whitespace Patch
Changes to src/vdbeaux.c.
3262
3263
3264
3265
3266
3267
3268

3269
3270
3271
3272
3273
3274
3275
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276







+







  const UnpackedRecord *pPKey2, /* Right key */
  int desiredResult             /* Correct answer */
){
  u32 d1;            /* Offset into aKey[] of next data element */
  u32 idx1;          /* Offset into aKey[] of next header element */
  u32 szHdr1;        /* Number of bytes in header */
  int i = 0;
  int nField = 0;    /* Number of fields seen in the pKey1 record */
  int rc = 0;
  const unsigned char *aKey1 = (const unsigned char *)pKey1;
  KeyInfo *pKeyInfo;
  Mem mem1;

  pKeyInfo = pPKey2->pKeyInfo;
  if( pKeyInfo->db==0 ) return 1;
3294
3295
3296
3297
3298
3299
3300

3301
3302
3303
3304
3305
3306
3307
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309







+







  assert( pKeyInfo->nField>0 );
  assert( idx1<=szHdr1 || CORRUPT_DB );
  do{
    u32 serial_type1;

    /* Read the serial types for the next element in each key. */
    idx1 += getVarint32( aKey1+idx1, serial_type1 );
    nField++;

    /* Verify that there is enough key space remaining to avoid
    ** a buffer overread.  The "d1+serial_type1+2" subexpression will
    ** always be greater than or equal to the amount of required key space.
    ** Use that approximation to avoid the more expensive call to
    ** sqlite3VdbeSerialTypeLen() in the common case.
    */
3336
3337
3338
3339
3340
3341
3342










3343
3344
3345
3346
3347
3348
3349
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361







+
+
+
+
+
+
+
+
+
+








  /* rc==0 here means that one of the keys ran out of fields and
  ** all the fields up to that point were equal. Return the default_rc
  ** value.  */
  rc = pPKey2->default_rc;

debugCompareEnd:
  /* Verify that the total number of columns in the record does not
  ** exceed pKeyInfo->nField + pKeyInfo->nXField.  
  */
  while( idx1<szHdr1 ){
    u32 serial_type1;
    idx1 += getVarint32( aKey1+idx1, serial_type1);
    nField++;
  }
  assert( nField <= pKeyInfo->nField + pKeyInfo->nXField || CORRUPT_DB );

  if( desiredResult==0 && rc==0 ) return 1;
  if( desiredResult<0 && rc<0 ) return 1;
  if( desiredResult>0 && rc>0 ) return 1;
  if( CORRUPT_DB ) return 1;
  if( pKeyInfo->db->mallocFailed ) return 1;
  return 0;
}