SQLite

Check-in [32754ca6f8]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Expand the size of the temporary page used during btree rebalancing by a few bytes, to avoid problems with small buffer overreads that can occur on corrupted database files.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 32754ca6f86da8165e274f98f35fc3df3aebd273e9da08387e2d0c3c89abda0f
User & Date: drh 2018-12-14 13:35:48.724
References
2018-12-14
16:20
Back out the expansion of the temporary buffer size from [32754ca6f86da816] and replace it with an explicit test for buffer overreads. (check-in: 8ba3d9f380 user: drh tags: trunk)
Context
2018-12-14
13:47
Fix a harmless compiler warning in Sessions. (check-in: fc9791ea98 user: drh tags: trunk)
13:35
Expand the size of the temporary page used during btree rebalancing by a few bytes, to avoid problems with small buffer overreads that can occur on corrupted database files. (check-in: 32754ca6f8 user: drh tags: trunk)
13:18
When saving the position of a cursor at the b-tree layer, allocate a few extra bytes at the end of the buffer used to save the key. Otherwise, if the key is corrupt, the code that restores the cursor position may overread the buffer by a little. (check-in: 160b1e31c0 user: dan tags: trunk)
Changes
Side-by-Side Diff Ignore Whitespace Patch
Changes to src/pcache1.c.
473
474
475
476
477
478
479



480

481
482
483
484
485
486
487
473
474
475
476
477
478
479
480
481
482

483
484
485
486
487
488
489
490







+
+
+
-
+








/*
** Malloc function used by SQLite to obtain space from the buffer configured
** using sqlite3_config(SQLITE_CONFIG_PAGECACHE) option. If no such buffer
** exists, this function falls back to sqlite3Malloc().
*/
void *sqlite3PageMalloc(int sz){
  /* During rebalance operations on a corrupt database file, it is sometimes
  ** (rarely) possible to overread the temporary page buffer by a few bytes.
  ** Enlarge the allocation slightly so that this does not cause problems. */
  return pcache1Alloc(sz);
  return pcache1Alloc(sz + 32);
}

/*
** Free an allocated buffer obtained from sqlite3PageMalloc().
*/
void sqlite3PageFree(void *p){
  pcache1Free(p);