/ Check-in [8d2a062e]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a problem in the ".recover" command allowing a circular loop of b-tree pages in a database file to cause an infinite loop.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 8d2a062eb8a3e6fdc6a61b571c8da0070382bf208c53e797151eac8679c975a1
User & Date: dan 2019-05-09 18:33:32
Context
2019-05-09
18:37
Fix another small buffer overread in sqlite_dbdata triggered by a corrupt database page. check-in: 1dfc95b8 user: dan tags: trunk
18:33
Fix a problem in the ".recover" command allowing a circular loop of b-tree pages in a database file to cause an infinite loop. check-in: 8d2a062e user: dan tags: trunk
18:13
Make the ".schema" command in the CLI resistant to corrupt database files. check-in: f22c7e22 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to ext/misc/dbdata.c.

   297    297   /* 
   298    298   ** Utility methods to decode 16 and 32-bit big-endian unsigned integers. 
   299    299   */
   300    300   static unsigned int get_uint16(unsigned char *a){
   301    301     return (a[0]<<8)|a[1];
   302    302   }
   303    303   static unsigned int get_uint32(unsigned char *a){
   304         -  return (a[0]<<24)|(a[1]<<16)|(a[2]<<8)|a[3];
          304  +  return ((unsigned int)a[0]<<24)
          305  +       | ((unsigned int)a[1]<<16)
          306  +       | ((unsigned int)a[2]<<8)
          307  +       | ((unsigned int)a[3]);
   305    308   }
   306    309   
   307    310   /*
   308    311   ** Load page pgno from the database via the sqlite_dbpage virtual table.
   309    312   ** If successful, set (*ppPage) to point to a buffer containing the page
   310    313   ** data, (*pnPage) to the size of that buffer in bytes and return
   311    314   ** SQLITE_OK. In this case it is the responsibility of the caller to

Changes to src/shell.c.in.

  6629   6629       "    SELECT max(field+1) FROM sqlite_dbdata WHERE pgno=i-1"
  6630   6630       "  ) FROM pages WHERE i>=2"
  6631   6631       ")"
  6632   6632       "INSERT INTO recovery.map(pgno, maxlen, intkey, root) "
  6633   6633       "  SELECT i, maxlen, NULL, ("
  6634   6634       "    WITH p(orig, pgno, parent) AS ("
  6635   6635       "      SELECT 0, i, (SELECT pgno FROM recovery.dbptr WHERE child=i)"
  6636         -    "        UNION ALL"
         6636  +    "        UNION "
  6637   6637       "      SELECT i, p.parent, "
  6638   6638       "        (SELECT pgno FROM recovery.dbptr WHERE child=p.parent) FROM p"
  6639   6639       "    )"
  6640   6640       "    SELECT pgno FROM p WHERE (parent IS NULL OR pgno = orig)"
  6641   6641       ") "
  6642   6642       "FROM pages WHERE maxlen > 0 AND i NOT IN freelist;"
  6643   6643       "UPDATE recovery.map AS o SET intkey = ("