Work around a "security feature" bug in memcpy() on OpenBSD.

FossilOrigin-Name: fab6f09044d033dd09ed8a22e06bc6a7851bbabf

diff --git a/manifest b/manifest
index 2e4d2de99b44db6fd6385e6d8a699df0c90aab3f..fa290bfaef18817670a3eb55e12069bb3ce5410e 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Remove\sanother\sinstance\sof\sstrcpy()\sfrom\sFTS5,\sto\smollify\sOpenBSD.
-D 2015-10-10T15:57:20.187
+C Work\saround\sa\s"security\sfeature"\sbug\sin\smemcpy()\son\sOpenBSD.
+D 2015-10-10T16:41:28.969
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in f0088ff0d2ac949fce6de7c00f13a99ac5bdb663
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@@ -285,7 +285,7 @@ F src/auth.c b56c78ebe40a2110fd361379f7e8162d23f92240
 F src/backup.c c3a9c4209439b806c44cf30daf466955727bf46c
 F src/bitvec.c d1f21d7d91690747881f03940584f4cc548c9d3d
 F src/btmutex.c 45a968cc85afed9b5e6cf55bf1f42f8d18107f79
-F src/btree.c a5a653087ae98dd743d12ae0920d5b64c5335960
+F src/btree.c 0b74bc28b2dc907cba03b5b4b3b81584273be699
 F src/btree.h 40189aefdc2b830d25c8b58fd7d56538481bfdd7
 F src/btreeInt.h 8177c9ab90d772d6d2c6c517e05bed774b7c92c0
 F src/build.c d6162335d690396dfc5c4bd59e8b2b0c14ba6285
@@ -1390,7 +1390,7 @@ F tool/vdbe_profile.tcl 67746953071a9f8f2f668b73fe899074e2c6d8c1
 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4
 F tool/warnings.sh 48bd54594752d5be3337f12c72f28d2080cb630b
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P bc24a5bbfd95df3518611b221de69b73776111bc
-R 35f43270ac91020433e35fde493807ce
+P 35e6248abb4435a8b26d270092b856beff867406
+R 9fd826df5b8be6e5111bab176d72d145
 U drh
-Z 62a6607ac126b7b5aac408948416878c
+Z 61d2ace382c5fa85de2f4090e2c287bd

diff --git a/manifest.uuid b/manifest.uuid
index 99f29c9a8d3ff26c04dda62732143d2835e794c7..ea0c817d8385dc7c213cc54b9b07016867746cbf 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-35e6248abb4435a8b26d270092b856beff867406
\ No newline at end of file
+fab6f09044d033dd09ed8a22e06bc6a7851bbabf
\ No newline at end of file

diff --git a/src/btree.c b/src/btree.c
index 1eae0ac5d2b233ee9d694a7482f2ce0af9fdcc00..2c1a9983e5b4d25bf759e98b7e6e6040371a5155 100644 (file)
--- a/src/btree.c
+++ b/src/btree.c
@@ -6499,7 +6499,13 @@ static int pageInsertArray(
       if( pData<pBegin ) return 1;
       pSlot = pData;
     }
-    memcpy(pSlot, pCArray->apCell[i], sz);
+    /* pSlot and pCArray->apCell[i] will never overlap on a well-formed
+    ** database.  But they might for a corrupt database.  Hence use memmove()
+    ** since memcpy() sends SIGABORT with overlapping buffers on OpenBSD */
+    assert( (pSlot+sz)<=pCArray->apCell[i]
+         || pSlot>=(pCArray->apCell[i]+sz)
+         || CORRUPT_DB );
+    memmove(pSlot, pCArray->apCell[i], sz);
     put2byte(pCellptr, (pSlot - aData));
     pCellptr += 2;
   }