Fix problems handling corrupt records in new fts5 code.

author dan <Dan Kennedy>

Mon, 17 Apr 2023 11:41:42 +0000 (11:41 +0000)

committer dan <Dan Kennedy>

Mon, 17 Apr 2023 11:41:42 +0000 (11:41 +0000)
author dan <Dan Kennedy>
Mon, 17 Apr 2023 11:41:42 +0000 (11:41 +0000)
committer dan <Dan Kennedy>
Mon, 17 Apr 2023 11:41:42 +0000 (11:41 +0000)
diff --git a/ext/fts5/fts5_index.c b/ext/fts5/fts5_index.c

index b93957bbd0b14e4a060ad4c337b6743100e13717..c51d82be99506c9b04586ab34a35fcb0ebb40298 100644 (file)
--- a/ext/fts5/fts5_index.c
+++ b/ext/fts5/fts5_index.c
@@ -4509,16 +4509,16 @@ static void fts5IndexCrisismerge(
  ){
    const int nCrisis = p->pConfig->nCrisisMerge;
    Fts5Structure *pStruct = *ppStruct;
-  int iLvl = 0;
-
-  assert( p->rc!=SQLITE_OK || pStruct->nLevel>0 );
-  while( p->rc==SQLITE_OK && pStruct->aLevel[iLvl].nSeg>=nCrisis ){
-    fts5IndexMergeLevel(p, &pStruct, iLvl, 0);
-    assert( p->rc!=SQLITE_OK || pStruct->nLevel>(iLvl+1) );
-    fts5StructurePromote(p, iLvl+1, pStruct);
-    iLvl++;
+  if( pStruct && pStruct->nLevel>0 ){
+    int iLvl = 0;
+    while( p->rc==SQLITE_OK && pStruct->aLevel[iLvl].nSeg>=nCrisis ){
+      fts5IndexMergeLevel(p, &pStruct, iLvl, 0);
+      assert( p->rc!=SQLITE_OK || pStruct->nLevel>(iLvl+1) );
+      fts5StructurePromote(p, iLvl+1, pStruct);
+      iLvl++;
+    }
+    *ppStruct = pStruct;
    }
-  *ppStruct = pStruct;
  }
  
  static int fts5IndexReturn(Fts5Index *p){
@@ -4823,17 +4823,21 @@ static void fts5FlushSecureDelete(
              nPrefix = MIN(nPrefix, nPrefix2);
              nSuffix = (nPrefix2 + nSuffix2) - nPrefix;
  
-            if( iKey!=1 ){
-              iOff += sqlite3Fts5PutVarint(&aPg[iOff], nPrefix);
-            }
-            iOff += sqlite3Fts5PutVarint(&aPg[iOff], nSuffix);
-            if( nPrefix2>nPrefix ){
-              memcpy(&aPg[iOff], &zTerm[nPrefix], nPrefix2-nPrefix);
-              iOff += (nPrefix2-nPrefix);
+            if( (iKeyOff+nSuffix)>iPgIdx || (iNextOff+nSuffix2)>iPgIdx ){
+              p->rc = FTS5_CORRUPT;
+            }else{
+              if( iKey!=1 ){
+                iOff += sqlite3Fts5PutVarint(&aPg[iOff], nPrefix);
+              }
+              iOff += sqlite3Fts5PutVarint(&aPg[iOff], nSuffix);
+              if( nPrefix2>nPrefix ){
+                memcpy(&aPg[iOff], &zTerm[nPrefix], nPrefix2-nPrefix);
+                iOff += (nPrefix2-nPrefix);
+              }
+              memmove(&aPg[iOff], &aPg[iNextOff], nSuffix2);
+              iOff += nSuffix2;
+              iNextOff += nSuffix2;
              }
-            memmove(&aPg[iOff], &aPg[iNextOff], nSuffix2);
-            iOff += nSuffix2;
-            iNextOff += nSuffix2;
            }
          }else if( iStart==4 ){
            assert_nc( pSeg->iLeafPgno>pSeg->iTermLeafPgno );
@@ -4878,33 +4882,35 @@ static void fts5FlushSecureDelete(
            }
          }
  
-        nMove = nPg - iNextOff;
-        memmove(&aPg[iOff], &aPg[iNextOff], nMove);
-        iPgIdx -= (iNextOff - iOff);
-        nPg = iPgIdx;
-        fts5PutU16(&aPg[2], iPgIdx);
-
-        nShift = iNextOff - iOff;
-        for(iIdx=0, iKeyOff=0, iPrevKeyOff=0; iIdx<nIdx; /* no-op */){
-          u32 iVal = 0;
-          iIdx += fts5GetVarint32(&aIdx[iIdx], iVal);
-          iKeyOff += iVal;
-          if( iKeyOff!=iDelKeyOff ){
-            if( iKeyOff>iOff ){
-              iKeyOff -= nShift;
-              nShift = 0;
+        if( p->rc==SQLITE_OK ){
+          nMove = nPg - iNextOff;
+          memmove(&aPg[iOff], &aPg[iNextOff], nMove);
+          iPgIdx -= (iNextOff - iOff);
+          nPg = iPgIdx;
+          fts5PutU16(&aPg[2], iPgIdx);
+
+          nShift = iNextOff - iOff;
+          for(iIdx=0, iKeyOff=0, iPrevKeyOff=0; iIdx<nIdx; /* no-op */){
+            u32 iVal = 0;
+            iIdx += fts5GetVarint32(&aIdx[iIdx], iVal);
+            iKeyOff += iVal;
+            if( iKeyOff!=iDelKeyOff ){
+              if( iKeyOff>iOff ){
+                iKeyOff -= nShift;
+                nShift = 0;
+              }
+              nPg += sqlite3Fts5PutVarint(&aPg[nPg], iKeyOff - iPrevKeyOff);
+              iPrevKeyOff = iKeyOff;
              }
-            nPg += sqlite3Fts5PutVarint(&aPg[nPg], iKeyOff - iPrevKeyOff);
-            iPrevKeyOff = iKeyOff;
            }
-        }
  
-        if( iPgIdx==nPg && nIdx>0 && pSeg->iLeafPgno!=1 ){
-          fts5SecureDeleteIdxEntry(p, iSegid, pSeg->iLeafPgno);
-        }
+          if( iPgIdx==nPg && nIdx>0 && pSeg->iLeafPgno!=1 ){
+            fts5SecureDeleteIdxEntry(p, iSegid, pSeg->iLeafPgno);
+          }
  
-        assert_nc( nPg>4 || fts5GetU16(aPg)==0 );
-        fts5DataWrite(p, FTS5_SEGMENT_ROWID(iSegid, pSeg->iLeafPgno), aPg, nPg);
+          assert_nc( nPg>4 || fts5GetU16(aPg)==0 );
+          fts5DataWrite(p, FTS5_SEGMENT_ROWID(iSegid,pSeg->iLeafPgno), aPg,nPg);
+        }
          sqlite3_free(aIdx);
        }
      }
diff --git a/ext/fts5/test/fts5secure4.test b/ext/fts5/test/fts5secure4.test

index c2fd369958e0454f0ed77d8940ed6c30cf9f925c..7cfc5a73e9cc9abddc9486deb1284483f719977b 100644 (file)
--- a/ext/fts5/test/fts5secure4.test
+++ b/ext/fts5/test/fts5secure4.test
@@ -69,6 +69,20 @@ do_execsql_test 1.9 {
    INSERT INTO y1(y1) VALUES('integrity-check');
  }
  
+do_execsql_test 1.10 {
+  CREATE VIRTUAL TABLE w1 USING fts5(ww, content="");
+  INSERT INTO w1(rowid, ww) VALUES(123, '');
+}
+do_catchsql_test 1.11 {
+  INSERT INTO w1(w1, rowid, ww) VALUES('delete', 123, 'xyz');
+} {1 {database disk image is malformed}}
+do_catchsql_test 1.12 {
+  DROP TABLE w1;
+  CREATE VIRTUAL TABLE w1 USING fts5(ww, content="");
+  INSERT INTO w1(rowid, ww) VALUES(123, '');
+  DELETE FROM w1_data WHERE id>10;
+  INSERT INTO w1(w1, rowid, ww) VALUES('delete', 123, 'xyz');
+} {1 {database disk image is malformed}}
  
  #-------------------------------------------------------------------------
  # Test using secure-delete with detail=none or detail=col.
diff --git a/manifest b/manifest

index 5c33c95e0e527e598c63a30386366abd8619a251..26932a38175bb7fd0f184142abd233cc8ccc082b 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\san\sassert()\sin\sfts5\sthat\smay\sbe\strue\swhen\sdealing\swith\scorrupt\srecords.
-D 2023-04-17T10:39:51.274
+C Fix\sproblems\shandling\scorrupt\srecords\sin\snew\sfts5\scode.
+D 2023-04-17T11:41:42.438
  F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
  F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
  F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -92,7 +92,7 @@ F ext/fts5/fts5_buffer.c 3001fbabb585d6de52947b44b455235072b741038391f830d6b7292
  F ext/fts5/fts5_config.c 46af0b3c3c3f00bfc5bdd307434d7c5f0fa0678a034dd48345cd83b20068efbd
  F ext/fts5/fts5_expr.c 48e8e45261c6030cf5c77f606217a22722b1a4d0b34e2ba6cbfc386581627989
  F ext/fts5/fts5_hash.c d4fb70940359f2120ccd1de7ffe64cc3efe65de9e8995b822cd536ff64c96982
-F ext/fts5/fts5_index.c 0fe4bf689b04c9a662bacd6936f7f07926eb61cf2024c8d4c8241d3bd3efe723
+F ext/fts5/fts5_index.c 13c4ea17f9e6b155d3c6d78b54ae4e5ed22e1692041958f3ec71a5712172d915
  F ext/fts5/fts5_main.c b4dba04a36aaf9b8e8cef0100b6dbb422cc74753eacc11d6401cac7a87c0f38d
  F ext/fts5/fts5_storage.c 76c6085239eb44424004c022e9da17a5ecd5aaec859fba90ad47d3b08f4c8082
  F ext/fts5/fts5_tcl.c b1445cbe69908c411df8084a10b2485500ac70a9c747cdc8cda175a3da59d8ae
@@ -190,7 +190,7 @@ F ext/fts5/test/fts5savepoint.test fc02929f238d02a22df4172625704e029f7c1e0e92e33
  F ext/fts5/test/fts5secure.test 214a561519d1b1817f146efd1057e2a97cc896e75c2accc77157d874154bda64
  F ext/fts5/test/fts5secure2.test 2e961d7eef939f294c56b5d895cac7f1c3a60b934ee2cfd5e5e620bdf1ba6bbc
  F ext/fts5/test/fts5secure3.test c7e1080a6912f2a3ac68f2e05b88b72a99de38543509b2bbf427cac5c9c1c610
-F ext/fts5/test/fts5secure4.test 1bc36e827093c0f5b93bd4bad3c6ec8caaa9f7ab830633b49a465f67d48f3e7c
+F ext/fts5/test/fts5secure4.test 58638eab7e80571649d08673e7924d85ec293566377a9e7f49160857f001d529
  F ext/fts5/test/fts5securefault.test 7208daed4171de8a54a293ef800411e3cec1ffc6e9d34209b53e56a70ee554da
  F ext/fts5/test/fts5simple.test a298670508c1458b88ce6030440f26a30673931884eb5f4094ac1773b3ba217b
  F ext/fts5/test/fts5simple2.test 258a1b0c590409bfa5271e872c79572b319d2a56554d0585f68f146a0da603f0
@@ -2057,8 +2057,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
  F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
  F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
  F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 8de4542553ae20947787b4daf5e88bbe69f815679960e700e19f9c1148234b08
-R afbeea9d1c47bed909416ab95ba6cabc
+P e8de2774463c07b76cd6b9a44ab32a583fe973f42a21b21af46fe82ab177c1b8
+R e73db0b2fec49cf21caca2b40145b9f4
  U dan
-Z 13440c307a288857a675d3a4be022dc6
+Z 8d23b3253d2a52bc5cc6c258ff86d3c2
  # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid

index 75177acf3294cad754eb2333ecdaa293c0d3bdd6..5bab2e43f581067f73ae462671970d91be0018f8 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-e8de2774463c07b76cd6b9a44ab32a583fe973f42a21b21af46fe82ab177c1b8
-\ No newline at end of file
+2f63d4a8bac6dc72197df32efd84c148adbc4794943088dff08da57b15dd7900
+\ No newline at end of file
author	dan <Dan Kennedy>
	Mon, 17 Apr 2023 11:41:42 +0000 (11:41 +0000)
committer	dan <Dan Kennedy>
	Mon, 17 Apr 2023 11:41:42 +0000 (11:41 +0000)
ext/fts5/fts5_index.c		patch \| blob \| blame \| history
ext/fts5/test/fts5secure4.test		patch \| blob \| blame \| history
manifest		patch \| blob \| blame \| history
manifest.uuid		patch \| blob \| blame \| history