Detect when an attempt is made to write to a pointer map page that is also

being used as a btree page and report corruption.

FossilOrigin-Name: 3036fd71ac7063359b04a0ed54a6c63a380eb7ff75cd29ed27486d4259066aee

diff --git a/manifest b/manifest
index 7511c4d9cbd95cbd49cd1e10e5c877334553bb6c..197727a8981467af48f264082249c964de1c174f 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\sa\sbug\sin\sthe\scustom\sin-memory\sVFS\sused\sby\sfuzzcheck.\s\sThis\sbug\smasks\nother\sbugs\sthat\sshould\shave\scaused\ssome\sexisting\sfuzzdata7.db\sentries\sto\nfail,\sand\sso\sthis\sfix\sis\sinitially\son\sa\sbranch\suntil\sthose\sother\sbugs\scan\nbe\srepaired.
-D 2018-12-14T02:29:56.907
+C Detect\swhen\san\sattempt\sis\smade\sto\swrite\sto\sa\spointer\smap\spage\sthat\sis\salso\nbeing\sused\sas\sa\sbtree\spage\sand\sreport\scorruption.
+D 2018-12-14T03:14:18.024
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F Makefile.in d8b254f8bb81bab43c340d70d17dc3babab40fcc8a348c8255881f780a45fee6
@@ -448,7 +448,7 @@ F src/auth.c 0fac71038875693a937e506bceb492c5f136dd7b1249fbd4ae70b4e8da14f9df
 F src/backup.c 78d3cecfbe28230a3a9a1793e2ead609f469be43e8f486ca996006be551857ab
 F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33
 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6
-F src/btree.c 20fdad94111d772de675c6ab426ef45f6a54f2489032c54d9ff536be7434f16d
+F src/btree.c 14b4b17b75af36e0431df2676205296bc234a634cf18798ad81f768b455b9e93
 F src/btree.h febb2e817be499570b7a2e32a9bbb4b607a9234f6b84bb9ae84916d4806e96f2
 F src/btreeInt.h 620ab4c7235f43572cf3ac2ac8723cbdf68073be4d29da24897c7b77dda5fd96
 F src/build.c ef9d7dc73e40dd9d10c28848343e21e8bc1baaab92cfb75eda893fff4fbf6b55
@@ -1787,10 +1787,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 18740bd448887d618fafee0b5a7c004aa2f2632244f7d29e2428772baa36b828
-R 4187c96fc309b3296053defbfad74e53
-T *branch * fuzzcheck-fix
-T *sym-fuzzcheck-fix *
-T -sym-trunk *
+P e0994e99955cf11f23dba029b5ed7f150f467887558848d5f03510e2fb5855f9
+R 7367b1481f35f13ad669721d0de5a468
 U drh
-Z f01ab5efca756d35503e75880f18321c
+Z 152c6d103923350304ee36a88dc9ee39

diff --git a/manifest.uuid b/manifest.uuid
index 4c5ed9e53b842e997e416ac64ab87afa47c3f5b4..a1898b4d0ebe70af47aec0fc7b96e46299daf200 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-e0994e99955cf11f23dba029b5ed7f150f467887558848d5f03510e2fb5855f9
\ No newline at end of file
+3036fd71ac7063359b04a0ed54a6c63a380eb7ff75cd29ed27486d4259066aee
\ No newline at end of file

diff --git a/src/btree.c b/src/btree.c
index 67a64a91f10c306efdcbc009d484a2ea51649906..52b816fbe3f3805ed8c4a0b512dab697bba0b9c8 100644 (file)
--- a/src/btree.c
+++ b/src/btree.c
@@ -992,6 +992,13 @@ static void ptrmapPut(BtShared *pBt, Pgno key, u8 eType, Pgno parent, int *pRC){
     *pRC = rc;
     return;
   }
+  if( ((char*)sqlite3PagerGetExtra(pDbPage))[0]!=0 ){
+    /* The first byte of the extra data is the MemPage.isInit byte.
+    ** If that byte is set, it means this page is also being used
+    ** as a btree page. */
+    *pRC = SQLITE_CORRUPT_BKPT;
+    goto ptrmap_exit;
+  }
   offset = PTRMAP_PTROFFSET(iPtrmap, key);
   if( offset<0 ){
     *pRC = SQLITE_CORRUPT_BKPT;