From: drh Date: Fri, 9 Dec 2016 19:42:18 +0000 (+0000) Subject: When doing the sqlite3BtreeInsert() overwrite optimization, make sure the X-Git-Tag: version-3.16.0~60 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2d08343a913619f05e379b7ce55f900ec80d9f77;p=thirdparty%2Fsqlite.git When doing the sqlite3BtreeInsert() overwrite optimization, make sure the memcpy() does not extend off the end of the page. FossilOrigin-Name: 684ef4582ed19b2af22dda6fc085c70464f92f1b --- diff --git a/manifest b/manifest index f92e4ec7ff..45507e32cb 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Additional\scomments\sand\san\sassert\son\sthe\ssqlite3BtreeInsert()\soverwrite\noptimization. -D 2016-12-09T18:09:42.258 +C When\sdoing\sthe\ssqlite3BtreeInsert()\soverwrite\soptimization,\smake\ssure\sthe\nmemcpy()\sdoes\snot\sextend\soff\sthe\send\sof\sthe\spage. +D 2016-12-09T19:42:18.129 F Makefile.in 7639c6a09da11a9c7c6f2630fc981ee588d1072d F Makefile.linux-gcc 7bc79876b875010e8c8f9502eb935ca92aa3c434 F Makefile.msc b8ca53350ae545e3562403d5da2a69cec79308da @@ -331,7 +331,7 @@ F src/auth.c 930b376a9c56998557367e6f7f8aaeac82a2a792 F src/backup.c faf17e60b43233c214aae6a8179d24503a61e83b F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33 F src/btmutex.c bc87dd3b062cc26edfe79918de2200ccb8d41e73 -F src/btree.c 38bc160dfb270b4e005b23672310096c78eed4c8 +F src/btree.c 217c9900de7cf04997aff25faabc366cfe84e8f1 F src/btree.h 2349a588abcd7e0c04f984e15c5c777b61637583 F src/btreeInt.h 10c4b77c2fb399580babbcc7cf652ac10dba796e F src/build.c 178f16698cbcb43402c343a9413fe22c99ffee21 @@ -1536,7 +1536,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 0b86fbca6615ccf1f3a62614db577a8acbec6d9e -R 11e5ca14997252e736d13429f6c59d06 +P c1f0ae9d2981a19875103750379ad26f2575f878 +R 956ba83a1c02ce8b54106bed68f282ac U drh -Z db8419761e0f22ff22785868538d89ab +Z 1db7deef38744b5038e919d70ebcde44 diff --git a/manifest.uuid b/manifest.uuid index 56e8b4d197..ea8d54ff5b 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -c1f0ae9d2981a19875103750379ad26f2575f878 \ No newline at end of file +684ef4582ed19b2af22dda6fc085c70464f92f1b \ No newline at end of file diff --git a/src/btree.c b/src/btree.c index d18f8d186d..b7e16a85f2 100644 --- a/src/btree.c +++ b/src/btree.c @@ -8068,6 +8068,7 @@ int sqlite3BtreeInsert( ** doing that is no faster then skipping this optimization and just ** calling dropCell() and insertCell(). */ assert( rc==SQLITE_OK ); /* clearCell never fails when nLocal==nPayload */ + if( oldCell+szNew > pPage->aDataEnd ) return SQLITE_CORRUPT_BKPT; memcpy(oldCell, newCell, szNew); return SQLITE_OK; }