From: dan Date: Thu, 20 Jul 2023 20:29:56 +0000 (+0000) Subject: Fix some divide-by-zero errors that could occur when handling corrupt tombstone hash... X-Git-Tag: version-3.43.0~105^2~8 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3a51f8c3078bacc8c8059f985d511042f8561da3;p=thirdparty%2Fsqlite.git Fix some divide-by-zero errors that could occur when handling corrupt tombstone hash records. FossilOrigin-Name: 7567ca0676f0d45026f5cd4f3fbcd09119c2eaab8ec1711499609c16c452b5e4 --- diff --git a/ext/fts5/fts5_index.c b/ext/fts5/fts5_index.c index 99ff4c3b5f..d5235b2496 100644 --- a/ext/fts5/fts5_index.c +++ b/ext/fts5/fts5_index.c @@ -3099,6 +3099,9 @@ static void fts5MultiIterSetEof(Fts5Iter *pIter){ */ #define TOMBSTONE_KEYSIZE(pPg) (pPg->p[0]==4 ? 4 : 8) +#define TOMBSTONE_NSLOT(pPg) \ + ((pPg->nn > 16) ? ((pPg->nn-8) / TOMBSTONE_KEYSIZE(pPg)) : 1) + /* ** Query a single tombstone hash table for rowid iRowid. Return true if ** it is found or false otherwise. The tombstone hash table is one of @@ -3110,7 +3113,7 @@ static int fts5IndexTombstoneQuery( u64 iRowid /* Rowid to query hash for */ ){ const int szKey = TOMBSTONE_KEYSIZE(pHash); - const int nSlot = (pHash->nn - 8) / szKey; + const int nSlot = TOMBSTONE_NSLOT(pHash); int iSlot = (iRowid / nHashTable) % nSlot; int nCollide = nSlot; @@ -6554,7 +6557,7 @@ static int fts5IndexTombstoneAddToPage( u64 iRowid ){ const int szKey = TOMBSTONE_KEYSIZE(pPg); - const int nSlot = (pPg->nn - 8) / szKey; + const int nSlot = TOMBSTONE_NSLOT(pPg); const int nElem = fts5GetU32(&pPg->p[4]); int iSlot = (iRowid / nPg) % nSlot; int nCollide = nSlot; diff --git a/ext/fts5/test/fts5contentless3.test b/ext/fts5/test/fts5contentless3.test index 34b7b23da4..ec5477e676 100644 --- a/ext/fts5/test/fts5contentless3.test +++ b/ext/fts5/test/fts5contentless3.test @@ -29,6 +29,10 @@ do_execsql_test 1.0 { INSERT INTO ft VALUES('three three three'); INSERT INTO ft VALUES('four four four'); INSERT INTO ft VALUES('five five five'); + INSERT INTO ft VALUES('six six six'); + INSERT INTO ft VALUES('seven seven seven'); + INSERT INTO ft VALUES('eight eight eight'); + INSERT INTO ft VALUES('nine nine nine'); COMMIT; DELETE FROM ft WHERE rowid=3; @@ -71,6 +75,22 @@ do_execsql_test 1.5 { DELETE FROM ft WHERE rowid=4 } +do_execsql_test 1.6 { + UPDATE ft_data SET block = myhex('04000000 00000000') + WHERE id = (SELECT max(id) FROM ft_data); +} +do_execsql_test 1.7 { + SELECT rowid FROM ft('two'); +} {2} + +do_execsql_test 1.8 { + UPDATE ft_data SET block = myhex('04000000 00000000') + WHERE id = (SELECT max(id) FROM ft_data); +} +do_execsql_test 1.9 { + DELETE FROM ft WHERE rowid=8 +} {} + finish_test diff --git a/manifest b/manifest index 08dc29ea64..9e392f9f22 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Avoid\san\sinfinite\sloop\sthat\scould\sbe\sentered\swhen\sdealing\swith\scorrupt\sfts5\stombstone\shash\spages. -D 2023-07-20T20:09:26.394 +C Fix\ssome\sdivide-by-zero\serrors\sthat\scould\soccur\swhen\shandling\scorrupt\stombstone\shash\srecords. +D 2023-07-20T20:29:56.954 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -92,7 +92,7 @@ F ext/fts5/fts5_buffer.c 3001fbabb585d6de52947b44b455235072b741038391f830d6b7292 F ext/fts5/fts5_config.c 010fabcc0aaa0dfa76b19146e8bddf7de368933eeac01e294af6607447500caa F ext/fts5/fts5_expr.c 2473c13542f463cae4b938c498d6193c90d38ea1a2a4f9849c0479736e50d24d F ext/fts5/fts5_hash.c d4fb70940359f2120ccd1de7ffe64cc3efe65de9e8995b822cd536ff64c96982 -F ext/fts5/fts5_index.c 5b5b9944ef97bf9aa0726fdbd82552d488b6fcee32e086e6d32ea9934e1809e2 +F ext/fts5/fts5_index.c db653198e9bb76d285df246df1f14ebf3f1cfcbca0605f2bf272026f52021011 F ext/fts5/fts5_main.c ede405f0f11db562653b988d043a531daa66093b46c1b35b8fcddb54819cba84 F ext/fts5/fts5_storage.c 3c9b41fce41b6410f2e8f82eb035c6a29b2560483f773e6dc98cf3cb2e4ddbb5 F ext/fts5/fts5_tcl.c b1445cbe69908c411df8084a10b2485500ac70a9c747cdc8cda175a3da59d8ae @@ -134,7 +134,7 @@ F ext/fts5/test/fts5connect.test 08030168fc96fc278fa81f28654fb7e90566f33aff269c0 F ext/fts5/test/fts5content.test 213506436fb2c87567b8e31f6d43ab30aab99354cec74ed679f22aad0cdbf283 F ext/fts5/test/fts5contentless.test 9a42a86822670792ba632f5c57459addeb774d93b29d5e6ddae08faa64c2b6d9 F ext/fts5/test/fts5contentless2.test 12c778d134a121b8bad000fbf3ae900d53226fee840ce36fe941b92737f1fda7 -F ext/fts5/test/fts5contentless3.test db92625a2e3f9e5ba047ce8ded58c825affce45cc711ed6d7c96fe54b95894a1 +F ext/fts5/test/fts5contentless3.test b773267d7d5434d0a503b9d73de240f5769efb0e3576e133dd76eccb318116bc F ext/fts5/test/fts5corrupt.test 77ae6f41a7eba10620efb921cf7dbe218b0ef232b04519deb43581cb17a57ebe F ext/fts5/test/fts5corrupt2.test 7453752ba12ce91690c469a6449d412561cc604b1dec994e16ab132952e7805f F ext/fts5/test/fts5corrupt3.test 7da9895dafa404efd20728f66ff4b94399788bdc042c36fe2689801bba2ccd78 @@ -2047,8 +2047,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 5aac50e92e956b15367c75c20c17bc1c75e84e2752bfffe4ad0a266cb9bd3b8a -R a2bc7a639e489f4200810e70aeab413a +P 69ce2ce035279f2a00c2238187cf4d2a9092c3410f5900e4613fe4e46311169e +R 716993a5a4c359e4b4afccc9c55270f5 U dan -Z 36cb6c12a15fce5364a14d77012ed267 +Z f01327fd76f39e2a6bc2b85c23603eff # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index 87b279a730..a6af9f94f9 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -69ce2ce035279f2a00c2238187cf4d2a9092c3410f5900e4613fe4e46311169e \ No newline at end of file +7567ca0676f0d45026f5cd4f3fbcd09119c2eaab8ec1711499609c16c452b5e4 \ No newline at end of file