From: drh <>
Date: Thu, 16 Mar 2023 01:20:03 +0000 (+0000)
Subject: When the btreeInitPage() routine detects database corruption, it should
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=45fcdcb05f36e0ca434d18e52477c5082929f89b;p=thirdparty%2Fsqlite.git

When the btreeInitPage() routine detects database corruption, it should
continue to the end and set MemPage.isInit before it returns SQLITE_CORRUPT,
because if it leaves MemPage.isInit unset, then can cause difficulty later.
dbsqlfuzz 460aa158f9a2c41145831cc924296cde1f312b3f

FossilOrigin-Name: 44e83f8b8fab5b46fd50461b5bad9b31437607f259e8b284852ca3be0d376c8a
---

diff --git a/manifest b/manifest
index ea75ce9552..373c42bcfe 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Disallow\sthe\sone-pass\soptimization\sfor\sDELETE\sif\sthe\sWHERE\sclause\scontains\na\ssubquery.\s\sFix\sfor\sthe\sproblem\sreported\sby\n[forum:/forumpost/e61252062c9d286d|forum\spost\se61252062c9d286d].\s\sThis\sfix\nis\smore\srestrictive\sthan\snecessary.\s\sIt\scould\sbe\srelaxed\sif\sthe\ssubquery\sdoes\nnot\sinvolve\sthe\stable\sthat\sis\sthe\ssubject\sof\sthe\sDELETE.
-D 2023-03-15T17:58:51.689
+C When\sthe\sbtreeInitPage()\sroutine\sdetects\sdatabase\scorruption,\sit\sshould\ncontinue\sto\sthe\send\sand\sset\sMemPage.isInit\sbefore\sit\sreturns\sSQLITE_CORRUPT,\nbecause\sif\sit\sleaves\sMemPage.isInit\sunset,\sthen\scan\scause\sdifficulty\slater.\ndbsqlfuzz\s460aa158f9a2c41145831cc924296cde1f312b3f
+D 2023-03-16T01:20:03.007
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -564,7 +564,7 @@ F src/auth.c f4fa91b6a90bbc8e0d0f738aa284551739c9543a367071f55574681e0f24f8cf
 F src/backup.c a2891172438e385fdbe97c11c9745676bec54f518d4447090af97189fd8e52d7
 F src/bitvec.c 7c849aac407230278445cb069bebc5f89bf2ddd87c5ed9459b070a9175707b3d
 F src/btmutex.c 6ffb0a22c19e2f9110be0964d0731d2ef1c67b5f7fabfbaeb7b9dabc4b7740ca
-F src/btree.c c547e099f853de61835ff45da8d956a932d02ecf1ffd472a1f2a103b83e6dd40
+F src/btree.c a5e655d5bec07d1f9fccc1e7a28b5b26996c6c18114ca05af129d83293a4c822
 F src/btree.h aa354b9bad4120af71e214666b35132712b8f2ec11869cb2315c52c81fad45cc
 F src/btreeInt.h 06bb2c1a07172d5a1cd27a2a5d617b93b1e976c5873709c31964786f86365a6e
 F src/build.c 4fed662d383527c808d85f53b9c544ead425ac8b9c7cb38501a64e3797921d41
@@ -2050,8 +2050,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 4c4e66f293d7768cceb875a936ca0f4cd910473e20b9910698cc1e1ce221a7d4
-R 934d92c186df99d22e77975c034c41b7
+P 73f0036f045bf37193b6e87ae45b578c5831614c530488257c69666178da3aa5
+R f8418eb3fd937c9722d4ddb07f780c3f
 U drh
-Z 54012e32e8462771957ea3ef7763a915
+Z 85500bf9802b1e301dd6325803715dec
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index cea5ff8945..83068c2d2b 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-73f0036f045bf37193b6e87ae45b578c5831614c530488257c69666178da3aa5
\ No newline at end of file
+44e83f8b8fab5b46fd50461b5bad9b31437607f259e8b284852ca3be0d376c8a
\ No newline at end of file
diff --git a/src/btree.c b/src/btree.c
index 210845eeb6..452135751f 100644
--- a/src/btree.c
+++ b/src/btree.c
@@ -2142,6 +2142,7 @@ static SQLITE_NOINLINE int btreeCellSizeCheck(MemPage *pPage){
 static int btreeInitPage(MemPage *pPage){
   u8 *data;          /* Equal to pPage->aData */
   BtShared *pBt;        /* The main btree structure */
+  int rc = SQLITE_OK;
 
   assert( pPage->pBt!=0 );
   assert( pPage->pBt->db!=0 );
@@ -2156,7 +2157,7 @@ static int btreeInitPage(MemPage *pPage){
   /* EVIDENCE-OF: R-28594-02890 The one-byte flag at offset 0 indicating
   ** the b-tree page type. */
   if( decodeFlags(pPage, data[0]) ){
-    return SQLITE_CORRUPT_PAGE(pPage);
+    rc = SQLITE_CORRUPT_PAGE(pPage);
   }
   assert( pBt->pageSize>=512 && pBt->pageSize<=65536 );
   pPage->maskPage = (u16)(pBt->pageSize - 1);
@@ -2170,7 +2171,7 @@ static int btreeInitPage(MemPage *pPage){
   pPage->nCell = get2byte(&data[3]);
   if( pPage->nCell>MX_CELL(pBt) ){
     /* To many cells for a single page.  The page must be corrupt */
-    return SQLITE_CORRUPT_PAGE(pPage);
+    rc = SQLITE_CORRUPT_PAGE(pPage);
   }
   testcase( pPage->nCell==MX_CELL(pBt) );
   /* EVIDENCE-OF: R-24089-57979 If a page contains no cells (which is only
@@ -2179,13 +2180,14 @@ static int btreeInitPage(MemPage *pPage){
   ** bytes of reserved space. */
   assert( pPage->nCell>0
        || get2byteNotZero(&data[5])==(int)pBt->usableSize
+       || rc==SQLITE_CORRUPT
        || CORRUPT_DB );
   pPage->nFree = -1;  /* Indicate that this value is yet uncomputed */
   pPage->isInit = 1;
   if( pBt->db->flags & SQLITE_CellSizeCk ){
-    return btreeCellSizeCheck(pPage);
+    rc = btreeCellSizeCheck(pPage);
   }
-  return SQLITE_OK;
+  return rc;
 }
 
 /*