#include <string.h>
#include <assert.h>
+#define DBDATA_PADDING_BYTES 100
+
typedef struct DbdataTable DbdataTable;
typedef struct DbdataCursor DbdataCursor;
int nCopy = sqlite3_column_bytes(pStmt, 0);
if( nCopy>0 ){
u8 *pPage;
- pPage = (u8*)sqlite3_malloc64(nCopy);
+ pPage = (u8*)sqlite3_malloc64(nCopy + DBDATA_PADDING_BYTES);
if( pPage==0 ){
rc = SQLITE_NOMEM;
}else{
const u8 *pCopy = sqlite3_column_blob(pStmt, 0);
memcpy(pPage, pCopy, nCopy);
+ memset(&pPage[nCopy], 0, DBDATA_PADDING_BYTES);
}
*ppPage = pPage;
*pnPage = nCopy;
/* Allocate space for payload. And a bit more to catch small buffer
** overruns caused by attempting to read a varint or similar from
** near the end of a corrupt record. */
- pCsr->pRec = (u8*)sqlite3_malloc64(nPayload+100);
+ pCsr->pRec = (u8*)sqlite3_malloc64(nPayload+DBDATA_PADDING_BYTES);
if( pCsr->pRec==0 ) return SQLITE_NOMEM;
- memset(pCsr->pRec, 0, nPayload+100);
+ memset(pCsr->pRec, 0, nPayload+DBDATA_PADDING_BYTES);
pCsr->nRec = nPayload;
/* Load the nLocal bytes of payload */
-C Fix\sa\sproblem\sin\sthe\s".recover"\scommand\sallowing\sa\scircular\sloop\sof\sb-tree\spages\sin\sa\sdatabase\sfile\sto\scause\san\sinfinite\sloop.
-D 2019-05-09T18:33:32.129
+C Fix\sanother\ssmall\sbuffer\soverread\sin\ssqlite_dbdata\striggered\sby\sa\scorrupt\sdatabase\spage.
+D 2019-05-09T18:37:37.967
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
F ext/misc/completion.c cec672d40604075bb341a7f11ac48393efdcd90a979269b8fe7977ea62d0547f
F ext/misc/compress.c dd4f8a6d0baccff3c694757db5b430f3bbd821d8686d1fc24df55cf9f035b189
F ext/misc/csv.c 7f047aeb68f5802e7ce6639292095d622a488bb43526ed04810e0649faa71ceb
-F ext/misc/dbdata.c f779a2e95ecc4fd05b97707bd972746bd851abfcd49316e92ff2da3a14aa690c
+F ext/misc/dbdata.c e316fba936571584e55abd5b974a32a191727a6b746053a0c9d439bd2cf93940
F ext/misc/dbdump.c baf6e37447c9d6968417b1cd34cbedb0b0ab3f91b5329501d8a8d5be3287c336
F ext/misc/eval.c 4b4757592d00fd32e44c7a067e6a0e4839c81a4d57abc4131ee7806d1be3104e
F ext/misc/explain.c d5c12962d79913ef774b297006872af1fccda388f61a11d37758f9179a09551f
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P f22c7e229ea4626c5268d61de3964521cf6a2735290cbd1518d68731ba6cca90
-R 70c45f240fec796aded79e59d457750f
+P 8d2a062eb8a3e6fdc6a61b571c8da0070382bf208c53e797151eac8679c975a1
+R 2de2a3768dbf383fc97e924a35530746
U dan
-Z 7501180db88c65f34b6ae32d14e8f948
+Z 9056fece1b5cad0dc370fe823762d792
projects / thirdparty / sqlite.git / commitdiff
