Use memmove() instead of memcpy() in a place where buffers might overlap

if the database file is badly corrupted, to prevent warnings from ASAN and valgrind. FossilOrigin-Name: 65ad6c55f1ba9bc2f75afffa3adaf19f145fad7ac9a00ccce6372e9a2cc4341b
2019-01-24 13:36:47 +00:00 · 2019-01-24 13:36:47 +00:00 · 55469bbafb
commit 55469bbafb
parent 6a02f237e3
4 changed files with 13 additions and 9 deletions
--- a/14
+++ b/14
@ -1,5 +1,5 @@
-C Remove\san\sunreachable\sbranch.
-D 2019-01-24T04:44:54.947
+C Use\smemmove()\sinstead\sof\smemcpy()\sin\sa\splace\swhere\sbuffers\smight\soverlap\nif\sthe\sdatabase\sfile\sis\sbadly\scorrupted,\sto\sprevent\swarnings\nfrom\sASAN\sand\svalgrind.
+D 2019-01-24T13:36:47.895
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F Makefile.in 0e7c107ebcaff26681bc5bcf017557db85aa828d6f7fd652d748b7a78072c298
@ -455,7 +455,7 @@ F src/auth.c 0fac71038875693a937e506bceb492c5f136dd7b1249fbd4ae70b4e8da14f9df
 F src/backup.c 78d3cecfbe28230a3a9a1793e2ead609f469be43e8f486ca996006be551857ab
 F src/bitvec.c 17ea48eff8ba979f1f5b04cc484c7bb2be632f33
 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6
-F src/btree.c 60fa67e135492b83c78517502cdd64dd1028da3fb5958cc130d94ba75f140b55
+F src/btree.c 58574154361f57da015436f53d9107dde74387b3b939c7a7ef6a7998b5dfb1af
 F src/btree.h febb2e817be499570b7a2e32a9bbb4b607a9234f6b84bb9ae84916d4806e96f2
 F src/btreeInt.h 620ab4c7235f43572cf3ac2ac8723cbdf68073be4d29da24897c7b77dda5fd96
 F src/build.c f07c0b154c23737d1699ee63bba31c8ca8b323e2446b957bc6bfec81a62295fc
@ -991,7 +991,7 @@ F test/fuzzdata3.db c6586d3e3cef0fbc18108f9bb649aa77bfc38aba
 F test/fuzzdata4.db b502c7d5498261715812dd8b3c2005bad08b3a26e6489414bd13926cd3e42ed2
 F test/fuzzdata5.db e35f64af17ec48926481cfaf3b3855e436bd40d1cfe2d59a9474cb4b748a52a5
 F test/fuzzdata6.db 92a80e4afc172c24f662a10a612d188fb272de4a9bd19e017927c95f737de6d7
-F test/fuzzdata7.db 8b478751a84cf559f6167eaee0210d5e9b93387c31437e71b46500d976c87e18
+F test/fuzzdata7.db 3fc78e65dfe0be9df9e262075d5a335f18f627da47dfc691d1a7b822f34d4b99
 F test/fuzzer1.test 3d4c4b7e547aba5e5511a2991e3e3d07166cfbb8
 F test/fuzzer2.test a85ef814ce071293bce1ad8dffa217cbbaad4c14
 F test/fuzzerfault.test 8792cd77fd5bce765b05d0c8e01b9edcf8af8536
@ -1802,7 +1802,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P a70958cd7d5cf750c293537856918e5789013b70f6a827f724d83559b38629c8
-R 325ad37749432671fa3f84ec38afb2d4
+P 4c976f171342ba2d39779279c28f3bc088572c440922e3e4421a3bf541263360
+R 000be4db53a8c0e7cae754221c18d732
 U drh
-Z ccb753204103f489ac3e8af31c380337
+Z 82bc0dd19e737236a8e3e2d652801672
--- a/manifest.uuid
+++ b/manifest.uuid
@ -1 +1 @@
-4c976f171342ba2d39779279c28f3bc088572c440922e3e4421a3bf541263360
+65ad6c55f1ba9bc2f75afffa3adaf19f145fad7ac9a00ccce6372e9a2cc4341b
--- a/src/btree.c
+++ b/src/btree.c
@ -8351,7 +8351,11 @@ static int btreeOverwriteContent(
    if( memcmp(pDest, ((u8*)pX->pData) + iOffset, iAmt)!=0 ){
      int rc = sqlite3PagerWrite(pPage->pDbPage);
      if( rc ) return rc;
-      memcpy(pDest, ((u8*)pX->pData) + iOffset, iAmt);
+      /* In a corrupt database, it is possible for the source and destination
+      ** buffers to overlap.  This is harmless since the database is already
+      ** corrupt but it does cause valgrind and ASAN warnings.  So use
+      ** memmove(). */
+      memmove(pDest, ((u8*)pX->pData) + iOffset, iAmt);
    }
  }
  return SQLITE_OK;
--- a/test/fuzzdata7.db
+++ b/test/fuzzdata7.db