From 877859f2d36990bc06b4a37b82c9739e916c10d5 Mon Sep 17 00:00:00 2001
From: dan <dan@noemail.net>
Date: Wed, 17 Jun 2020 20:29:56 +0000
Subject: [PATCH] Fix an assert() that could fail when operating on a database
with a corrupt schema.
FossilOrigin-Name: 4a340c9bc7d939efc947e3b17ca79314482f74368b15567dd089d40e4270890e
---
manifest | 13 +++----
manifest.uuid | 2 +-
src/btree.c | 4 ++-
test/corruptL.test | 84 ++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 95 insertions(+), 8 deletions(-)
diff --git a/manifest b/manifest
index c0d32fa03d..b8bd183351 100644
--- a/manifest
+++ b/manifest
@@ -1,6 +1,6 @@
B fd5abb1a7b5a55127d5c0d5ff448020d8bccab44e4f5afe1eb88fc19578af735
-C Fix\san\sassert()\sin\sfts3\sthat\scould\sfail\swhen\sprocessing\sa\scorrupt\srecord.
-D 2020-06-17T14:54:06.215
+C Fix\san\sassert()\sthat\scould\sfail\swhen\soperating\son\sa\sdatabase\swith\sa\scorrupt\sschema.
+D 2020-06-17T20:29:56.720
F configure f594931bd7b23dad12db96b81e1dba43b41b30a4560d6eb008014e3d9f1617e8 x
F configure.ac 13e4ecf89214c3aa0ba099a9e0178f13f03261ace627126737d8cee240ec5c1c
F doc/wal-lock.md 781726aaba20bafeceb7ba9f91d5c98c6731691b30c954e37cf0b49a053d461d
@@ -9,7 +9,7 @@ F ext/session/session_common.tcl f613174665456b2d916ae8df3e5735092a1c1712f36f468
F ext/session/sessioninvert.test 04075517a9497a80d39c495ba6b44f3982c7371129b89e2c52219819bc105a25
F ext/session/sqlite3session.c fc8c6c13dc0456943ff24abf574ced10418eec66a548c97d3eafbebe9fc5e908
F src/alter.c b8ffe4acd48b4fe793d01901f28fd4f3b037854a0e99f0c977738556c31b9d2b
-F src/btree.c f3a4479b0dba3a59a1d156d973be41fc1ccb3dbdb69151c4c62a791d86c9ffe2
+F src/btree.c e6db473ab10c52d1bc51dd8d21795dde07b7502426314b91d9d246a714e50416
F src/build.c 8245e69aa1a2f8b67e76203fdbaa9f88deccd89b5ed41f7097c202b920484fd0
F src/expr.c 36bb737d2ca78ee9bd4fde46cf1e51a37e7e1b263e55fccfaef32922a19e9524
F src/global.c 0409ae635839e0bef26a69b68be64126ab6cba62ac19bd7694f1652e591c4c17
@@ -22,6 +22,7 @@ F src/vacuum.c b196258ea36cfed5f455f18519345613bab04daf0e038a63ee715407c5a7ae9e
F src/vdbe.c 985f92b5131d62654c3c26062a2e55b1c8f71c2e10497e23021c6650d5c392b3
F src/vtab.c 33ecf1d8b0fd1508fe23be9da40e48909c86a13db2725e273177eb47db2fc265
F src/window.c 88a63e6948ea924b3cf9ad8aff5ea1fa53bebdb2f13340867205fda16ed0f19c
+F test/corruptL.test 16564fa7961fcce242945177c9bdaa5cb5dc85d6248612dbe4b927d059eb6014
F test/fts3corrupt2.test e318f0676e5e78d5a4b702637e2bb25265954c08a1b1e4aaf93c7880bb0c67d0
F test/fts3corrupt4.test 4664c72bb49400b6f3d86627760129ee7962e4834869909c55037ff21ccd36b8
F test/fuzzdata8.db e7a6a1444adb7bd10dec870234979ddd63173314c7345e3def2d892dcf99d48f
@@ -32,7 +33,7 @@ F test/where.test f5e62453537e5b335b69f3b09f8a02ce3328289fad5d866e25371284b837d7
F test/whereG.test 9363b2a97d914cb1b81aff5069ef0cf2a071a67e2b604eac6fe9c0114017d9aa
F test/window1.test 9d7f4990e5b36d95af93b189da4aa75216c6690ce95cced3c8b6d3234be51c2c
F test/without_rowid3.test 96426a6c9a2a5cf62bbe55ea1ad038eaaf4bf743f40a1ad517233b8e5a3d4339
-P d73e857b833dfc29400049ca7f01ca465f980466e3aa67214c3c5e5573181419
-R fad1962efa665077ebb220317fee79c1
+P 4adc0a1b0d84c2df6d6bf0d5d9d3fa9f7d048af8d232c4beb77518727890f212
+R d5c913bb4696618860d8e215a52de60c
U dan
-Z 22b7adc607746dfc70b52eaa1489f89e
+Z 29e5aef02689c7bbd9ca814e67e739ba
diff --git a/manifest.uuid b/manifest.uuid
index 1ddf30e06a..8e41a9dab6 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-4adc0a1b0d84c2df6d6bf0d5d9d3fa9f7d048af8d232c4beb77518727890f212
\ No newline at end of file
+4a340c9bc7d939efc947e3b17ca79314482f74368b15567dd089d40e4270890e
\ No newline at end of file
diff --git a/src/btree.c b/src/btree.c
index f9fb69f63b..0ed295e0aa 100644
--- a/src/btree.c
+++ b/src/btree.c
@@ -200,16 +200,18 @@ static int hasSharedCacheTableLock(
** table. */
if( isIndex ){
HashElem *p;
+ int bSeen = 0;
for(p=sqliteHashFirst(&pSchema->idxHash); p; p=sqliteHashNext(p)){
Index *pIdx = (Index *)sqliteHashData(p);
if( pIdx->tnum==(int)iRoot ){
- if( iTab ){
+ if( bSeen ){
/* Two or more indexes share the same root page. There must
** be imposter tables. So just return true. The assert is not
** useful in that case. */
return 1;
}
iTab = pIdx->pTable->tnum;
+ bSeen = 1;
}
}
}else{
diff --git a/test/corruptL.test b/test/corruptL.test
index 67d308abca..3c26f1d215 100644
--- a/test/corruptL.test
+++ b/test/corruptL.test
@@ -1182,5 +1182,89 @@ do_catchsql_test 14.2 {
ALTER TABLE t1 RENAME TO alkjalkjdfiiiwuer987lkjwer82mx97sf98788s9789s;
} {1 {database disk image is malformed}}
+#-------------------------------------------------------------------------
+reset_db
+do_test 15.0 {
+ sqlite3 db {}
+ db deserialize [decode_hexdb {
+| size 28672 pagesize 4096 filename crash-3afa1ca9e9c1bd.db
+| page 1 offset 0
+| 0: 53 51 4c 69 74 65 20 66 6f 72 6d 61 74 20 33 00 SQLite format 3.
+| 16: 10 00 01 01 00 40 20 20 00 00 00 00 00 00 00 07 .....@ ........
+| 32: 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 04 ................
+| 48: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 ................
+| 96: 00 00 00 00 0d 00 00 00 06 0e 88 00 0f b8 0f 6d ...............m
+| 112: 0f 3a 0f 0b 0e d5 0e 88 01 00 00 00 00 00 00 00 .:..............
+| 3712: 00 00 00 00 00 00 00 00 4b 06 06 17 25 25 01 5b ........K...%%.[
+| 3728: 74 61 62 6c 65 73 71 6c 69 74 65 5f 73 74 61 74 tablesqlite_stat
+| 3744: 31 73 71 6c 69 74 65 5f 73 74 61 74 31 07 43 52 1sqlite_stat1.CR
+| 3760: 45 41 54 45 20 54 41 42 4c 45 20 73 71 6c 69 74 EATE TABLE sqlit
+| 3776: 65 5f 73 74 61 74 31 28 74 62 6c 2c 69 64 78 2c e_stat1(tbl,idx,
+| 3792: 73 74 61 74 29 34 05 06 17 13 11 01 53 69 6e 64 stat)4......Sind
+| 3808: 65 78 63 31 63 63 31 06 43 52 45 41 54 45 20 55 exc1cc1.CREATE U
+| 3824: 4e 49 51 55 45 20 49 4e 44 45 58 20 63 31 63 20 NIQUE INDEX c1c
+| 3840: 4f 4e 20 63 31 28 63 2c 20 62 29 2d 04 06 17 13 ON c1(c, b)-....
+| 3856: 11 01 45 69 6e 64 65 78 63 31 64 63 31 05 43 52 ..Eindexc1dc1.CR
+| 3872: 45 41 54 45 20 49 4e 44 45 58 20 63 31 64 20 4f EATE INDEX c1d O
+| 3888: 4e 20 63 31 28 64 2c 20 62 29 31 03 06 17 13 11 N c1(d, b)1.....
+| 3904: 01 4d 69 6e 64 65 78 62 31 63 62 31 05 43 52 45 .Mindexb1cb1.CRE
+| 3920: 41 54 45 20 55 4e 49 51 55 45 20 49 4e 44 45 58 ATE UNIQUE INDEX
+| 3936: 20 62 31 63 20 4f 4e 20 62 31 28 63 29 49 02 06 b1c ON b1(c)I..
+| 3952: 17 11 11 0f 7f 74 61 62 6c 65 63 31 63 31 03 43 .....tablec1c1.C
+| 3968: 52 45 41 54 45 20 54 41 42 4c 45 20 63 31 28 61 REATE TABLE c1(a
+| 3984: 20 49 4e 54 20 50 52 49 4d 41 52 59 20 4b 45 59 INT PRIMARY KEY
+| 4000: 2c 20 62 2c 20 63 2c 20 64 29 20 57 49 54 48 4f , b, c, d) WITHO
+| 4016: 55 54 20 52 4f 57 49 44 46 01 06 17 11 11 01 79 UT ROWIDF......y
+| 4032: 74 61 62 6c 65 62 31 62 31 02 43 52 45 41 54 45 tableb1b1.CREATE
+| 4048: 20 54 41 42 4c 45 20 62 31 28 61 20 49 4e 54 20 TABLE b1(a INT
+| 4064: 50 52 49 4d 41 52 59 20 4b 45 59 2c 20 62 2c 20 PRIMARY KEY, b,
+| 4080: 63 29 20 57 49 54 48 4f 55 54 20 52 4f 57 49 44 c) WITHOUT ROWID
+| page 2 offset 4096
+| 0: 0a 00 00 00 07 0f ca 00 0f fa 0f f2 0f ea 0f e2 ................
+| 16: 0f da 00 00 00 01 00 00 00 00 00 00 00 00 00 00 ................
+| 4032: 00 00 00 00 00 00 00 00 00 00 07 04 01 0f 01 06 ................
+| 4048: 67 07 07 04 01 0f 01 06 66 06 07 04 01 0f 01 05 g.......f.......
+| 4064: 65 05 07 04 01 0f 01 04 64 04 07 04 01 0f 01 03 e.......d.......
+| 4080: 63 03 07 04 01 0f 01 02 62 0f 05 04 09 0f 09 61 c.......b......a
+| page 3 offset 8192
+| 0: 0a 00 00 00 07 0f bd 00 0f f9 0f ef 0f e5 0f db ................
+| 16: 0f d1 0f c7 0f bd 00 00 00 00 01 00 00 00 00 00 ................
+| 4016: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 05 01 ................
+| 4032: 0f 01 01 07 61 07 07 09 05 01 0f 01 01 06 61 06 ....a.........a.
+| 4048: 06 09 05 01 0f 01 01 05 61 05 05 09 05 01 0f 01 ........a.......
+| 4064: 01 04 61 04 04 09 05 01 0f 01 01 03 61 03 03 09 ..a.........a...
+| 4080: 05 01 0f 01 01 02 61 0f 02 06 05 09 0f 09 09 61 ......a........a
+| page 4 offset 12288
+| 0: 0a 00 00 00 07 0f d8 00 0f fc 0f f0 0f ea 0f e4 ................
+| 16: 0f de 0f d8 0f f6 00 00 00 00 00 00 00 00 00 00 ................
+| 4048: 00 00 00 00 00 00 00 00 05 03 01 01 07 07 05 03 ................
+| 4064: 01 01 06 06 05 03 01 01 05 05 05 03 01 01 04 04 ................
+| 4080: 05 03 01 01 03 03 05 03 01 01 0f 02 03 03 09 09 ................
+| page 5 offset 16384
+| 0: 0a 00 00 00 07 0f ca 00 0f fa 0f f2 0f ea 0f 00 ................
+| 4032: 00 00 00 00 00 00 00 00 00 00 07 04 01 0f 01 07 ................
+| 4048: 61 07 07 04 01 0f 01 06 61 06 07 04 01 0f 01 05 a.......a.......
+| 4064: 61 05 07 04 01 1f 01 04 61 04 07 04 01 0f 01 03 a.......a.......
+| 4080: 61 03 07 04 01 0f 01 02 61 02 05 04 09 0f 09 61 a.......a......a
+| page 6 offset 20480
+| 0: 0a 00 00 00 07 0f ca 00 0f fa 0f ea 0f e2 00 00 ................
+| 4032: 00 00 00 00 00 00 00 00 00 00 07 04 01 0f 01 07 ................
+| 4048: 61 07 07 04 01 0f 01 06 61 06 07 04 01 0f 01 05 a.......a.......
+| 4064: 61 05 07 04 01 0f 01 04 61 04 07 04 01 0f 01 03 a.......a.......
+| 4080: 61 03 07 04 01 0f 01 0f 61 02 05 04 09 0f 09 61 a.......a......a
+| page 7 offset 24576
+| 0: 0d 00 00 00 05 0f 1c 00 0f f0 0f e0 0f d3 0f c5 ................
+| 16: 0f b8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
+| 4016: 00 00 00 00 00 00 00 00 0b 05 04 11 11 13 62 31 ..............b1
+| 4032: 62 31 37 20 31 0c 04 04 11 13 13 62 31 62 31 63 b17 1......b1b1c
+| 4048: 37 20 31 0b 03 04 11 11 13 63 31 63 31 37 20 31 7 1......c1c17 1
+| 4064: 0e 02 04 11 13 07 63 31 63 31 64 37 20 31 20 31 ......c1c1d7 1 1
+| 4080: 0e 01 04 11 13 17 63 31 63 31 63 37 20 31 00 00 ......c1c1c7 1..
+| end crash-3afa1ca9e9c1bd.db
+}]} {}
+
+do_execsql_test 15.1 {
+ UPDATE c1 SET c= NOT EXISTS(SELECT 1 FROM c1 ORDER BY (SELECT 1 FROM c1 ORDER BY a)) +10 WHERE d BETWEEN 4 AND 7;
+} {}
finish_test