From 90294961da64434c4fbb495567b39bf560b9531b Mon Sep 17 00:00:00 2001
From: dan <dan@noemail.net>
Date: Fri, 11 Jan 2019 21:34:25 +0000
Subject: [PATCH] Fix a segfault in fts3 prompted by a corrupted database.

FossilOrigin-Name: 2d7b1d1d41ff69d5465fcb861420816ecb066c25a9015eefdab5fae15a2e1c9f
---
 ext/fts3/fts3.c        |  2 +-
 manifest               | 14 +++++++-------
 manifest.uuid          |  2 +-
 test/fts3corrupt4.test | 16 ++++++++++++++++
 4 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/ext/fts3/fts3.c b/ext/fts3/fts3.c
index e168fae151..5266749fcc 100644
--- a/ext/fts3/fts3.c
+++ b/ext/fts3/fts3.c
@@ -2899,7 +2899,7 @@ static int fts3SegReaderCursor(
 
       /* If zTerm is not NULL, and this segment is not stored entirely on its
       ** root node, the range of leaves scanned can be reduced. Do this. */
-      if( iStartBlock && zTerm ){
+      if( iStartBlock && zTerm && zRoot ){
         sqlite3_int64 *pi = (isPrefix ? &iLeavesEndBlock : 0);
         rc = fts3SelectLeaf(p, zTerm, nTerm, zRoot, nRoot, &iStartBlock, pi);
         if( rc!=SQLITE_OK ) goto finished;
diff --git a/manifest b/manifest
index 7a6f0192ae..470d02d5d0 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\sanother\sproblem\swith\scorrupt\sdatabases\sin\sfts5.
-D 2019-01-11T19:27:55.738
+C Fix\sa\ssegfault\sin\sfts3\sprompted\sby\sa\scorrupted\sdatabase.
+D 2019-01-11T21:34:25.388
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F Makefile.in 45a3fef4d325ac0220c2172aeec4e4321da351f073f3b8e8ddea655f49ef6f2b
@@ -80,7 +80,7 @@ F ext/fts3/README.content fdc666a70d5257a64fee209f97cf89e0e6e32b51
 F ext/fts3/README.syntax a19711dc5458c20734b8e485e75fb1981ec2427a
 F ext/fts3/README.tokenizers e0a8b81383ea60d0334d274fadf305ea14a8c314
 F ext/fts3/README.txt 8c18f41574404623b76917b9da66fcb0ab38328d
-F ext/fts3/fts3.c 4636bd255f1eb1f462f79d77da685e879161bb18605181342dc8675cc69f217c
+F ext/fts3/fts3.c 6b5029db69b237410d9075501c6b78af4207ae5ae3fb7e00a1196748a09fc365
 F ext/fts3/fts3.h 3a10a0af180d502cecc50df77b1b22df142817fe
 F ext/fts3/fts3Int.h 3378157f383540857a466420b8279626204434c3eb0dc948ad9bcd3991fc41f5
 F ext/fts3/fts3_aux.c 32e3ecada9014ff577022f9b44c9c5654d59405b39dc57ba8977298157e8c89b
@@ -915,7 +915,7 @@ F test/fts3conf.test c84bbaec81281c1788aa545ac6e78a6bd6cde2bdbbce2da261690e3659f
 F test/fts3corrupt.test 46b9ddda7f6588fd5a5b1f4bb4fc0618dc45010e7dddb8a3a188baf3197177ae
 F test/fts3corrupt2.test bf55c3fa0b0dc8ea1c0fe5543623bd27714585da6a129038fd6999fe3b0d25f3
 F test/fts3corrupt3.test 0d5b69a0998b4adf868cc301fc78f3d0707745f1d984ce044c205cdb764b491f
-F test/fts3corrupt4.test 8771f5bad51bf1deb3f8b9564e3ff1e162ca126bcaf7104a81e04fbd15b96f7d
+F test/fts3corrupt4.test 74be7ccb774acaa8c9439d61fcc52293165b58f685a3da46ca0b47daf056bbc0
 F test/fts3cov.test cb932743da52a1c79a1ab8983e26c8121cf02263d6ff16e1f642e6f9b8348338
 F test/fts3d.test 2bd8c97bcb9975f2334147173b4872505b6a41359a4f9068960a36afe07a679f
 F test/fts3defer.test f4c20e4c7153d20a98ee49ee5f3faef624fefc9a067f8d8d629db380c4d9f1de
@@ -1798,7 +1798,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 556dd8922f65af93084ee725c638b8dc696b611dd508c212a3b507d6ca474031
-R 7473af17dc4555dbf9176ad099ed4c71
+P 9bf811ea89a133d481a86407683a7518e909eccb7aa3aa02f7932bdb33387572
+R 7de3d4e810f34d86eb896dd11b818c69
 U dan
-Z 448e7c1f18a3679588f0fd2c3c306d12
+Z ccc0acffc69d2f9d8637b69b833e79a2
diff --git a/manifest.uuid b/manifest.uuid
index cec3d0a902..e371e765ed 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-9bf811ea89a133d481a86407683a7518e909eccb7aa3aa02f7932bdb33387572
\ No newline at end of file
+2d7b1d1d41ff69d5465fcb861420816ecb066c25a9015eefdab5fae15a2e1c9f
\ No newline at end of file
diff --git a/test/fts3corrupt4.test b/test/fts3corrupt4.test
index 3ff2bed99d..46e9311703 100644
--- a/test/fts3corrupt4.test
+++ b/test/fts3corrupt4.test
@@ -249,4 +249,20 @@ do_catchsql_test 5.1 {
   SELECT * FROM t1 WHERE t1 MATCH 'abandon';
 } {1 {malformed database schema (sqlite_autoindey_t1_segdir_1) - orphan index}}
 
+
+#-------------------------------------------------------------------------
+reset_db
+do_execsql_test 6.0 {
+  CREATE VIRTUAL TABLE Table0 USING fts3();
+  INSERT INTO Table0_segdir VALUES(1,NULL,1,NULL,NULL,NULL);
+}
+
+do_catchsql_test 6.1 {
+  SELECT * FROM Table0 WHERE Table0 MATCH 'a';
+} {0 {}}
+
+do_catchsql_test 6.2 {
+  INSERT INTO Table0(Table0) VALUES('optimize');
+} {0 {}}
+
 finish_test