Improved detection and suppression of endless loops in clearDatabasePage().

FossilOrigin-Name: 30011ad2f55cfcacaf23a58ebcc17b17a7b9355e
2015-04-01 13:21:33 +00:00 · 2015-04-01 13:21:33 +00:00 · ccf46d0b90
commit ccf46d0b90
parent f9d02f3663
4 changed files with 17 additions and 15 deletions
--- a/15
+++ b/15
@ -1,5 +1,5 @@
-C On\swindows,\sflush\sthe\smapping\sview\swhen\ssyncing\scontent\sto\sdisk.
-D 2015-03-31T19:40:05.313
+C Improved\sdetection\sand\ssuppression\sof\sendless\sloops\sin\sclearDatabasePage().
+D 2015-04-01T13:21:33.901
 F Makefile.arm-wince-mingw32ce-gcc d6df77f1f48d690bd73162294bbba7f59507c72f
 F Makefile.in 00d12636df7a5b08af09116bcd6c7bfd49b8b3b4
 F Makefile.linux-gcc 91d710bdc4998cb015f39edf3cb314ec4f4d7e23
@ -173,9 +173,9 @@ F src/auth.c b56c78ebe40a2110fd361379f7e8162d23f92240
 F src/backup.c ff743689c4d6c5cb55ad42ed9d174b2b3e71f1e3
 F src/bitvec.c 19a4ba637bd85f8f63fc8c9bae5ade9fb05ec1cb
 F src/btmutex.c 45a968cc85afed9b5e6cf55bf1f42f8d18107f79
-F src/btree.c 525f19f01d5976dbc12e83e7339e41488de79183
+F src/btree.c 2caf598165f3608fde8abac2b243826616ce54b7
 F src/btree.h 969adc948e89e449220ff0ff724c94bb2a52e9f1
-F src/btreeInt.h 2bfefc01875d8da066504c233ec259fcb3b2ef72
+F src/btreeInt.h 973a22a6fd61350b454ad614832b1f0a5e25a1e4
 F src/build.c 0419bba592c22f6d00e6d57a2ca7136720d02c1a
 F src/callback.c 7b44ce59674338ad48b0e84e7b72f935ea4f68b0
 F src/complete.c 198a0066ba60ab06fc00fba1998d870a4d575463
@ -1248,8 +1248,7 @@ F tool/vdbe_profile.tcl 67746953071a9f8f2f668b73fe899074e2c6d8c1
 F tool/warnings-clang.sh f6aa929dc20ef1f856af04a730772f59283631d4
 F tool/warnings.sh 0abfd78ceb09b7f7c27c688c8e3fe93268a13b32
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P ea697e6d9ff1f4d77774589a02ba4a18feafbf03 45acf6a85150839d591316418dad59ae20ce3aa4
-R 00dcdcdf447a25afe74cb2a2ac195e0b
-T +closed 45acf6a85150839d591316418dad59ae20ce3aa4
+P a828e73dc1ae50189bdf73f60caeb7308738ad7a
+R 9ae26e7b05df4833a239ec9186729882
 U drh
-Z e131d4f6392434ebe038899ef79bd289
+Z b113a7338e765a6278a4e0ffd57f1cf8
--- a/manifest.uuid
+++ b/manifest.uuid
@ -1 +1 @@
-a828e73dc1ae50189bdf73f60caeb7308738ad7a
+30011ad2f55cfcacaf23a58ebcc17b17a7b9355e
--- a/src/btree.c
+++ b/src/btree.c
@ -7980,28 +7980,29 @@ static int clearDatabasePage(
  int i;
  int hdr;
  u16 szCell;
-  u8 hasChildren;

  assert( sqlite3_mutex_held(pBt->mutex) );
  if( pgno>btreePagecount(pBt) ){
    return SQLITE_CORRUPT_BKPT;
  }
-
  rc = getAndInitPage(pBt, pgno, &pPage, 0);
  if( rc ) return rc;
-  hasChildren = !pPage->leaf;
-  pPage->leaf = 1;  /* Block looping if the database is corrupt */
+  if( pPage->bBusy ){
+    rc = SQLITE_CORRUPT_BKPT;
+    goto cleardatabasepage_out;
+  }
+  pPage->bBusy = 1;
  hdr = pPage->hdrOffset;
  for(i=0; i<pPage->nCell; i++){
    pCell = findCell(pPage, i);
-    if( hasChildren ){
+    if( !pPage->leaf ){
      rc = clearDatabasePage(pBt, get4byte(pCell), 1, pnChange);
      if( rc ) goto cleardatabasepage_out;
    }
    rc = clearCell(pPage, pCell, &szCell);
    if( rc ) goto cleardatabasepage_out;
  }
-  if( hasChildren ){
+  if( !pPage->leaf ){
    rc = clearDatabasePage(pBt, get4byte(&pPage->aData[hdr+8]), 1, pnChange);
    if( rc ) goto cleardatabasepage_out;
  }else if( pnChange ){
@ -8015,6 +8016,7 @@ static int clearDatabasePage(
  }

 cleardatabasepage_out:
+  pPage->bBusy = 0;
  releasePage(pPage);
  return rc;
 }
--- a/src/btreeInt.h
+++ b/src/btreeInt.h
@ -280,6 +280,7 @@ struct MemPage {
  u8 hdrOffset;        /* 100 for page 1.  0 otherwise */
  u8 childPtrSize;     /* 0 if leaf==1.  4 if leaf==0 */
  u8 max1bytePayload;  /* min(maxLocal,127) */
+  u8 bBusy;            /* Prevent endless loops on corrupt database files */
  u16 maxLocal;        /* Copy of BtShared.maxLocal or BtShared.maxLeaf */
  u16 minLocal;        /* Copy of BtShared.minLocal or BtShared.minLeaf */
  u16 cellOffset;      /* Index in aData of first cell pointer */