Have the dbstat module arrange things internally so that there are 256 addressable bytes following each page buffer. This way, small buffer overreads caused by corrupt database pages do not lead to undefined behaviour.

FossilOrigin-Name: c4c705abc60624bf9ba4c1c05286b902b965f7ba9fd776c4ef8bc1fb78a4ccde
This commit is contained in:
dan 2021-09-29 19:15:25 +00:00
parent ab632bc97e
commit d091245d31
3 changed files with 19 additions and 9 deletions

View File

@ -1,5 +1,5 @@
C Fix\sanother\sproblem\swith\sALTER\sTABLE\sand\svector\sUPDATE\sstatements\swithin\striggers.
D 2021-09-29T18:33:26.405
C Have\sthe\sdbstat\smodule\sarrange\sthings\sinternally\sso\sthat\sthere\sare\s256\saddressable\sbytes\sfollowing\seach\spage\sbuffer.\sThis\sway,\ssmall\sbuffer\soverreads\scaused\sby\scorrupt\sdatabase\spages\sdo\snot\slead\sto\sundefined\sbehaviour.
D 2021-09-29T19:15:25.012
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@ -499,7 +499,7 @@ F src/complete.c a3634ab1e687055cd002e11b8f43eb75c17da23e
F src/ctime.c 8159d5f706551861c18ec6c8f6bdf105e15ea00367f05d9ab65d31a1077facc1
F src/date.c e0632f335952b32401482d099321bbf12716b29d6e72836b53ae49683ebae4bf
F src/dbpage.c 8a01e865bf8bc6d7b1844b4314443a6436c07c3efe1d488ed89e81719047833a
F src/dbstat.c bea044cfe99eab6c527837e196a5335c128989bdb354cf1b4973b85ea561d66b
F src/dbstat.c 861e08690fcb0f2ee1165eff0060ea8d4f3e2ea10f80dab7d32ad70443a6ff2d
F src/delete.c 3ce6af6b64c8b476de51ccc32da0cb3142d42e65754e1d8118addf65b8bcba15
F src/expr.c 82797e5d82422d34ede9a95ba459f40c317b2daadb21109a21abfd42f84e3ed8
F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007
@ -1928,7 +1928,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
P 54604869861cc5866d5de87785599ca56f75067f8cb7fe22e32912b3a037e37b
R c102c10e7d90535120f47ae5b9d857b8
P a0df216f7c3f8963efba0b1ffee65d6a63309d846ffdcf2d2932cb4f1d4967b7
R 7f80422897fa74c39c1c69f1ebb4bc77
U dan
Z 5f5b68ce84257c8f070b0080ca6a87b5
Z 911e4aa022339aecd631fddd7d57b6e4

View File

@ -1 +1 @@
a0df216f7c3f8963efba0b1ffee65d6a63309d846ffdcf2d2932cb4f1d4967b7
c4c705abc60624bf9ba4c1c05286b902b965f7ba9fd776c4ef8bc1fb78a4ccde

View File

@ -25,6 +25,15 @@
#if (defined(SQLITE_ENABLE_DBSTAT_VTAB) || defined(SQLITE_TEST)) \
&& !defined(SQLITE_OMIT_VIRTUALTABLE)
/*
** The pager and btree modules arrange objects in memory so that there are
** always approximately 200 bytes of addressable memory following each page
** buffer. This way small buffer overreads caused by corrupt database pages
** do not cause undefined behaviour. This module pads each page buffer
** by the following number of bytes for the same purpose.
*/
#define DBSTAT_PAGE_PADDING_BYTES 256
/*
** Page paths:
**
@ -459,7 +468,7 @@ static int statDecodePage(Btree *pBt, StatPage *p){
if( nPayload>(u32)nLocal ){
int j;
int nOvfl = ((nPayload - nLocal) + nUsable-4 - 1) / (nUsable - 4);
if( iOff+nLocal>nUsable || nPayload>0x7fffffff ){
if( iOff+nLocal+4>nUsable || nPayload>0x7fffffff ){
goto statPageIsCorrupt;
}
pCell->nLastOvfl = (nPayload-nLocal) - (nOvfl-1) * (nUsable-4);
@ -533,10 +542,11 @@ static int statGetPage(
int rc;
if( pPg->aPg==0 ){
pPg->aPg = (u8*)sqlite3_malloc(pgsz);
pPg->aPg = (u8*)sqlite3_malloc(pgsz + DBSTAT_PAGE_PADDING_BYTES);
if( pPg->aPg==0 ){
return SQLITE_NOMEM_BKPT;
}
memset(&pPg->aPg[pgsz], 0, DBSTAT_PAGE_PADDING_BYTES);
}
rc = sqlite3PagerGet(sqlite3BtreePager(pBt), iPg, &pDbPage, 0);