diff options
| author | shane <shane@noemail.net> | 2008-05-07 18:59:28 +0000 |
|---|---|---|
| committer | shane <shane@noemail.net> | 2008-05-07 18:59:28 +0000 |
| commit | 2ca8bc08dd5f18bdfc209a131370675f7e2893e2 (patch) | |
| tree | 62e1b489c2e1ee254c674af04cb38b6933752951 /src | |
| parent | ea142bb6e670e6738fc999df32191c3551306871 (diff) | |
| download | sqlite-2ca8bc08dd5f18bdfc209a131370675f7e2893e2.tar.gz sqlite-2ca8bc08dd5f18bdfc209a131370675f7e2893e2.zip | |
Added test cases for corrupt SerialTypeLen header values, and additional check to improve detection of corrupt values. (CVS 5101)
FossilOrigin-Name: 530c6360610f737e85608b23ede2646d69d1bc9a
Diffstat (limited to 'src')
| -rw-r--r-- | src/vdbe.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/vdbe.c b/src/vdbe.c index 35527f65d..a7587610b 100644 --- a/src/vdbe.c +++ b/src/vdbe.c @@ -43,7 +43,7 @@ ** in this file for details. If in doubt, do not deviate from existing ** commenting and indentation practices when changing or adding code. ** -** $Id: vdbe.c,v 1.737 2008/04/29 00:15:21 drh Exp $ +** $Id: vdbe.c,v 1.738 2008/05/07 18:59:29 shane Exp $ */ #include "sqliteInt.h" #include <ctype.h> @@ -2047,9 +2047,11 @@ case OP_Column: { /* If we have read more header data than was contained in the header, ** or if the end of the last field appears to be past the end of the - ** record, then we must be dealing with a corrupt database. + ** record, or if the end of the last field appears to be before the end + ** of the record (when all fields present), then we must be dealing + ** with a corrupt database. */ - if( zIdx>zEndHdr || offset>payloadSize ){ + if( zIdx>zEndHdr || offset>payloadSize || (zIdx==zEndHdr && offset!=payloadSize) ){ rc = SQLITE_CORRUPT_BKPT; goto op_column_out; } |