From 06895c18a8afdfd7b46c09bb5623f1d68e82a955 Mon Sep 17 00:00:00 2001
From: Dan Kennedy <danielk1977@gmail.com>
Date: Wed, 30 Jan 2019 12:15:27 +0000
Subject: [PATCH 0868/1009] Fix another buffer overread in fts5 that may occur
 when accessing a corrupt database.

https://github.com/mackyle/sqlite/commit/06895c18a8afdfd7b46c09bb5623f1d68e82a955

---
 ext/fts5/fts5_index.c           |   3 +-
 1 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/ext/fts5/fts5_index.c b/ext/fts5/fts5_index.c
index e1bb8d4..32732b9 100644
--- a/ext/fts5/fts5_index.c
+++ b/ext/fts5/fts5_index.c
@@ -3104,7 +3104,8 @@ static void fts5SegiterPoslist(
   Fts5Colset *pColset,
   Fts5Buffer *pBuf
 ){
-  if( 0==fts5BufferGrow(&p->rc, pBuf, pSeg->nPos) ){
+  if( 0==fts5BufferGrow(&p->rc, pBuf, pSeg->nPos+FTS5_DATA_ZERO_PADDING) ){
+    memset(&pBuf->p[pBuf->n+pSeg->nPos], 0, FTS5_DATA_ZERO_PADDING);
     if( pColset==0 ){
       fts5ChunkIterate(p, pSeg, (void*)pBuf, fts5PoslistCallback);
     }else{
-- 
1.8.3.1