35 lines
1.1 KiB
Diff
35 lines
1.1 KiB
Diff
From 16f6aeb0a017f8406ca9de7224f8c8fe6d5ee30e Mon Sep 17 00:00:00 2001
|
|
From: Dan Kennedy <danielk1977@gmail.com>
|
|
Date: Thu, 27 Dec 2018 20:12:02 +0000
|
|
Subject: [PATCH 0684/1009] Fix another problem with corrupt database handling
|
|
in fts5.
|
|
|
|
https://github.com/mackyle/sqlite/commit/16f6aeb0a017f8406ca9de7224f8c8fe6d5ee30e
|
|
|
|
---
|
|
ext/fts5/fts5_index.c | 3 +-
|
|
1 files changed, 2 insertions(+), 1 deletions(-)
|
|
|
|
diff --git a/ext/fts5/fts5_index.c b/ext/fts5/fts5_index.c
|
|
index acf2db2..c5fe01b 100644
|
|
--- a/ext/fts5/fts5_index.c
|
|
+++ b/ext/fts5/fts5_index.c
|
|
@@ -1649,12 +1649,13 @@ static void fts5SegIterLoadTerm(Fts5Index *p, Fts5SegIter *pIter, int nKeep){
|
|
int nNew; /* Bytes of new data */
|
|
|
|
iOff += fts5GetVarint32(&a[iOff], nNew);
|
|
- if( iOff+nNew>pIter->pLeaf->nn ){
|
|
+ if( iOff+nNew>pIter->pLeaf->nn || nKeep>pIter->term.n ){
|
|
p->rc = FTS5_CORRUPT;
|
|
return;
|
|
}
|
|
pIter->term.n = nKeep;
|
|
fts5BufferAppendBlob(&p->rc, &pIter->term, nNew, &a[iOff]);
|
|
+ assert( pIter->term.n<=pIter->term.nSpace );
|
|
iOff += nNew;
|
|
pIter->iTermLeafOffset = iOff;
|
|
pIter->iTermLeafPgno = pIter->iLeafPgno;
|
|
--
|
|
1.8.3.1
|
|
|