OLD | NEW |
| (Empty) |
1 # 2008 June 11 | |
2 # | |
3 # The author disclaims copyright to this source code. In place of | |
4 # a legal notice, here is a blessing: | |
5 # | |
6 # May you do good and not evil. | |
7 # May you find forgiveness for yourself and forgive others. | |
8 # May you share freely, never taking more than you give. | |
9 # | |
10 #*********************************************************************** | |
11 # This file implements regression tests for SQLite library. | |
12 # | |
13 # This file implements tests to make sure SQLite does not crash or | |
14 # segfault if it sees a corrupt database file. It specifically focuses | |
15 # on corrupt cell offsets in a btree page. | |
16 # | |
17 # $Id: corrupt7.test,v 1.8 2009/08/10 10:18:08 danielk1977 Exp $ | |
18 | |
19 set testdir [file dirname $argv0] | |
20 source $testdir/tester.tcl | |
21 | |
22 # Do not use a codec for tests in this file, as the database file is | |
23 # manipulated directly using tcl scripts (using the [hexio_write] command). | |
24 # | |
25 do_not_use_codec | |
26 | |
27 # These tests deal with corrupt database files | |
28 # | |
29 database_may_be_corrupt | |
30 | |
31 # We must have the page_size pragma for these tests to work. | |
32 # | |
33 ifcapable !pager_pragmas { | |
34 finish_test | |
35 return | |
36 } | |
37 | |
38 # Create a simple, small database. | |
39 # | |
40 do_test corrupt7-1.1 { | |
41 execsql { | |
42 PRAGMA auto_vacuum=OFF; | |
43 PRAGMA page_size=1024; | |
44 CREATE TABLE t1(x); | |
45 INSERT INTO t1(x) VALUES(1); | |
46 INSERT INTO t1(x) VALUES(2); | |
47 INSERT INTO t1(x) SELECT x+2 FROM t1; | |
48 INSERT INTO t1(x) SELECT x+4 FROM t1; | |
49 INSERT INTO t1(x) SELECT x+8 FROM t1; | |
50 } | |
51 file size test.db | |
52 } [expr {1024*2}] | |
53 | |
54 # Verify that the file format is as we expect. The page size | |
55 # should be 1024 bytes. | |
56 # | |
57 do_test corrupt7-1.2 { | |
58 hexio_get_int [hexio_read test.db 16 2] | |
59 } 1024 ;# The page size is 1024 | |
60 do_test corrupt7-1.3 { | |
61 hexio_get_int [hexio_read test.db 20 1] | |
62 } 0 ;# Unused bytes per page is 0 | |
63 | |
64 integrity_check corrupt7-1.4 | |
65 | |
66 # Deliberately corrupt some of the cell offsets in the btree page | |
67 # on page 2 of the database. | |
68 # | |
69 # The error message is different depending on whether or not the | |
70 # SQLITE_ENABLE_OVERSIZE_CELL_CHECK compile-time option is engaged. | |
71 # | |
72 ifcapable oversize_cell_check { | |
73 do_test corrupt7-2.1 { | |
74 db close | |
75 hexio_write test.db 1062 FF | |
76 sqlite3 db test.db | |
77 db eval {PRAGMA integrity_check(1)} | |
78 } {{*** in database main *** | |
79 Page 2: btreeInitPage() returns error code 11}} | |
80 do_test corrupt7-2.2 { | |
81 db close | |
82 hexio_write test.db 1062 04 | |
83 sqlite3 db test.db | |
84 db eval {PRAGMA integrity_check(1)} | |
85 } {{*** in database main *** | |
86 Page 2: btreeInitPage() returns error code 11}} | |
87 } else { | |
88 do_test corrupt7-2.1 { | |
89 db close | |
90 hexio_write test.db 1062 FF | |
91 sqlite3 db test.db | |
92 db eval {PRAGMA integrity_check(1)} | |
93 } {{*** in database main *** | |
94 Corruption detected in cell 15 on page 2}} | |
95 do_test corrupt7-2.2 { | |
96 db close | |
97 hexio_write test.db 1062 04 | |
98 sqlite3 db test.db | |
99 db eval {PRAGMA integrity_check(1)} | |
100 } {{*** in database main *** | |
101 On tree page 2 cell 15: Rowid 0 out of order (previous was 15)}} | |
102 } | |
103 | |
104 # The code path that was causing the buffer overrun that this test | |
105 # case was checking for was removed. | |
106 # | |
107 #do_test corrupt7-3.1 { | |
108 # execsql { | |
109 # DROP TABLE t1; | |
110 # CREATE TABLE t1(a, b); | |
111 # INSERT INTO t1 VALUES(1, 'one'); | |
112 # INSERT INTO t1 VALUES(100, 'one hundred'); | |
113 # INSERT INTO t1 VALUES(100000, 'one hundred thousand'); | |
114 # CREATE INDEX i1 ON t1(b); | |
115 # } | |
116 # db close | |
117 # | |
118 # # Locate the 3rd cell in the index. | |
119 # set cell_offset [hexio_get_int [hexio_read test.db [expr 1024*2 + 12] 2]] | |
120 # incr cell_offset [expr 1024*2] | |
121 # incr cell_offset 1 | |
122 # | |
123 # # This write corrupts the "header-size" field of the database record | |
124 # # stored in the index cell. At one point this was causing sqlite to | |
125 # # reference invalid memory. | |
126 # hexio_write test.db $cell_offset FFFF7F | |
127 # | |
128 # sqlite3 db test.db | |
129 # catchsql { | |
130 # SELECT b FROM t1 WHERE b > 'o' AND b < 'p'; | |
131 # } | |
132 #} {1 {database disk image is malformed}} | |
133 | |
134 finish_test | |
OLD | NEW |