diff options
Diffstat (limited to 'lang/sql/sqlite/test/corruptG.test')
| -rw-r--r-- | lang/sql/sqlite/test/corruptG.test | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/lang/sql/sqlite/test/corruptG.test b/lang/sql/sqlite/test/corruptG.test new file mode 100644 index 00000000..11253fd1 --- /dev/null +++ b/lang/sql/sqlite/test/corruptG.test @@ -0,0 +1,81 @@ +# 2013-08-01 +# +# The author disclaims copyright to this source code. In place of +# a legal notice, here is a blessing: +# +# May you do good and not evil. +# May you find forgiveness for yourself and forgive others. +# May you share freely, never taking more than you give. +# +#*********************************************************************** +# + +set testdir [file dirname $argv0] +source $testdir/tester.tcl +set testprefix corruptG + +# Do not use a codec for tests in this file, as the database file is +# manipulated directly using tcl scripts (using the [hexio_write] command). +# +do_not_use_codec + +# These tests deal with corrupt database files +# +database_may_be_corrupt + +# Create a simple database with a single entry. Then corrupt the +# header-size varint on the index payload so that it maps into a +# negative number. Try to use the database. +# + +do_execsql_test 1.1 { + PRAGMA page_size=512; + CREATE TABLE t1(a,b,c); + INSERT INTO t1(rowid,a,b,c) VALUES(52,'abc','xyz','123'); + CREATE INDEX t1abc ON t1(a,b,c); +} + +set idxroot [db one {SELECT rootpage FROM sqlite_master WHERE name = 't1abc'}] + +# Corrupt the file +db close +hexio_write test.db [expr {$idxroot*512 - 15}] 888080807f +sqlite3 db test.db + +# Try to use the file. +do_test 1.2 { + catchsql { + SELECT c FROM t1 WHERE a>'abc'; + } +} {0 {}} +do_test 1.3 { + catchsql { + PRAGMA integrity_check + } +} {0 ok} +do_test 1.4 { + catchsql { + SELECT c FROM t1 ORDER BY a; + } +} {1 {database disk image is malformed}} + +# Corrupt the same file in a slightly different way. Make the record header +# sane, but corrupt one of the serial_type value to indicate a huge payload +# such that the payload begins in allocated space but overflows the buffer. +# +db close +hexio_write test.db [expr {$idxroot*512-15}] 0513ff7f01 +sqlite3 db test.db + +do_test 2.1 { + catchsql { + SELECT rowid FROM t1 WHERE a='abc' and b='xyz123456789XYZ'; + } + # The following test result is brittle. The point above is to try to + # force a buffer overread by a corrupt database file. If we get an + # incorrect answer from a corrupt database file, that is OK. If the + # result below changes, that just means that "undefined behavior" has + # changed. +} {0 52} + +finish_test |