mirror of
				https://github.com/glebarez/go-sqlite.git
				synced 2025-10-26 09:10:31 +08:00 
			
		
		
		
	
		
			
				
	
	
		
			350 lines
		
	
	
		
			10 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			350 lines
		
	
	
		
			10 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| # 2004 August 30 {}
 | |
| #
 | |
| # The author disclaims copyright to this source code.  In place of
 | |
| # a legal notice, here is a blessing:
 | |
| #
 | |
| #    May you do good and not evil.
 | |
| #    May you find forgiveness for yourself and forgive others.
 | |
| #    May you share freely, never taking more than you give.
 | |
| #
 | |
| #***********************************************************************
 | |
| # This file implements regression tests for SQLite library.
 | |
| #
 | |
| # This file implements tests to make sure SQLite does not crash or
 | |
| # segfault if it sees a corrupt database file.
 | |
| #
 | |
| # $Id: corrupt.test,v 1.12 2009/07/13 09:41:45 danielk1977 Exp $
 | |
| 
 | |
| catch {forcedelete test.db test.db-journal test.bu}
 | |
| 
 | |
| set testdir [file dirname $argv0]
 | |
| source $testdir/tester.tcl
 | |
| 
 | |
| # Do not use a codec for tests in this file, as the database file is
 | |
| # manipulated directly using tcl scripts (using the [hexio_write] command).
 | |
| #
 | |
| do_not_use_codec
 | |
| 
 | |
| # These tests deal with corrupt database files
 | |
| #
 | |
| database_may_be_corrupt
 | |
| 
 | |
| # Construct a large database for testing.
 | |
| #
 | |
| do_test corrupt-1.1 {
 | |
|   execsql {
 | |
|     BEGIN;
 | |
|     CREATE TABLE t1(x);
 | |
|     INSERT INTO t1 VALUES(randstr(100,100));
 | |
|     INSERT INTO t1 VALUES(randstr(90,90));
 | |
|     INSERT INTO t1 VALUES(randstr(80,80));
 | |
|     INSERT INTO t1 SELECT x || randstr(5,5) FROM t1;
 | |
|     INSERT INTO t1 SELECT x || randstr(6,6) FROM t1;
 | |
|     INSERT INTO t1 SELECT x || randstr(7,7) FROM t1;
 | |
|     INSERT INTO t1 SELECT x || randstr(8,8) FROM t1;
 | |
|     INSERT INTO t1 VALUES(randstr(3000,3000));
 | |
|     INSERT INTO t1 SELECT x || randstr(9,9) FROM t1;
 | |
|     INSERT INTO t1 SELECT x || randstr(10,10) FROM t1;
 | |
|     INSERT INTO t1 SELECT x || randstr(11,11) FROM t1;
 | |
|     INSERT INTO t1 SELECT x || randstr(12,12) FROM t1;
 | |
|     CREATE INDEX t1i1 ON t1(x);
 | |
|     CREATE TABLE t2 AS SELECT * FROM t1;
 | |
|     DELETE FROM t2 WHERE rowid%5!=0;
 | |
|     COMMIT;
 | |
|   }
 | |
| } {}
 | |
| integrity_check corrupt-1.2
 | |
| 
 | |
| # Setup for the tests.  Make a backup copy of the good database in test.bu.
 | |
| # Create a string of garbage data that is 256 bytes long.
 | |
| #
 | |
| forcecopy test.db test.bu
 | |
| set fsize [file size test.db]
 | |
| set junk "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
 | |
| while {[string length $junk]<256} {append junk $junk}
 | |
| set junk [string range $junk 0 255]
 | |
| 
 | |
| # Go through the database and write garbage data into each 256 segment
 | |
| # of the file.  Then do various operations on the file to make sure that
 | |
| # the database engine can recover gracefully from the corruption.
 | |
| #
 | |
| for {set i [expr {1*256}]} {$i<$fsize-256} {incr i 256} {
 | |
|   set tn [expr {$i/256}]
 | |
|   db close
 | |
|   forcecopy test.bu test.db
 | |
|   set fd [open test.db r+]
 | |
|   fconfigure $fd -translation binary
 | |
|   seek $fd $i
 | |
|   puts -nonewline $fd $junk
 | |
|   close $fd
 | |
|   do_test corrupt-2.$tn.1 {
 | |
|     sqlite3 db test.db
 | |
|     catchsql {SELECT count(*) FROM sqlite_master}
 | |
|     set x {}
 | |
|   } {}
 | |
|   do_test corrupt-2.$tn.2 {
 | |
|     catchsql {SELECT count(*) FROM t1}
 | |
|     set x {}
 | |
|   } {}
 | |
|   do_test corrupt-2.$tn.3 {
 | |
|     catchsql {SELECT count(*) FROM t1 WHERE x>'abcdef'}
 | |
|     set x {}
 | |
|   } {}
 | |
|   do_test corrupt-2.$tn.4 {
 | |
|     catchsql {SELECT count(*) FROM t2}
 | |
|     set x {}
 | |
|   } {}
 | |
|   do_test corrupt-2.$tn.5 {
 | |
|     catchsql {CREATE TABLE t3 AS SELECT * FROM t1}
 | |
|     set x {}
 | |
|   } {}
 | |
|   do_test corrupt-2.$tn.6 {
 | |
|     catchsql {DROP TABLE t1}
 | |
|     set x {}
 | |
|   } {}
 | |
|   do_test corrupt-2.$tn.7 {
 | |
|     catchsql {PRAGMA integrity_check}
 | |
|     set x {}
 | |
|   } {}
 | |
| 
 | |
|   # Check that no page references were leaked.
 | |
|   do_test corrupt-2.$tn.8 {
 | |
|     set bt [btree_from_db db]
 | |
|     db_enter db
 | |
|     array set stats [btree_pager_stats $bt]
 | |
|     db_leave db
 | |
|     set stats(ref)
 | |
|   } {0}
 | |
| }  
 | |
| 
 | |
| #------------------------------------------------------------------------
 | |
| # For these tests, swap the rootpage entries of t1 (a table) and t1i1 (an
 | |
| # index on t1) in sqlite_master. Then perform a few different queries
 | |
| # and make sure this is detected as corruption.
 | |
| #
 | |
| do_test corrupt-3.1 {
 | |
|   db close
 | |
|   forcecopy test.bu test.db
 | |
|   sqlite3 db test.db
 | |
|   list
 | |
| } {}
 | |
| do_test corrupt-3.2 {
 | |
|   set t1_r [execsql {SELECT rootpage FROM sqlite_master WHERE name = 't1i1'}]
 | |
|   set t1i1_r [execsql {SELECT rootpage FROM sqlite_master WHERE name = 't1'}]
 | |
|   set cookie [expr [execsql {PRAGMA schema_version}] + 1]
 | |
|   sqlite3_db_config db DEFENSIVE 0
 | |
|   execsql "
 | |
|     PRAGMA writable_schema = 1;
 | |
|     UPDATE sqlite_master SET rootpage = $t1_r WHERE name = 't1';
 | |
|     UPDATE sqlite_master SET rootpage = $t1i1_r WHERE name = 't1i1';
 | |
|     PRAGMA writable_schema = 0;
 | |
|     PRAGMA schema_version = $cookie;
 | |
|   "
 | |
| } {}
 | |
| 
 | |
| # This one tests the case caught by code in checkin [2313].
 | |
| do_test corrupt-3.3 {
 | |
|   db close
 | |
|   sqlite3 db test.db
 | |
|   catchsql {
 | |
|     INSERT INTO t1 VALUES('abc');
 | |
|   }
 | |
| } {1 {database disk image is malformed}}
 | |
| do_test corrupt-3.4 {
 | |
|   db close
 | |
|   sqlite3 db test.db
 | |
|   catchsql {
 | |
|     SELECT * FROM t1;
 | |
|   }
 | |
| } {1 {database disk image is malformed}}
 | |
| do_test corrupt-3.5 {
 | |
|   db close
 | |
|   sqlite3 db test.db
 | |
|   catchsql {
 | |
|     SELECT * FROM t1 WHERE oid = 10;
 | |
|   }
 | |
| } {1 {database disk image is malformed}}
 | |
| do_test corrupt-3.6 {
 | |
|   db close
 | |
|   sqlite3 db test.db
 | |
|   catchsql {
 | |
|     SELECT * FROM t1 WHERE x = 'abcde';
 | |
|   }
 | |
| } {1 {database disk image is malformed}}
 | |
| 
 | |
| do_test corrupt-4.1 {
 | |
|   db close
 | |
|   forcedelete test.db test.db-journal
 | |
|   sqlite3 db test.db
 | |
|   execsql {
 | |
|     PRAGMA page_size = 1024;
 | |
|     CREATE TABLE t1(a INTEGER PRIMARY KEY, b TEXT);
 | |
|   }
 | |
|   for {set i 0} {$i < 10} {incr i} {
 | |
|     set text [string repeat $i 220]
 | |
|     execsql { INSERT INTO t1 VALUES($i, $text) }
 | |
|   }
 | |
|   execsql { CREATE INDEX i1 ON t1(b) }
 | |
| } {}
 | |
| do_test corrupt-4.2 {
 | |
|   set iRoot [db one {SELECT rootpage FROM sqlite_master WHERE name = 'i1'}]
 | |
|   set iOffset [hexio_get_int [hexio_read test.db [expr 12+($iRoot-1)*1024] 2]]
 | |
|   set data [hexio_render_int32 [expr $iRoot - 1]]
 | |
|   hexio_write test.db [expr ($iRoot-1)*1024 + $iOffset] $data
 | |
|   db close
 | |
|   sqlite3 db test.db
 | |
| 
 | |
|   # The following DELETE statement attempts to delete a cell stored on the
 | |
|   # root page of index i1. After this cell is deleted it must be replaced
 | |
|   # by a cell retrieved from the child page (a leaf) of the deleted cell.
 | |
|   # This will fail, as the block modified the database image so that the
 | |
|   # child page of the deleted cell is from a table (intkey) b-tree, not an
 | |
|   # index b-tree as expected. At one point this was causing an assert()
 | |
|   # to fail.
 | |
|   catchsql { DELETE FROM t1 WHERE rowid = 3 }
 | |
| } {1 {database disk image is malformed}}
 | |
| 
 | |
| do_test corrupt-5.1 {
 | |
|   db close
 | |
|   forcedelete test.db test.db-journal
 | |
|   sqlite3 db test.db
 | |
| 
 | |
|   execsql { PRAGMA page_size = 1024 }
 | |
|   set ct "CREATE TABLE t1(c0 "
 | |
|   set i 0
 | |
|   while {[string length $ct] < 950} { append ct ", c[incr i]" }
 | |
|   append ct ")"
 | |
|   execsql $ct
 | |
| } {}
 | |
| 
 | |
| do_test corrupt-5.2 {
 | |
|   db close
 | |
|   hexio_write test.db 108 00000000 
 | |
|   sqlite3 db test.db
 | |
|   catchsql { SELECT * FROM sqlite_master }
 | |
| } {1 {database disk image is malformed}}
 | |
| 
 | |
| # At one point, the specific corruption caused by this test case was
 | |
| # causing a buffer overwrite. Although a crash was never demonstrated,
 | |
| # running this testcase under valgrind revealed the problem.
 | |
| do_test corrupt-6.1 {
 | |
|   db close
 | |
|   forcedelete test.db test.db-journal
 | |
|   sqlite3 db test.db
 | |
|   execsql { 
 | |
|     PRAGMA page_size = 1024; CREATE TABLE t1(x);
 | |
|   }
 | |
| 
 | |
|   # The root page of t1 is 1024 bytes in size. The header is 8 bytes, and
 | |
|   # each of the cells inserted by the following INSERT statements consume
 | |
|   # 16 bytes (including the 2 byte cell-offset array entry). So the page
 | |
|   # can contain up to 63 cells.
 | |
|   for {set i 0} {$i < 63} {incr i} {
 | |
|     execsql { INSERT INTO t1 VALUES( randomblob(10) ) }
 | |
|   }
 | |
| 
 | |
|   # Free the cell stored right at the end of the page (at offset pgsz-14).
 | |
|   execsql { DELETE FROM t1 WHERE rowid=1 }
 | |
|   set rootpage [db one {SELECT rootpage FROM sqlite_master WHERE name = 't1'}]
 | |
|   db close
 | |
| 
 | |
|   set offset [expr ($rootpage * 1024)-14+2]
 | |
|   hexio_write test.db $offset 00FF
 | |
|   sqlite3 db test.db 
 | |
| 
 | |
|   catchsql { INSERT INTO t1 VALUES( randomblob(10) ) }
 | |
| } {1 {database disk image is malformed}}
 | |
| 
 | |
| ifcapable oversize_cell_check {
 | |
|   db close
 | |
|   forcedelete test.db test.db-journal
 | |
|   sqlite3 db test.db
 | |
|   execsql { 
 | |
|     PRAGMA page_size = 1024; CREATE TABLE t1(x);
 | |
|   }
 | |
| 
 | |
|   do_test corrupt-7.1 {
 | |
|     for {set i 0} {$i < 39} {incr i} {
 | |
|       execsql {
 | |
|         INSERT INTO t1 VALUES(X'000100020003000400050006000700080009000A');
 | |
|       }
 | |
|     }
 | |
|   } {}
 | |
|   db close
 | |
|   
 | |
|   # Corrupt the root page of table t1 so that the first offset in the 
 | |
|   # cell-offset array points to the data for the SQL blob associated with
 | |
|   # record (rowid=10). The root page still passes the checks in btreeInitPage(),
 | |
|   # because the start of said blob looks like the start of a legitimate 
 | |
|   # page cell.
 | |
|   #
 | |
|   # Test case cc-2 overwrites the blob so that it no longer looks like a
 | |
|   # real cell. But, by the time it is overwritten, btreeInitPage() has already
 | |
|   # initialized the root page, so no corruption is detected.
 | |
|   #
 | |
|   # Test case cc-3 inserts an extra record into t1, forcing balance-deeper
 | |
|   # to run. After copying the contents of the root page to the new child,
 | |
|   # btreeInitPage() is called on the child. This time, it detects corruption
 | |
|   # (because the start of the blob associated with the (rowid=10) record
 | |
|   # no longer looks like a real cell). At one point the code assumed that 
 | |
|   # detecting corruption was not possible at that point, and an assert() failed.
 | |
|   #
 | |
|   set fd [open test.db r+]
 | |
|   fconfigure $fd -translation binary -encoding binary
 | |
|   seek $fd [expr 1024+8]
 | |
|   puts -nonewline $fd "\x03\x14"
 | |
|   close $fd
 | |
|   
 | |
|   sqlite3 db test.db
 | |
|   do_test corrupt-7.2 {
 | |
|     execsql { 
 | |
|       UPDATE t1 SET x = X'870400020003000400050006000700080009000A' 
 | |
|       WHERE rowid = 10;
 | |
|     }
 | |
|   } {}
 | |
|   do_test corrupt-7.3 {
 | |
|     catchsql {
 | |
|       INSERT INTO t1 VALUES(X'000100020003000400050006000700080009000A');
 | |
|     }
 | |
|   } {1 {database disk image is malformed}}
 | |
| }
 | |
| 
 | |
| db close
 | |
| forcedelete test.db test.db-journal
 | |
| do_test corrupt-8.1 {
 | |
|   sqlite3 db test.db
 | |
|   execsql {
 | |
|     PRAGMA page_size = 1024;
 | |
|     PRAGMA secure_delete = on;
 | |
|     PRAGMA auto_vacuum = 0;
 | |
|     CREATE TABLE t1(x INTEGER PRIMARY KEY, y);
 | |
|     INSERT INTO t1 VALUES(5, randomblob(1900));
 | |
|   }
 | |
| 
 | |
|   hexio_write test.db 2044 [hexio_render_int32 2]
 | |
|   hexio_write test.db 24   [hexio_render_int32 45]
 | |
| 
 | |
|   catchsql { INSERT OR REPLACE INTO t1 VALUES(5, randomblob(1900)) }
 | |
| } {1 {database disk image is malformed}}
 | |
| 
 | |
| db close
 | |
| forcedelete test.db test.db-journal
 | |
| do_test corrupt-8.2 {
 | |
|   sqlite3 db test.db
 | |
|   execsql {
 | |
|     PRAGMA page_size = 1024;
 | |
|     PRAGMA secure_delete = on;
 | |
|     PRAGMA auto_vacuum = 0;
 | |
|     CREATE TABLE t1(x INTEGER PRIMARY KEY, y);
 | |
|     INSERT INTO t1 VALUES(5, randomblob(900));
 | |
|     INSERT INTO t1 VALUES(6, randomblob(900));
 | |
|   }
 | |
| 
 | |
|   hexio_write test.db 2047 FF
 | |
|   hexio_write test.db 24   [hexio_render_int32 45]
 | |
| 
 | |
|   catchsql { INSERT INTO t1 VALUES(4, randomblob(1900)) }
 | |
| } {1 {database disk image is malformed}}
 | |
| 
 | |
| finish_test
 | 
