Your message dated Sun, 11 Jun 2017 16:26:00 +0000
with message-id <[email protected]>
and subject line Re: Bug#864573: unblock: sqlite3/3.16.2-5
has caused the Debian Bug report #864573,
regarding unblock: sqlite3/3.16.2-5
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
864573: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864573
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
User: [email protected]
Usertags: unblock
Hi Release Team,
There's a database corruption bug in sqlite3 which affects 3.16.0+
releases (the one in Stretch) if auto vacuum is enabled. The fix is
very small:
- if( info.nSize==szNew && info.nLocal==info.nPayload ){
+ if( info.nSize==szNew && info.nLocal==info.nPayload
+ && (!ISAUTOVACUUM || szNew<pPage->minLocal)
But full debdiff is attached. Please unblock 3.16.2-5 and let it
migrate to Stretch.
Thanks for consideration,
Laszlo/GCS
diff -Nru sqlite3-3.16.2/debian/changelog sqlite3-3.16.2/debian/changelog
--- sqlite3-3.16.2/debian/changelog 2017-06-04 07:58:54.000000000 +0000
+++ sqlite3-3.16.2/debian/changelog 2017-06-08 22:07:42.000000000 +0000
@@ -1,3 +1,9 @@
+sqlite3 (3.16.2-5) unstable; urgency=medium
+
+ * Backport fix for corruption due to REPLACE in an auto-vacuumed database.
+
+ -- Laszlo Boszormenyi (GCS) <[email protected]> Thu, 08 Jun 2017 22:07:42 +0000
+
sqlite3 (3.16.2-4) unstable; urgency=high
* Backport fix for a possible NULL pointer dereference in the OP_Found
diff -Nru sqlite3-3.16.2/debian/patches/50-REPLACE_corruption_fix.patch sqlite3-3.16.2/debian/patches/50-REPLACE_corruption_fix.patch
--- sqlite3-3.16.2/debian/patches/50-REPLACE_corruption_fix.patch 1970-01-01 00:00:00.000000000 +0000
+++ sqlite3-3.16.2/debian/patches/50-REPLACE_corruption_fix.patch 2017-06-08 22:07:42.000000000 +0000
@@ -0,0 +1,50 @@
+Index: sqlite3/src/btree.c
+==================================================================
+--- sqlite3/src/btree.c
++++ sqlite3/src/btree.c
+@@ -8057,16 +8057,22 @@
+ oldCell = findCell(pPage, idx);
+ if( !pPage->leaf ){
+ memcpy(newCell, oldCell, 4);
+ }
+ rc = clearCell(pPage, oldCell, &info);
+- if( info.nSize==szNew && info.nLocal==info.nPayload ){
++ if( info.nSize==szNew && info.nLocal==info.nPayload
++ && (!ISAUTOVACUUM || szNew<pPage->minLocal)
++ ){
+ /* Overwrite the old cell with the new if they are the same size.
+ ** We could also try to do this if the old cell is smaller, then add
+ ** the leftover space to the free list. But experiments show that
+ ** doing that is no faster then skipping this optimization and just
+- ** calling dropCell() and insertCell(). */
++ ** calling dropCell() and insertCell().
++ **
++ ** This optimization cannot be used on an autovacuum database if the
++ ** new entry uses overflow pages, as the insertCell() call below is
++ ** necessary to add the PTRMAP_OVERFLOW1 pointer-map entry. */
+ assert( rc==SQLITE_OK ); /* clearCell never fails when nLocal==nPayload */
+ if( oldCell+szNew > pPage->aDataEnd ) return SQLITE_CORRUPT_BKPT;
+ memcpy(oldCell, newCell, szNew);
+ return SQLITE_OK;
+ }
+
+Index: sqlite3/test/autovacuum.test
+==================================================================
+--- sqlite3/test/autovacuum.test
++++ sqlite3/test/autovacuum.test
+@@ -703,7 +703,14 @@
+ do_test autovacuum-9.5 {
+ execsql { DELETE FROM t1 WHERE rowid > (SELECT max(a)/2 FROM t1) }
+ file size test.db
+ } $::sqlite_pending_byte
+
++do_execsql_test autovacuum-10.1 {
++ DROP TABLE t1;
++ CREATE TABLE t1(a INTEGER PRIMARY KEY, b);
++ INSERT INTO t1 VALUES(25, randomblob(104));
++ REPLACE INTO t1 VALUES(25, randomblob(1117));
++ PRAGMA integrity_check;
++} {ok}
+
+ finish_test
+
diff -Nru sqlite3-3.16.2/debian/patches/series sqlite3-3.16.2/debian/patches/series
--- sqlite3-3.16.2/debian/patches/series 2017-06-04 07:58:54.000000000 +0000
+++ sqlite3-3.16.2/debian/patches/series 2017-06-08 22:07:42.000000000 +0000
@@ -12,3 +12,4 @@
41-JSON-2_1.patch
42-JSON-2_2.patch
43-JSON-3.patch
+50-REPLACE_corruption_fix.patch
--- End Message ---
--- Begin Message ---
László Böszörményi (GCS):
> Package: release.debian.org
> User: [email protected]
> Usertags: unblock
>
> Hi Release Team,
>
> There's a database corruption bug in sqlite3 which affects 3.16.0+
> releases (the one in Stretch) if auto vacuum is enabled. The fix is
> very small:
> - if( info.nSize==szNew && info.nLocal==info.nPayload ){
> + if( info.nSize==szNew && info.nLocal==info.nPayload
> + && (!ISAUTOVACUUM || szNew<pPage->minLocal)
>
> But full debdiff is attached. Please unblock 3.16.2-5 and let it
> migrate to Stretch.
>
> Thanks for consideration,
> Laszlo/GCS
>
Exception granted.
~Niels
--- End Message ---
