1# 2004 August 30 2# 3# The author disclaims copyright to this source code. In place of 4# a legal notice, here is a blessing: 5# 6# May you do good and not evil. 7# May you find forgiveness for yourself and forgive others. 8# May you share freely, never taking more than you give. 9# 10#*********************************************************************** 11# This file implements regression tests for SQLite library. 12# 13# This file implements tests to make sure SQLite does not crash or 14# segfault if it sees a corrupt database file. 15# 16# $Id: corrupt2.test,v 1.20 2009/04/06 17:50:03 danielk1977 Exp $ 17 18set testdir [file dirname $argv0] 19source $testdir/tester.tcl 20 21# Do not use a codec for tests in this file, as the database file is 22# manipulated directly using tcl scripts (using the [hexio_write] command). 23# 24do_not_use_codec 25 26# These tests deal with corrupt database files 27# 28database_may_be_corrupt 29 30set presql "" 31catch { set presql "$::G(perm:presql);" } 32unset -nocomplain ::G(perm:presql) 33 34# The following tests - corrupt2-1.* - create some databases corrupted in 35# specific ways and ensure that SQLite detects them as corrupt. 36# 37do_test corrupt2-1.1 { 38 execsql { 39 PRAGMA auto_vacuum=0; 40 PRAGMA page_size=1024; 41 CREATE TABLE abc(a, b, c); 42 } 43} {} 44 45do_test corrupt2-1.2 { 46 47 # Corrupt the 16 byte magic string at the start of the file 48 forcedelete corrupt.db 49 forcedelete corrupt.db-journal 50 forcecopy test.db corrupt.db 51 set f [open corrupt.db RDWR] 52 seek $f 8 start 53 puts $f blah 54 close $f 55 56 sqlite3 db2 corrupt.db 57 catchsql " 58 $::presql 59 SELECT * FROM sqlite_master; 60 " db2 61} {1 {file is encrypted or is not a database}} 62 63do_test corrupt2-1.3 { 64 db2 close 65 66 # Corrupt the page-size (bytes 16 and 17 of page 1). 67 forcedelete corrupt.db 68 forcedelete corrupt.db-journal 69 forcecopy test.db corrupt.db 70 set f [open corrupt.db RDWR] 71 fconfigure $f -encoding binary 72 seek $f 16 start 73 puts -nonewline $f "\x00\xFF" 74 close $f 75 76 sqlite3 db2 corrupt.db 77 catchsql " 78 $::presql 79 SELECT * FROM sqlite_master; 80 " db2 81} {1 {file is encrypted or is not a database}} 82 83do_test corrupt2-1.4 { 84 db2 close 85 86 # Corrupt the free-block list on page 1. 87 forcedelete corrupt.db 88 forcedelete corrupt.db-journal 89 forcecopy test.db corrupt.db 90 set f [open corrupt.db RDWR] 91 fconfigure $f -encoding binary 92 seek $f 101 start 93 puts -nonewline $f "\xFF\xFF" 94 close $f 95 96 sqlite3 db2 corrupt.db 97 catchsql " 98 $::presql 99 SELECT * FROM sqlite_master; 100 " db2 101} {1 {database disk image is malformed}} 102 103do_test corrupt2-1.5 { 104 db2 close 105 106 # Corrupt the free-block list on page 1. 107 forcedelete corrupt.db 108 forcedelete corrupt.db-journal 109 forcecopy test.db corrupt.db 110 set f [open corrupt.db RDWR] 111 fconfigure $f -encoding binary 112 seek $f 101 start 113 puts -nonewline $f "\x00\xC8" 114 seek $f 200 start 115 puts -nonewline $f "\x00\x00" 116 puts -nonewline $f "\x10\x00" 117 close $f 118 119 sqlite3 db2 corrupt.db 120 catchsql " 121 $::presql 122 SELECT * FROM sqlite_master; 123 " db2 124} {1 {database disk image is malformed}} 125db2 close 126 127# Corrupt a database by having 2 indices of the same name: 128do_test corrupt2-2.1 { 129 130 forcedelete corrupt.db 131 forcedelete corrupt.db-journal 132 forcecopy test.db corrupt.db 133 134 sqlite3 db2 corrupt.db 135 execsql " 136 $::presql 137 CREATE INDEX a1 ON abc(a); 138 CREATE INDEX a2 ON abc(b); 139 PRAGMA writable_schema = 1; 140 UPDATE sqlite_master 141 SET name = 'a3', sql = 'CREATE INDEX a3' || substr(sql, 16, 10000) 142 WHERE type = 'index'; 143 PRAGMA writable_schema = 0; 144 " db2 145 146 db2 close 147 sqlite3 db2 corrupt.db 148 catchsql " 149 $::presql 150 SELECT * FROM sqlite_master; 151 " db2 152} {1 {malformed database schema (a3) - index a3 already exists}} 153 154db2 close 155 156do_test corrupt2-3.1 { 157 forcedelete corrupt.db 158 forcedelete corrupt.db-journal 159 sqlite3 db2 corrupt.db 160 161 execsql " 162 $::presql 163 PRAGMA auto_vacuum = 1; 164 PRAGMA page_size = 1024; 165 CREATE TABLE t1(a, b, c); 166 CREATE TABLE t2(a, b, c); 167 INSERT INTO t2 VALUES(randomblob(100), randomblob(100), randomblob(100)); 168 INSERT INTO t2 SELECT * FROM t2; 169 INSERT INTO t2 SELECT * FROM t2; 170 INSERT INTO t2 SELECT * FROM t2; 171 INSERT INTO t2 SELECT * FROM t2; 172 " db2 173 174 db2 close 175 176 # On the root page of table t2 (page 4), set one of the child page-numbers 177 # to 0. This corruption will be detected when SQLite attempts to update 178 # the pointer-map after moving the content of page 4 to page 3 as part 179 # of the DROP TABLE operation below. 180 # 181 set fd [open corrupt.db r+] 182 fconfigure $fd -encoding binary -translation binary 183 seek $fd [expr 1024*3 + 12] 184 set zCelloffset [read $fd 2] 185 binary scan $zCelloffset S iCelloffset 186 seek $fd [expr 1024*3 + $iCelloffset] 187 puts -nonewline $fd "\00\00\00\00" 188 close $fd 189 190 sqlite3 db2 corrupt.db 191 catchsql " 192 $::presql 193 DROP TABLE t1; 194 " db2 195} {1 {database disk image is malformed}} 196 197do_test corrupt2-4.1 { 198 catchsql { 199 SELECT * FROM t2; 200 } db2 201} {1 {database disk image is malformed}} 202 203db2 close 204 205unset -nocomplain result 206do_test corrupt2-5.1 { 207 forcedelete corrupt.db 208 forcedelete corrupt.db-journal 209 sqlite3 db2 corrupt.db 210 211 execsql " 212 $::presql 213 PRAGMA auto_vacuum = 0; 214 PRAGMA page_size = 1024; 215 CREATE TABLE t1(a, b, c); 216 CREATE TABLE t2(a, b, c); 217 INSERT INTO t2 VALUES(randomblob(100), randomblob(100), randomblob(100)); 218 INSERT INTO t2 SELECT * FROM t2; 219 INSERT INTO t2 SELECT * FROM t2; 220 INSERT INTO t2 SELECT * FROM t2; 221 INSERT INTO t2 SELECT * FROM t2; 222 INSERT INTO t1 SELECT * FROM t2; 223 " db2 224 225 db2 close 226 227 # This block links a page from table t2 into the t1 table structure. 228 # 229 set fd [open corrupt.db r+] 230 fconfigure $fd -encoding binary -translation binary 231 seek $fd [expr 1024 + 12] 232 set zCelloffset [read $fd 2] 233 binary scan $zCelloffset S iCelloffset 234 seek $fd [expr 1024 + $iCelloffset] 235 set zChildPage [read $fd 4] 236 seek $fd [expr 2*1024 + 12] 237 set zCelloffset [read $fd 2] 238 binary scan $zCelloffset S iCelloffset 239 seek $fd [expr 2*1024 + $iCelloffset] 240 puts -nonewline $fd $zChildPage 241 close $fd 242 243 sqlite3 db2 corrupt.db 244 db2 eval $::presql 245 db2 eval {SELECT rowid FROM t1} { 246 set result [db2 eval {pragma integrity_check}] 247 break 248 } 249 set result 250} {{*** in database main *** 251On tree page 2 cell 0: 2nd reference to page 10 252Page 4 is never used}} 253 254db2 close 255 256proc corruption_test {args} { 257 set A(-corrupt) {} 258 set A(-sqlprep) {} 259 set A(-tclprep) {} 260 array set A $args 261 262 catch {db close} 263 forcedelete corrupt.db 264 forcedelete corrupt.db-journal 265 266 sqlite3 db corrupt.db 267 db eval $::presql 268 eval $A(-tclprep) 269 db eval $A(-sqlprep) 270 db close 271 272 eval $A(-corrupt) 273 274 sqlite3 db corrupt.db 275 eval $A(-test) 276} 277 278ifcapable autovacuum { 279 # The tests within this block - corrupt2-6.* - aim to test corruption 280 # detection within an incremental-vacuum. When an incremental-vacuum 281 # step is executed, the last non-free page of the database file is 282 # moved into a free space in the body of the file. After doing so, 283 # the page reference in the parent page must be updated to refer 284 # to the new location. These tests test the outcome of corrupting 285 # that page reference before performing the incremental vacuum. 286 # 287 288 # The last page in the database page is the second page 289 # in an overflow chain. 290 # 291 corruption_test -sqlprep { 292 PRAGMA auto_vacuum = incremental; 293 PRAGMA page_size = 1024; 294 CREATE TABLE t1(a, b); 295 INSERT INTO t1 VALUES(1, randomblob(2500)); 296 INSERT INTO t1 VALUES(2, randomblob(2500)); 297 DELETE FROM t1 WHERE a = 1; 298 } -corrupt { 299 hexio_write corrupt.db [expr 1024*5] 00000008 300 } -test { 301 do_test corrupt2-6.1 { 302 catchsql " $::presql pragma incremental_vacuum = 1 " 303 } {1 {database disk image is malformed}} 304 } 305 306 # The last page in the database page is a non-root b-tree page. 307 # 308 corruption_test -sqlprep { 309 PRAGMA auto_vacuum = incremental; 310 PRAGMA page_size = 1024; 311 CREATE TABLE t1(a INTEGER PRIMARY KEY, b); 312 INSERT INTO t1 VALUES(1, randomblob(2500)); 313 INSERT INTO t1 VALUES(2, randomblob(50)); 314 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 315 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 316 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 317 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 318 DELETE FROM t1 WHERE a = 1; 319 } -corrupt { 320 hexio_write corrupt.db [expr 1024*2 + 8] 00000009 321 } -test { 322 do_test corrupt2-6.2 { 323 catchsql " $::presql pragma incremental_vacuum = 1 " 324 } {1 {database disk image is malformed}} 325 } 326 327 # Set up a pointer-map entry so that the last page of the database 328 # file appears to be a b-tree root page. This should be detected 329 # as corruption. 330 # 331 corruption_test -sqlprep { 332 PRAGMA auto_vacuum = incremental; 333 PRAGMA page_size = 1024; 334 CREATE TABLE t1(a INTEGER PRIMARY KEY, b); 335 INSERT INTO t1 VALUES(1, randomblob(2500)); 336 INSERT INTO t1 VALUES(2, randomblob(2500)); 337 INSERT INTO t1 VALUES(3, randomblob(2500)); 338 DELETE FROM t1 WHERE a = 1; 339 } -corrupt { 340 set nPage [expr [file size corrupt.db] / 1024] 341 hexio_write corrupt.db [expr 1024 + ($nPage-3)*5] 010000000 342 } -test { 343 do_test corrupt2-6.3 { 344 catchsql " $::presql pragma incremental_vacuum = 1 " 345 } {1 {database disk image is malformed}} 346 } 347 348 corruption_test -sqlprep { 349 PRAGMA auto_vacuum = 1; 350 PRAGMA page_size = 1024; 351 CREATE TABLE t1(a INTEGER PRIMARY KEY, b); 352 INSERT INTO t1 VALUES(1, randomblob(2500)); 353 DELETE FROM t1 WHERE a = 1; 354 } -corrupt { 355 set nAppend [expr 1024*207 - [file size corrupt.db]] 356 set fd [open corrupt.db r+] 357 seek $fd 0 end 358 puts -nonewline $fd [string repeat x $nAppend] 359 close $fd 360 hexio_write corrupt.db 28 00000000 361 } -test { 362 do_test corrupt2-6.4 { 363 catchsql " 364 $::presql 365 BEGIN EXCLUSIVE; 366 COMMIT; 367 " 368 } {1 {database disk image is malformed}} 369 } 370} 371 372 373set sqlprep { 374 PRAGMA auto_vacuum = 0; 375 PRAGMA page_size = 1024; 376 CREATE TABLE t1(a INTEGER PRIMARY KEY, b); 377 CREATE INDEX i1 ON t1(b); 378 INSERT INTO t1 VALUES(1, randomblob(50)); 379 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 380 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 381 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 382 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 383 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 384 INSERT INTO t1 SELECT NULL, randomblob(50) FROM t1; 385} 386 387corruption_test -sqlprep $sqlprep -corrupt { 388 # Set the page-flags of one of the leaf pages of the index B-Tree to 389 # 0x0D (interpreted by SQLite as "leaf page of a table B-Tree"). 390 # 391 set fd [open corrupt.db r+] 392 fconfigure $fd -translation binary -encoding binary 393 seek $fd [expr 1024*2 + 8] 394 set zRightChild [read $fd 4] 395 binary scan $zRightChild I iRightChild 396 seek $fd [expr 1024*($iRightChild-1)] 397 puts -nonewline $fd "\x0D" 398 close $fd 399} -test { 400 do_test corrupt2-7.1 { 401 catchsql " $::presql SELECT b FROM t1 ORDER BY b ASC " 402 } {1 {database disk image is malformed}} 403} 404 405corruption_test -sqlprep $sqlprep -corrupt { 406 # Mess up the page-header of one of the leaf pages of the index B-Tree. 407 # The corruption is detected as part of an OP_Prev opcode. 408 # 409 set fd [open corrupt.db r+] 410 fconfigure $fd -translation binary -encoding binary 411 seek $fd [expr 1024*2 + 12] 412 set zCellOffset [read $fd 2] 413 binary scan $zCellOffset S iCellOffset 414 seek $fd [expr 1024*2 + $iCellOffset] 415 set zChild [read $fd 4] 416 binary scan $zChild I iChild 417 seek $fd [expr 1024*($iChild-1)+3] 418 puts -nonewline $fd "\xFFFF" 419 close $fd 420} -test { 421 do_test corrupt2-7.1 { 422 catchsql " $::presql SELECT b FROM t1 ORDER BY b DESC " 423 } {1 {database disk image is malformed}} 424} 425 426corruption_test -sqlprep $sqlprep -corrupt { 427 # Set the page-flags of one of the leaf pages of the table B-Tree to 428 # 0x0A (interpreted by SQLite as "leaf page of an index B-Tree"). 429 # 430 set fd [open corrupt.db r+] 431 fconfigure $fd -translation binary -encoding binary 432 seek $fd [expr 1024*1 + 8] 433 set zRightChild [read $fd 4] 434 binary scan $zRightChild I iRightChild 435 seek $fd [expr 1024*($iRightChild-1)] 436 puts -nonewline $fd "\x0A" 437 close $fd 438} -test { 439 do_test corrupt2-8.1 { 440 catchsql " $::presql SELECT * FROM t1 WHERE rowid=1000 " 441 } {1 {database disk image is malformed}} 442} 443 444corruption_test -sqlprep { 445 CREATE TABLE t1(a, b, c); CREATE TABLE t8(a, b, c); CREATE TABLE tE(a, b, c); 446 CREATE TABLE t2(a, b, c); CREATE TABLE t9(a, b, c); CREATE TABLE tF(a, b, c); 447 CREATE TABLE t3(a, b, c); CREATE TABLE tA(a, b, c); CREATE TABLE tG(a, b, c); 448 CREATE TABLE t4(a, b, c); CREATE TABLE tB(a, b, c); CREATE TABLE tH(a, b, c); 449 CREATE TABLE t5(a, b, c); CREATE TABLE tC(a, b, c); CREATE TABLE tI(a, b, c); 450 CREATE TABLE t6(a, b, c); CREATE TABLE tD(a, b, c); CREATE TABLE tJ(a, b, c); 451 CREATE TABLE x1(a, b, c); CREATE TABLE x8(a, b, c); CREATE TABLE xE(a, b, c); 452 CREATE TABLE x2(a, b, c); CREATE TABLE x9(a, b, c); CREATE TABLE xF(a, b, c); 453 CREATE TABLE x3(a, b, c); CREATE TABLE xA(a, b, c); CREATE TABLE xG(a, b, c); 454 CREATE TABLE x4(a, b, c); CREATE TABLE xB(a, b, c); CREATE TABLE xH(a, b, c); 455 CREATE TABLE x5(a, b, c); CREATE TABLE xC(a, b, c); CREATE TABLE xI(a, b, c); 456 CREATE TABLE x6(a, b, c); CREATE TABLE xD(a, b, c); CREATE TABLE xJ(a, b, c); 457} -corrupt { 458 set fd [open corrupt.db r+] 459 fconfigure $fd -translation binary -encoding binary 460 seek $fd 108 461 set zRightChild [read $fd 4] 462 binary scan $zRightChild I iRightChild 463 seek $fd [expr 1024*($iRightChild-1)+3] 464 puts -nonewline $fd "\x00\x00" 465 close $fd 466} -test { 467 do_test corrupt2-9.1 { 468 catchsql " $::presql SELECT sql FROM sqlite_master " 469 } {1 {database disk image is malformed}} 470} 471 472corruption_test -sqlprep { 473 CREATE TABLE t1(a, b, c); 474 CREATE TABLE t2(a, b, c); 475 PRAGMA writable_schema = 1; 476 UPDATE sqlite_master SET rootpage = NULL WHERE name = 't2'; 477} -test { 478 do_test corrupt2-10.1 { 479 catchsql " $::presql SELECT * FROM t2 " 480 } {1 {malformed database schema (t2)}} 481 do_test corrupt2-10.2 { 482 sqlite3_errcode db 483 } {SQLITE_CORRUPT} 484} 485 486corruption_test -sqlprep { 487 PRAGMA auto_vacuum = incremental; 488 CREATE TABLE t1(a INTEGER PRIMARY KEY, b); 489 CREATE TABLE t2(a INTEGER PRIMARY KEY, b); 490 INSERT INTO t1 VALUES(1, randstr(100,100)); 491 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 492 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 493 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 494 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 495 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 496 INSERT INTO t2 SELECT * FROM t1; 497 DELETE FROM t1; 498} -corrupt { 499 set offset [expr [file size corrupt.db] - 1024] 500 hexio_write corrupt.db $offset FF 501 hexio_write corrupt.db 24 12345678 502} -test { 503 do_test corrupt2-11.1 { 504 catchsql " $::presql PRAGMA incremental_vacuum " 505 } {1 {database disk image is malformed}} 506} 507corruption_test -sqlprep { 508 PRAGMA auto_vacuum = incremental; 509 CREATE TABLE t1(a INTEGER PRIMARY KEY, b); 510 CREATE TABLE t2(a INTEGER PRIMARY KEY, b); 511 INSERT INTO t1 VALUES(1, randstr(100,100)); 512 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 513 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 514 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 515 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 516 INSERT INTO t1 SELECT NULL, randstr(100,100) FROM t1; 517 INSERT INTO t2 SELECT * FROM t1; 518 DELETE FROM t1; 519} -corrupt { 520 set pgno [expr [file size corrupt.db] / 1024] 521 hexio_write corrupt.db [expr 1024+5*($pgno-3)] 03 522 hexio_write corrupt.db 24 12345678 523} -test { 524 do_test corrupt2-12.1 { 525 catchsql " $::presql PRAGMA incremental_vacuum " 526 } {1 {database disk image is malformed}} 527} 528 529ifcapable autovacuum { 530 # It is not possible for the last page in a database file to be the 531 # pending-byte page (AKA the locking page). This test verifies that if 532 # an attempt is made to commit a transaction to such an auto-vacuum 533 # database SQLITE_CORRUPT is returned. 534 # 535 corruption_test -tclprep { 536 db eval { 537 PRAGMA auto_vacuum = full; 538 PRAGMA page_size = 1024; 539 CREATE TABLE t1(a INTEGER PRIMARY KEY, b); 540 INSERT INTO t1 VALUES(NULL, randstr(50,50)); 541 } 542 for {set ii 0} {$ii < 10} {incr ii} { 543 db eval " $::presql INSERT INTO t1 SELECT NULL, randstr(50,50) FROM t1 " 544 } 545 } -corrupt { 546 do_test corrupt2-13.1 { 547 file size corrupt.db 548 } $::sqlite_pending_byte 549 hexio_write corrupt.db [expr $::sqlite_pending_byte+1023] 00 550 hexio_write corrupt.db 28 00000000 551 } -test { 552 do_test corrupt2-13.2 { 553 file size corrupt.db 554 } [expr $::sqlite_pending_byte + 1024] 555 do_test corrupt2-13.3 { 556 catchsql { DELETE FROM t1 WHERE rowid < 30; } 557 } {1 {database disk image is malformed}} 558 } 559} 560 561finish_test 562