Sql: fix recovery module fuzzer issue

Convert DCHECK + crash into LOG(ERROR) + graceful failure.

Bug: 1511175
Change-Id: I3d450e5f9b195f22849c3bd5f053d0a3133a0e8b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5126702
Commit-Queue: Evan Stade <estade@chromium.org>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Auto-Submit: Evan Stade <estade@chromium.org>
Commit-Queue: Ayu Ishii <ayui@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1238288}

This commit is contained in:

Evan Stade

2023-12-15 22:27:26 +00:00

committed by

Chromium LUCI CQ

parent 74f784635d

commit 5d24c4bd60

1 changed files with 12 additions and 8 deletions

									
										20

sql/recover_module/payload.cc
									
				@ -11,6 +11,7 @@

				#include <type_traits>

				#include "base/check_op.h"

				#include "base/logging.h"

				#include "sql/recover_module/btree.h"

				#include "sql/recover_module/integers.h"

				#include "sql/recover_module/pager.h"

				@ -148,7 +149,7 @@ bool LeafPayloadReader::Initialize(int64_t payload_size, int payload_offset) {

				    // The payload size is bigger than the maximum inline payload size, so it

				    // must be bigger than the minimum payload size. This check verifies that

				    // the subtractions below have non-negative results.

				    DCHECK_GT(payload_size, min_inline_payload_size);

				    CHECK_GT(payload_size, min_inline_payload_size);

				    // Payload sizes are upper-bounded by the page size.

				    static_assert(

				@ -176,15 +177,18 @@ bool LeafPayloadReader::Initialize(int64_t payload_size, int payload_offset) {

				      overflow_page_count_ = efficient_overflow_page_count + 1;

				    }

				    DCHECK_LE(inline_payload_size_, max_inline_payload_size);

				    DCHECK_EQ(overflow_page_count_, (payload_size - inline_payload_size_ +

				                                     (max_overflow_payload_size_ - 1)) /

				                                        max_overflow_payload_size_)

				        << "Incorect overflow page count calculation";

				    CHECK_LE(inline_payload_size_, max_inline_payload_size);

				    if (overflow_page_count_ != (payload_size - inline_payload_size_ +

				                                 (max_overflow_payload_size_ - 1)) /

				                                    max_overflow_payload_size_) {

				      LOG(ERROR) << "Incorrect overflow page count calculation";

				      page_id_ = DatabasePageReader::kHighestInvalidPageId;

				      return false;

				    }

				  }

				  DCHECK_LE(inline_payload_size_, payload_size);

				  DCHECK_LE(inline_payload_size_, page_size);

				  CHECK_LE(inline_payload_size_, payload_size);

				  CHECK_LE(inline_payload_size_, page_size);

				  const int first_overflow_page_id_size =

				      (overflow_page_count_ == 0) ? 0 : kPageIdSize;

Sql: fix recovery module fuzzer issue

20 sql/recover_module/payload.cc

20

sql/recover_module/payload.cc