Harden the xShmLock method of both the unix and Windows VFSes so that they

are robust against being invoked when the SHM file is not open.

FossilOrigin-Name: 06d4c4d17c49b98701e4b09c19c0cc68e65a0413850fda33b4991fa24fc84fa0

4 files changed, 23 insertions, 13 deletions

diff --git a/manifest b/manifest
index 56d2f5cc1..1084c5d88 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Strengthen\sthe\sdefenses\sagainst\scorrupt\sdatabases\sin\sthe\nsqlite3BtreeInsert()\sfunction\sof\sthe\sbtree\smodule.\n[forum:/forumpost/c7ec29905f|Forum\spost\sc7ec29905f].
-D 2022-03-21T18:23:24.884
+C Harden\sthe\sxShmLock\smethod\sof\sboth\sthe\sunix\sand\sWindows\sVFSes\sso\sthat\sthey\nare\srobust\sagainst\sbeing\sinvoked\swhen\sthe\sSHM\sfile\sis\snot\sopen.
+D 2022-03-22T20:02:53.848
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -536,8 +536,8 @@ F src/os.c b1c4f2d485961e9a5b6b648c36687d25047c252222e9660b7cc25a6e1ea436ab
 F src/os.h 26890f540b475598cd9881dcc68931377b8d429d3ea3e2eeb64470cde64199f8
 F src/os_common.h b2f4707a603e36811d9b1a13278bffd757857b85
 F src/os_setup.h 0dbaea40a7d36bf311613d31342e0b99e2536586
-F src/os_unix.c f5ad51cfd024116db8531feab9efd831c2621436dca1464e4ff1e8af9bf3252e
-F src/os_win.c 77d39873836f1831a9b0b91894fec45ab0e9ca8e067dc8c549e1d1eca1566fe9
+F src/os_unix.c df6142ed776b5e52c7c3106767283be2d510b63d72beb3b205898462f340a176
+F src/os_win.c a8ea80037e81127ca01959daa87387cc135f325c88dc745376c4f760de852a10
 F src/os_win.h 7b073010f1451abe501be30d12f6bc599824944a
 F src/pager.c e4f4c1e07b2cc4fa44fc0bd51957ca6066f6b8c0b0e0388f11a6728b50d8f4e6
 F src/pager.h 4bf9b3213a4b2bebbced5eaa8b219cf25d4a82f385d093cd64b7e93e5285f66f
@@ -1944,9 +1944,9 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P b4210bc0ba1dddd163884b75a7bcc21d580598bdab06f938b0f84982274d6346
-Q +4df301c8610c4c36b4eb360d49ccaef873c63ea719ccb14b357754ff0b3ea5ef
-R 3e234d37079718337270ae6e2e0994d8
+P 883fec9c3a410280bd5160acf1e103fa3c5fb6c6a003b2b99567d3b7037bc07e
+Q +67d8b434f628d44c4a90ce8ff5ab2e381f500bb42bdbfab9a17d21925a2ec6cd
+R 80ff887e870c4a46d8cc400d89965c94
 U drh
-Z f7ac5d729421e8d370b6993f1025b0d7
+Z 242bda5e05c3bfda786964ea91f8e8b8
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index 98274f45d..5ef371b16 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-883fec9c3a410280bd5160acf1e103fa3c5fb6c6a003b2b99567d3b7037bc07e
\ No newline at end of file
+06d4c4d17c49b98701e4b09c19c0cc68e65a0413850fda33b4991fa24fc84fa0
\ No newline at end of file
diff --git a/src/os_unix.c b/src/os_unix.c
index cd619f5c0..e6deaa728 100644
--- a/src/os_unix.c
+++ b/src/os_unix.c
@@ -4910,11 +4910,17 @@ static int unixShmLock(
   int flags                  /* What to do with the lock */
 ){
   unixFile *pDbFd = (unixFile*)fd;      /* Connection holding shared memory */
-  unixShm *p = pDbFd->pShm;             /* The shared memory being locked */
-  unixShmNode *pShmNode = p->pShmNode;  /* The underlying file iNode */
+  unixShm *p;                           /* The shared memory being locked */
+  unixShmNode *pShmNode;                /* The underlying file iNode */
   int rc = SQLITE_OK;                   /* Result code */
   u16 mask;                             /* Mask of locks to take or release */
-  int *aLock = pShmNode->aLock;
+  int *aLock;
+
+  p = pDbFd->pShm;
+  if( p==0 ) return SQLITE_IOERR_SHMLOCK;
+  pShmNode = p->pShmNode;
+  if( NEVER(pShmNode==0) ) return SQLITE_IOERR_SHMLOCK;
+  aLock = pShmNode->aLock;
 
   assert( pShmNode==pDbFd->pInode->pShmNode );
   assert( pShmNode->pInode==pDbFd->pInode );
diff --git a/src/os_win.c b/src/os_win.c
index d7c436eff..8832c8012 100644
--- a/src/os_win.c
+++ b/src/os_win.c
@@ -4070,10 +4070,14 @@ static int winShmLock(
   winFile *pDbFd = (winFile*)fd;        /* Connection holding shared memory */
   winShm *p = pDbFd->pShm;              /* The shared memory being locked */
   winShm *pX;                           /* For looping over all siblings */
-  winShmNode *pShmNode = p->pShmNode;
+  winShmNode *pShmNode;
   int rc = SQLITE_OK;                   /* Result code */
   u16 mask;                             /* Mask of locks to take or release */
 
+  if( p==0 ) return SQLITE_IOERR_SHMLOCK;
+  pShmNode = p->pShmNode;
+  if( NEVER(pShmNode==0) ) return SQLITE_IOERR_SHMLOCK;
+
   assert( ofst>=0 && ofst+n<=SQLITE_SHM_NLOCK );
   assert( n>=1 );
   assert( flags==(SQLITE_SHM_LOCK | SQLITE_SHM_SHARED)