Strengthen the defenses against corrupt databases in the

sqlite3BtreeInsert() function of the btree module.
[forum:/forumpost/c7ec29905f|Forum post c7ec29905f].

FossilOrigin-Name: 883fec9c3a410280bd5160acf1e103fa3c5fb6c6a003b2b99567d3b7037bc07e

3 files changed, 27 insertions, 28 deletions

diff --git a/manifest b/manifest
index 305592c7f..56d2f5cc1 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C The\sprevious\sassert()\sfix\swas\snot\scorrect\swhen\sbuilding\swith\n-DSQLITE_ENABLE_OFFSET_SQL_FUNC.\s\sThis\sis\sthe\sfix.
-D 2022-03-21T16:34:19.703
+C Strengthen\sthe\sdefenses\sagainst\scorrupt\sdatabases\sin\sthe\nsqlite3BtreeInsert()\sfunction\sof\sthe\sbtree\smodule.\n[forum:/forumpost/c7ec29905f|Forum\spost\sc7ec29905f].
+D 2022-03-21T18:23:24.884
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -492,7 +492,7 @@ F src/auth.c f4fa91b6a90bbc8e0d0f738aa284551739c9543a367071f55574681e0f24f8cf
 F src/backup.c a2891172438e385fdbe97c11c9745676bec54f518d4447090af97189fd8e52d7
 F src/bitvec.c 7c849aac407230278445cb069bebc5f89bf2ddd87c5ed9459b070a9175707b3d
 F src/btmutex.c 8acc2f464ee76324bf13310df5692a262b801808984c1b79defb2503bbafadb6
-F src/btree.c 259413ef3018ff795f7934dcebc1268ed3d5e3076fb9ad645774002e8ed92940
+F src/btree.c 94e354923813f151ff9e98334ad603aedf7019207b7867317861c4f83565addd
 F src/btree.h 74d64b8f28cfa4a894d14d4ed64fa432cd697b98b61708d4351482ae15913e22
 F src/btreeInt.h 8be97d3939d626f734ec1b577efa4e6e186da00daf5b3227af199ca1c24cdd71
 F src/build.c a0cc68fe8172c0a31b54576f9c6c0fe6f7c82b1b5e1387afdd6a5a13132bc131
@@ -1944,9 +1944,9 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P ccd2a2a7e197736a18dce28272fdb4acdf8447342523819c545d28e744c99562
-Q +c0a4767fef27cfe4fdc1d8a29342998095894769a63d84e37ec47ced7ce4e5f7
-R 82661c4920ae7f0cdbc08df3e389d445
+P b4210bc0ba1dddd163884b75a7bcc21d580598bdab06f938b0f84982274d6346
+Q +4df301c8610c4c36b4eb360d49ccaef873c63ea719ccb14b357754ff0b3ea5ef
+R 3e234d37079718337270ae6e2e0994d8
 U drh
-Z ff88237d13b7ea8f20590d5979fd4cb8
+Z f7ac5d729421e8d370b6993f1025b0d7
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index ff09137ce..98274f45d 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-b4210bc0ba1dddd163884b75a7bcc21d580598bdab06f938b0f84982274d6346
\ No newline at end of file
+883fec9c3a410280bd5160acf1e103fa3c5fb6c6a003b2b99567d3b7037bc07e
\ No newline at end of file
diff --git a/src/btree.c b/src/btree.c
index 9bc242256..8459b9d41 100644
--- a/src/btree.c
+++ b/src/btree.c
@@ -8848,24 +8848,6 @@ int sqlite3BtreeInsert(
   assert( (flags & (BTREE_SAVEPOSITION|BTREE_APPEND|BTREE_PREFORMAT))==flags );
   assert( (flags & BTREE_PREFORMAT)==0 || seekResult || pCur->pKeyInfo==0 );
 
-  if( pCur->eState==CURSOR_FAULT ){
-    assert( pCur->skipNext!=SQLITE_OK );
-    return pCur->skipNext;
-  }
-
-  assert( cursorOwnsBtShared(pCur) );
-  assert( (pCur->curFlags & BTCF_WriteFlag)!=0
-              && pBt->inTransaction==TRANS_WRITE
-              && (pBt->btsFlags & BTS_READ_ONLY)==0 );
-  assert( hasSharedCacheTableLock(p, pCur->pgnoRoot, pCur->pKeyInfo!=0, 2) );
-
-  /* Assert that the caller has been consistent. If this cursor was opened
-  ** expecting an index b-tree, then the caller should be inserting blob
-  ** keys with no associated data. If the cursor was opened expecting an
-  ** intkey table, the caller should be inserting integer keys with a
-  ** blob of associated data.  */
-  assert( (flags & BTREE_PREFORMAT) || (pX->pKey==0)==(pCur->pKeyInfo==0) );
-
   /* Save the positions of any other cursors open on this table.
   **
   ** In some cases, the call to btreeMoveto() below is a no-op. For
@@ -8890,6 +8872,24 @@ int sqlite3BtreeInsert(
     }
   }
 
+  if( pCur->eState>=CURSOR_REQUIRESEEK ){
+    rc = moveToRoot(pCur);
+    if( rc && rc!=SQLITE_EMPTY ) return rc;
+  }
+
+  assert( cursorOwnsBtShared(pCur) );
+  assert( (pCur->curFlags & BTCF_WriteFlag)!=0
+              && pBt->inTransaction==TRANS_WRITE
+              && (pBt->btsFlags & BTS_READ_ONLY)==0 );
+  assert( hasSharedCacheTableLock(p, pCur->pgnoRoot, pCur->pKeyInfo!=0, 2) );
+
+  /* Assert that the caller has been consistent. If this cursor was opened
+  ** expecting an index b-tree, then the caller should be inserting blob
+  ** keys with no associated data. If the cursor was opened expecting an
+  ** intkey table, the caller should be inserting integer keys with a
+  ** blob of associated data.  */
+  assert( (flags & BTREE_PREFORMAT) || (pX->pKey==0)==(pCur->pKeyInfo==0) );
+
   if( pCur->pKeyInfo==0 ){
     assert( pX->pKey==0 );
     /* If this is an insert into a table b-tree, invalidate any incrblob 
@@ -8978,8 +8978,7 @@ int sqlite3BtreeInsert(
     }
   }
   assert( pCur->eState==CURSOR_VALID 
-       || (pCur->eState==CURSOR_INVALID && loc)
-       || CORRUPT_DB );
+       || (pCur->eState==CURSOR_INVALID && loc) );
 
   pPage = pCur->pPage;
   assert( pPage->intKey || pX->nKey>=0 || (flags & BTREE_PREFORMAT) );