Usually in the wallet.dat file, the pubkey(a bitcoin address) and the private key are in pairs.
Address != Public key.
The address is the hash of a public key. They are not the same.
Yes, you are correct, this wallet.dat is encrypted, the Bitcoin core client can not decrypt it, verify that the private key matches the public key, thank you for your answer.
The client can decrypt it (given the user knows the correct password), but it won't be able to decrypt the private keys (because they are not encrypted, it is just garbage data).