database/sqlite
1
0
Fork 0
mirror of https://github.com/sqlite/sqlite.git synced 2025-10-21 11:13:54 +03:00
Code Activity

Fix additional integer overflow problems in the substr() function.

Browse Source 
FossilOrigin-Name: 472abb492f1d1553ae6bdf53cc64bebfe75423526335beab7eaff26cc495cd7d
This commit is contained in:
drh
2024-12-19 12:08:39 +00:00
parent b097ef29d1
commit 2dcd4fad6b
4 changed files with 15 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/func.c
View File

@@ -427,9 +427,11 @@ static void substrFunc(
sqlite3_result_text64(context, (char*)z, z2-z, SQLITE_TRANSIENT,
SQLITE_UTF8);
}else{
if( p1+p2>len ){
if( p1>=len ){
p1 = p2 = 0;
}else if( p2>len-p1 ){
p2 = len-p1;
if( p2<0 ) p2 = 0;
assert( p2>0 );
}
sqlite3_result_blob64(context, (char*)&z[p1], (u64)p2, SQLITE_TRANSIENT);
}