1
0
mirror of https://github.com/sqlite/sqlite.git synced 2025-10-21 11:13:54 +03:00

Fixes to the substr() SQL function so that it can handle ridiculously large

numbers in its 2nd and 3rd arguments without signed integer overflows.

FossilOrigin-Name: c1de8f916ea617109a903c436c57d082756fbb2b933ba9ce6998b9b912b12dea
This commit is contained in:
drh
2024-12-28 12:32:01 +00:00
parent 9591d3fe93
commit e0190a6984
3 changed files with 18 additions and 19 deletions

View File

@@ -1,5 +1,5 @@
C In\sthe\s(debugging)\srtreenode()\sfunction,\sdo\snot\soverride\san\serror\scoming\sout\nof\ssqlite3_result_text(). C Fixes\sto\sthe\ssubstr()\sSQL\sfunction\sso\sthat\sit\scan\shandle\sridiculously\slarge\nnumbers\sin\sits\s2nd\sand\s3rd\sarguments\swithout\ssigned\sinteger\soverflows.
D 2024-12-22T21:17:27.858 D 2024-12-28T12:32:01.085
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F LICENSE.md e108e1e69ae8e8a59e93c455654b8ac9356a11720d3345df2a4743e9590fb20d F LICENSE.md e108e1e69ae8e8a59e93c455654b8ac9356a11720d3345df2a4743e9590fb20d
@@ -730,7 +730,7 @@ F src/delete.c 03a77ba20e54f0f42ebd8eddf15411ed6bdb06a2c472ac4b6b336521bf7cea42
F src/expr.c 3329173aacc6c37da3971b6253827799b32e301673be00126df8271bf018e15f F src/expr.c 3329173aacc6c37da3971b6253827799b32e301673be00126df8271bf018e15f
F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007 F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007
F src/fkey.c 928ed2517e8732113d2b9821aa37af639688d752f4ea9ac6e0e393d713eeb76f F src/fkey.c 928ed2517e8732113d2b9821aa37af639688d752f4ea9ac6e0e393d713eeb76f
F src/func.c e6e997efb9ffaf8b07842e745159695669fdfa020f03635a2f774adab8b0f4af F src/func.c 89b733a5f513c4bc06b7271384363d5693d62782de8295bc87b97d79862c9714
F src/global.c a19e4b1ca1335f560e9560e590fc13081e21f670643367f99cb9e8f9dc7d615b F src/global.c a19e4b1ca1335f560e9560e590fc13081e21f670643367f99cb9e8f9dc7d615b
F src/hash.c 9ee4269fb1d6632a6fecfb9479c93a1f29271bddbbaf215dd60420bcb80c7220 F src/hash.c 9ee4269fb1d6632a6fecfb9479c93a1f29271bddbbaf215dd60420bcb80c7220
F src/hash.h 3340ab6e1d13e725571d7cee6d3e3135f0779a7d8e76a9ce0a85971fa3953c51 F src/hash.h 3340ab6e1d13e725571d7cee6d3e3135f0779a7d8e76a9ce0a85971fa3953c51
@@ -2202,8 +2202,8 @@ F tool/version-info.c 3b36468a90faf1bbd59c65fd0eb66522d9f941eedd364fabccd7227350
F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7 F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7
F tool/warnings.sh 49a486c5069de041aedcbde4de178293e0463ae9918ecad7539eedf0ec77a139 F tool/warnings.sh 49a486c5069de041aedcbde4de178293e0463ae9918ecad7539eedf0ec77a139
F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
P 536fff14acb3335ad00fb1165cfb2f97e7a31c36273b9b97ffdb4b572fe72c08 P 286559dfb3ad01fcf34360991a108dbe6bf81e7919c461ada6c691ee8f43868f
R 4447fcd0ccb80498c83515e29fbbdcc2 R 6fd56d72396565e46db9a7e82d5a2906
U drh U drh
Z 75ed33204df12b76c729fccd2a0270dd Z 2ed81eb220ab467fd47b108b1040a471
# Remove this line to create a well-formed Fossil manifest. # Remove this line to create a well-formed Fossil manifest.

View File

@@ -1 +1 @@
286559dfb3ad01fcf34360991a108dbe6bf81e7919c461ada6c691ee8f43868f c1de8f916ea617109a903c436c57d082756fbb2b933ba9ce6998b9b912b12dea

View File

@@ -354,7 +354,6 @@ static void substrFunc(
int len; int len;
int p0type; int p0type;
i64 p1, p2; i64 p1, p2;
int negP2 = 0;
assert( argc==3 || argc==2 ); assert( argc==3 || argc==2 );
if( sqlite3_value_type(argv[1])==SQLITE_NULL if( sqlite3_value_type(argv[1])==SQLITE_NULL
@@ -389,18 +388,17 @@ static void substrFunc(
#endif #endif
if( argc==3 ){ if( argc==3 ){
p2 = sqlite3_value_int64(argv[2]); p2 = sqlite3_value_int64(argv[2]);
if( p2<0 ){
p2 = -p2;
negP2 = 1;
}
}else{ }else{
p2 = sqlite3_context_db_handle(context)->aLimit[SQLITE_LIMIT_LENGTH]; p2 = sqlite3_context_db_handle(context)->aLimit[SQLITE_LIMIT_LENGTH];
} }
if( p1<0 ){ if( p1<0 ){
p1 += len; p1 += len;
if( p1<0 ){ if( p1<0 ){
if( p2<0 ){
p2 = 0;
}else{
p2 += p1; p2 += p1;
if( p2<0 ) p2 = 0; }
p1 = 0; p1 = 0;
} }
}else if( p1>0 ){ }else if( p1>0 ){
@@ -408,12 +406,13 @@ static void substrFunc(
}else if( p2>0 ){ }else if( p2>0 ){
p2--; p2--;
} }
if( negP2 ){ if( p2<0 ){
p1 -= p2; if( p2<-p1 ){
if( p1<0 ){ p2 = p1;
p2 += p1; }else{
p1 = 0; p2 = -p2;
} }
p1 -= p2;
} }
assert( p1>=0 && p2>=0 ); assert( p1>=0 && p2>=0 );
if( p0type!=SQLITE_BLOB ){ if( p0type!=SQLITE_BLOB ){