SQLite

Check-in [2e968114]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Avoid potential overflow in hex(). See forum post 7ac0c9c5ea.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 2e968114fd0e60eebcc088dec02684e10b06ac1ec42d6bedb5287362f5cbf032
User & Date: larrybr 2023-10-13 01:39:47
Context
2023-10-13
12:57
Actually prevent PRAGMA writable_schema=ON from being set in defensive mode, rather than just preventing it from functioning. (check-in: 2b574d9e user: drh tags: trunk)
12:48
Round one of an audit for SQLITE_ENABLE_API_ARMOR for functions exposed by JNI and those functions missing armor, as reported in several forum posts. (check-in: 8c25c4b1 user: stephan tags: api-armor-audit)
01:39
Avoid potential overflow in hex(). See forum post 7ac0c9c5ea. (check-in: 2e968114 user: larrybr tags: trunk)
2023-10-12
20:51
Make sure virtual tables have been connected before trying to invoke the xIntegrity method during PRAGMA integrity_check. (check-in: 4a4eccb6 user: drh tags: trunk)
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/func.c. 

1252
1253
1254
1255
1256
1257
1258
1259

1260
1261
1262
1263
1264
1265
1266

  if( zHex ){
    for(i=0; i<n; i++, pBlob++){
      unsigned char c = *pBlob;
      *(z++) = hexdigits[(c>>4)&0xf];
      *(z++) = hexdigits[c&0xf];
    }
    *z = 0;
    sqlite3_result_text(context, zHex, n*2, sqlite3_free);

  }
}

/*
** Buffer zStr contains nStr bytes of utf-8 encoded text. Return 1 if zStr
** contains character ch, or 0 if it does not.
*/








|
>








1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267

  if( zHex ){
    for(i=0; i<n; i++, pBlob++){
      unsigned char c = *pBlob;
      *(z++) = hexdigits[(c>>4)&0xf];
      *(z++) = hexdigits[c&0xf];
    }
    *z = 0;
    sqlite3_result_text64(context, zHex, (u64)(z-zHex),
                          sqlite3_free, SQLITE_UTF8);
  }
}

/*
** Buffer zStr contains nStr bytes of utf-8 encoded text. Return 1 if zStr
** contains character ch, or 0 if it does not.
*/

Changes to test/unhex.test. 

51
52
53
54
55
56
57


58
59
60
61
62
63
64

do_catchsql_test 3.1 {
  SELECT unhex('ABCD', '1234', '');
} {1 {wrong number of arguments to function unhex()}}

#--------------------------------------------------------------------------
# Test the 2-argument version.
#


foreach {tn hex} {
  1 "FFFF  ABCD"
  2 "FFFF ABCD"
  3 "FFFFABCD "
  4 " FFFFABCD"
  5 "--FFFF AB- -CD- "
  6 "--"








>
>








51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

do_catchsql_test 3.1 {
  SELECT unhex('ABCD', '1234', '');
} {1 {wrong number of arguments to function unhex()}}

#--------------------------------------------------------------------------
# Test the 2-argument version.
#
# Zap global x array set in some previous test.
if {[array exists x]} {array unset x}
foreach {tn hex} {
  1 "FFFF  ABCD"
  2 "FFFF ABCD"
  3 "FFFFABCD "
  4 " FFFFABCD"
  5 "--FFFF AB- -CD- "
  6 "--"