SQLite

Check-in [472abb492f]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix additional integer overflow problems in the substr() function.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 472abb492f1d1553ae6bdf53cc64bebfe75423526335beab7eaff26cc495cd7d
User & Date: drh 2024-12-19 12:08:39.381
Context
2024-12-19
13:36
Enhance lemon so that it accepts the -U command-line option that undefines a preprocessor macro. (check-in: e2188a3edf user: drh tags: trunk)
12:08
Fix additional integer overflow problems in the substr() function. (check-in: 472abb492f user: drh tags: trunk)
2024-12-18
20:29
Fix possible integer oveflow in the second and third argument to substr(). (check-in: b04b4006f3 user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/func.c. 
423
424
425
426
427
428
429
430


431
432
433
434
435
436
437
438
439

    }
    for(z2=z; *z2 && p2; p2--){
      SQLITE_SKIP_UTF8(z2);
    }
    sqlite3_result_text64(context, (char*)z, z2-z, SQLITE_TRANSIENT,
                          SQLITE_UTF8);
  }else{
    if( p1+p2>len ){


      p2 = len-p1;
      if( p2<0 ) p2 = 0;
    }
    sqlite3_result_blob64(context, (char*)&z[p1], (u64)p2, SQLITE_TRANSIENT);
  }
}

/*
** Implementation of the round() function








|
>
>

|








423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441

    }
    for(z2=z; *z2 && p2; p2--){
      SQLITE_SKIP_UTF8(z2);
    }
    sqlite3_result_text64(context, (char*)z, z2-z, SQLITE_TRANSIENT,
                          SQLITE_UTF8);
  }else{
    if( p1>=len ){
      p1 = p2 = 0;
    }else if( p2>len-p1 ){
      p2 = len-p1;
      assert( p2>0 );
    }
    sqlite3_result_blob64(context, (char*)&z[p1], (u64)p2, SQLITE_TRANSIENT);
  }
}

/*
** Implementation of the round() function
Changes to test/func.test. 
119
120
121
122
123
124
125



126
127
128
129
130
131
132

} {{} {} 45 {} 78}
do_test func-2.11 {
  execsql {SELECT substr('abcdefg',0x100000001,2)}
} {{}}
do_test func-2.12 {
  execsql {SELECT substr('abcdefg',1,0x100000002)}
} {abcdefg}




# Only do the following tests if TCL has UTF-8 capabilities
#
if {"\u1234"!="u1234"} {

# Put some UTF-8 characters in the database
#








>
>
>








119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135

} {{} {} 45 {} 78}
do_test func-2.11 {
  execsql {SELECT substr('abcdefg',0x100000001,2)}
} {{}}
do_test func-2.12 {
  execsql {SELECT substr('abcdefg',1,0x100000002)}
} {abcdefg}
do_test func-2.13 {
  execsql {SELECT quote(substr(x'313233343536373839',0x7ffffffffffffffe,5))}
} {X''}

# Only do the following tests if TCL has UTF-8 capabilities
#
if {"\u1234"!="u1234"} {

# Put some UTF-8 characters in the database
#