/ Check-in [ef3a7c87]
Login
SQLite training in Houston TX on 2019-11-05 (details)
Part of the 2019 Tcl Conference

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Avoid the possibility of signed integer overflow with oversized precisions in %d conversions in the printf() implementation.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: ef3a7c877a7549b351aafd983cfa96c863eb2641b6218bdd5cb563f659f879d8
User & Date: drh 2017-03-20 16:34:18
Context
2017-03-20
18:53
Fix some problems in fts3 found by address-sanitizer. check-in: 16a8e84f user: dan tags: trunk
16:34
Avoid the possibility of signed integer overflow with oversized precisions in %d conversions in the printf() implementation. check-in: ef3a7c87 user: drh tags: trunk
16:06
Do not run sync2.test as part of the "journaltest" permutation, as it uses "PRAGMA synchronous = off". check-in: 285005a9 user: dan tags: trunk
Changes
Hide Diffs Unified Diffs Show Whitespace Changes Patch

Changes to src/printf.c.

396
397
398
399
400
401
402
403
404
405
406
407
408

409
410
411
412
413
414
415
        if( flag_zeropad && precision<width-(prefix!=0) ){
          precision = width-(prefix!=0);
        }
        if( precision<etBUFSIZE-10-etBUFSIZE/3 ){
          nOut = etBUFSIZE;
          zOut = buf;
        }else{
          nOut = precision + 10 + precision/3;
          zOut = zExtra = sqlite3Malloc( nOut );
          if( zOut==0 ){
            setStrAccumError(pAccum, STRACCUM_NOMEM);
            return;
          }

        }
        bufpt = &zOut[nOut-1];
        if( xtype==etORDINAL ){
          static const char zOrd[] = "thstndrd";
          int x = (int)(longvalue % 10);
          if( x>=4 || (longvalue/10)%10==1 ){
            x = 0;







|
|




>







396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
        if( flag_zeropad && precision<width-(prefix!=0) ){
          precision = width-(prefix!=0);
        }
        if( precision<etBUFSIZE-10-etBUFSIZE/3 ){
          nOut = etBUFSIZE;
          zOut = buf;
        }else{
          u64 n = (u64)precision + 10 + precision/3;
          zOut = zExtra = sqlite3Malloc( n );
          if( zOut==0 ){
            setStrAccumError(pAccum, STRACCUM_NOMEM);
            return;
          }
          nOut = (int)n;
        }
        bufpt = &zOut[nOut-1];
        if( xtype==etORDINAL ){
          static const char zOrd[] = "thstndrd";
          int x = (int)(longvalue % 10);
          if( x>=4 || (longvalue/10)%10==1 ){
            x = 0;