Avoid an integer overflow in the shell tool when outputing hex dumps of blobs greater...

FossilOrigin-Name: 4a1bb874f12adda26e91970b64e700cb904c126412989be4debac9a5647d6f69

diff --git a/manifest b/manifest
index eabeb1cd47fae03b9e53451d3b5202d411a13b3e..b119e537bdbfaf8bcf04240e5b38b00fc4f38b93 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Convert\sthe\sShellText\sobject\sin\sthe\sCLI\sto\suse\ssqlite3_malloc64()\srather\sthan\nplain\smalloc().\s\sAvoid\sunnecessary\squoting\sof\stable\snames\sin\s.dump\soutput\nand\ssimilar.\s\sImproved\sdetection\sof\sOOM\sin\sset_table_name().
-D 2025-09-25T10:55:54.033
+C Avoid\san\sinteger\soverflow\sin\sthe\sshell\stool\swhen\soutputing\shex\sdumps\sof\sblobs\sgreater\sthan\s1GB\sin\ssize.
+D 2025-09-25T11:10:55.626
 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
@@ -743,7 +743,7 @@ F src/random.c 606b00941a1d7dd09c381d3279a058d771f406c5213c9932bbd93d5587be4b9c
 F src/resolve.c f8d1d011aba0964ff1bdccd049d4d2c2fec217efd90d202a4bb775e926b2c25d
 F src/rowset.c 8432130e6c344b3401a8874c3cb49fefe6873fec593294de077afea2dce5ec97
 F src/select.c b95181711d59c36d9789e67f76c4cfec64b99f9629a50be5e6566e117b87d957
-F src/shell.c.in b779751a12934f3daa37b52c8bd0078ad3325b5a62dc112fc7e6182b8cf1a87e
+F src/shell.c.in 175630658a5fce0277cddf4991c56931ed061b3af36061be3e56ef113588452f
 F src/sqlite.h.in 5732519a2acb09066032ceac21f25996eb3f28f807a4468e30633c7c70faae1c
 F src/sqlite3.rc 015537e6ac1eec6c7050e17b616c2ffe6f70fca241835a84a4f0d5937383c479
 F src/sqlite3ext.h 3f0c4ed6934e7309a61c6f3c30f70a30a5b869f785bb3d9f721a36c5e4359126
@@ -2175,8 +2175,8 @@ F tool/version-info.c 3b36468a90faf1bbd59c65fd0eb66522d9f941eedd364fabccd7227350
 F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7
 F tool/warnings.sh 1ad0169b022b280bcaaf94a7fa231591be96b514230ab5c98fbf15cd7df842dd
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P 39925489b347ec3126389c6dba1ee719373e50c6cea6944384a212c3a3e163d2
-R 1afaff7fd16338dd1366664f6ded10b5
-U drh
-Z 9dfc09b0c748f430ec90bad59c91d7c8
+P 6ce4f6dc15a575c318669051fe6590ad114b52ff3f3e260cdf7accccdd922d63
+R a1ddb6405e4d3db885209b345b84b884
+U dan
+Z afd7b5825497122e60d96f69e82a9f3f
 # Remove this line to create a well-formed Fossil manifest.

diff --git a/manifest.uuid b/manifest.uuid
index 2a269929e2db8e55b7bdc710ca5c9876f1dc804c..65fc6d7aa5e11d6b5d30afa4943ea69b44859b8d 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-6ce4f6dc15a575c318669051fe6590ad114b52ff3f3e260cdf7accccdd922d63
+4a1bb874f12adda26e91970b64e700cb904c126412989be4debac9a5647d6f69

diff --git a/src/shell.c.in b/src/shell.c.in
index c14d77d181bb2de5022e08b692ddd4ed95f3d75a..fc315d07e5ef6d045222d829eb4aac12ae5c4ce0 100644 (file)
--- a/src/shell.c.in
+++ b/src/shell.c.in
@@ -1935,7 +1935,7 @@ static void output_hex_blob(FILE *out, const void *pBlob, int nBlob){
   int i;
   unsigned char *aBlob = (unsigned char*)pBlob;
 
-  char *zStr = sqlite3_malloc(nBlob*2 + 1);
+  char *zStr = sqlite3_malloc64((i64)nBlob*2 + 1);
   shell_check_oom(zStr);
 
   for(i=0; i<nBlob; i++){