From: drh <>
Date: Mon, 8 Aug 2022 16:25:13 +0000 (+0000)
Subject: Avoid trying to cast an over-sized floating point value into an integer.
X-Git-Tag: version-3.40.0~253
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=26e817f69b4a153ca39ecb2c50fd99fd5287cf0a;p=thirdparty%2Fsqlite.git

Avoid trying to cast an over-sized floating point value into an integer.

FossilOrigin-Name: 3518cd7cb1feeefc3963da72c2d258d81d8914f1e1f427da28a00b6228cf126c
---

diff --git a/manifest b/manifest
index 6c2fbdb446..88135850f0 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Remove\san\sunreachable\sbranch\sin\sthe\snumericType()\shelper\sroutine.
-D 2022-08-08T13:04:08.230
+C Avoid\strying\sto\scast\san\sover-sized\sfloating\spoint\svalue\sinto\san\sinteger.
+D 2022-08-08T16:25:13.721
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -517,7 +517,7 @@ F src/build.c 33aec2b34dbc53c3da2ea8434fccbf3c17c35ba647c3193df598cce0e861355c
 F src/callback.c 4c19af69835787bfe790ac560f3071a824eb629f34e41f97b52ce5235c77de1c
 F src/complete.c a3634ab1e687055cd002e11b8f43eb75c17da23e
 F src/ctime.c 026dbdcdbd8c3cde98a88483ee88310ff43150ab164ad768f12cc700a11495ad
-F src/date.c 272162554168e7af4976213850e1c4c5f33b964d299ceb0983f3d5cceba01d05
+F src/date.c 94ce83b4cd848a387680a5f920c9018c16655db778c4d36525af0a0f34679ac5
 F src/dbpage.c 5808e91bc27fa3981b028000f8fadfdc10ce9e59a34ce7dc4e035a69be3906ec
 F src/dbstat.c 861e08690fcb0f2ee1165eff0060ea8d4f3e2ea10f80dab7d32ad70443a6ff2d
 F src/delete.c 13eca2beee5b758ed033a11230971310cc4a58fcd8f6bc33cad4f677c985e96c
@@ -575,7 +575,7 @@ F src/shell.c.in 29749b34bbd19d0004fdb6f61f62659096e1c0b4dfb1ad2314e7fafbe9dd8d3
 F src/sqlite.h.in be265991edca9aea69986758b58ba81cbf5ae403fe0c4ea1d0c9df0cdc8f25ed
 F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
 F src/sqlite3ext.h a988810c9b21c0dc36dc7a62735012339dc76fc7ab448fb0792721d30eacb69d
-F src/sqliteInt.h c97b6351dba36b7bacd231610cd7173e7a7ef8469c2d9b849037415e0b1d8c79
+F src/sqliteInt.h 3ae1d20f579149c18ddd995bbeffabf036cad9f4359dc2f27dc1b778d108ff35
 F src/sqliteLimit.h d7323ffea5208c6af2734574bae933ca8ed2ab728083caa117c9738581a31657
 F src/status.c 4a3da6d77eeb3531cb0dbdf7047772a2a1b99f98c69e90ce009c75fe6328b2c0
 F src/table.c 0f141b58a16de7e2fbe81c308379e7279f4c6b50eb08efeec5892794a0ba30d1
@@ -642,13 +642,13 @@ F src/upsert.c 8789047a8f0a601ea42fa0256d1ba3190c13746b6ba940fe2d25643a7e991937
 F src/utf.c ee39565f0843775cc2c81135751ddd93eceb91a673ea2c57f61c76f288b041a0
 F src/util.c 602fe229f32a96ceccae4f40824129669582096f7c355f53dbac156c9fecef23
 F src/vacuum.c bb346170b0b54c6683bba4a5983aea40485597fdf605c87ec8bc2e199fe88cd8
-F src/vdbe.c 6bca2e524d29d9f40e9842c287e60dbae5c428b6ea23f8ceb3114b78b3995d73
+F src/vdbe.c 81e2febe73f3db6d1ce5be29d30c4667d5fab9f6eae892ad7c80808f1af0c2bb
 F src/vdbe.h 64619af62603dc3c4f5ff6ff6d2c8f389abd667a29ce6007ed44bd22b3211cd0
 F src/vdbeInt.h 2cad0aeeb106371ed0e0946bab89f60627087068847afc2451c05056961c18da
 F src/vdbeapi.c 4cfbf7ec3ed60366a38655f3f10316c5a3d68f6d4d06e462f88679392611c756
 F src/vdbeaux.c 8584f4a20997fd918f0d957ab4f73d7411159772297c5020c188973bdc41dbf0
 F src/vdbeblob.c 5e61ce31aca17db8fb60395407457a8c1c7fb471dde405e0cd675974611dcfcd
-F src/vdbemem.c 5ebf05c0182addedb1607ade848e1c83cef40981df94d1abfab0c59288c6064f
+F src/vdbemem.c c3ce80af15e2ff5c2824a8db881681cbf511376f13613da020bac6d320c535b1
 F src/vdbesort.c 43756031ca7430f7aec3ef904824a7883c4ede783e51f280d99b9b65c0796e35
 F src/vdbetrace.c fe0bc29ebd4e02c8bc5c1945f1d2e6be5927ec12c06d89b03ef2a4def34bf823
 F src/vdbevtab.c f99b275366c5fc5e2d99f734729880994ab9500bdafde7fae3b02d562b9d323c
@@ -1981,8 +1981,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 6c4fc8385ee22516e0b87fb647327ee7d1a564040ebe2a4d66fc999ef2908df2
-R e4cfac9ab2cb69853bf392410d0d10ea
+P a99cc008e46ab1a4fdbe2fa87202d026a10c57be55e3e9fedd935795ed6dc694
+R bb31f7c383d6661944df8ccb04f02a45
 U drh
-Z 0989c0895e99c37065974c0506edc50e
+Z debe4f549c31b424da3a7da3757ec640
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index cbd770bafc..77c8bd5d50 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-a99cc008e46ab1a4fdbe2fa87202d026a10c57be55e3e9fedd935795ed6dc694
\ No newline at end of file
+3518cd7cb1feeefc3963da72c2d258d81d8914f1e1f427da28a00b6228cf126c
\ No newline at end of file
diff --git a/src/date.c b/src/date.c
index 68d3e994f7..a3e58bc4e3 100644
--- a/src/date.c
+++ b/src/date.c
@@ -785,7 +785,7 @@ static int parseModifier(
       */
       if( sqlite3_strnicmp(z, "weekday ", 8)==0
                && sqlite3AtoF(&z[8], &r, sqlite3Strlen30(&z[8]), SQLITE_UTF8)>0
-               && (n=(int)r)==r && n>=0 && r<7 ){
+               && r>=0.0 && r<7.0 && (n=(int)r)==r ){
         sqlite3_int64 Z;
         computeYMD_HMS(p);
         p->validTZ = 0;
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index c6bdd3dd35..32e0e78e83 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -4888,6 +4888,7 @@ int sqlite3FixSelect(DbFixer*, Select*);
 int sqlite3FixExpr(DbFixer*, Expr*);
 int sqlite3FixTriggerStep(DbFixer*, TriggerStep*);
 int sqlite3RealSameAsInt(double,sqlite3_int64);
+i64 sqlite3RealToI64(double);
 void sqlite3Int64ToText(i64,char*);
 int sqlite3AtoF(const char *z, double*, int, u8);
 int sqlite3GetInt32(const char *, int*);
diff --git a/src/vdbe.c b/src/vdbe.c
index dcfab51ace..131a52f14d 100644
--- a/src/vdbe.c
+++ b/src/vdbe.c
@@ -315,8 +315,7 @@ static VdbeCursor *allocateCursor(
 */
 static int alsoAnInt(Mem *pRec, double rValue, i64 *piValue){
   i64 iValue;
-  if( rValue>(double)LARGEST_INT64 || rValue<(double)SMALLEST_INT64 ) return 0;
-  iValue = (double)rValue;
+  iValue = sqlite3RealToI64(rValue);
   if( sqlite3RealSameAsInt(rValue,iValue) ){
     *piValue = iValue;
     return 1;
diff --git a/src/vdbemem.c b/src/vdbemem.c
index fd4ab0ccc6..c6c938cb5c 100644
--- a/src/vdbemem.c
+++ b/src/vdbemem.c
@@ -749,6 +749,16 @@ int sqlite3RealSameAsInt(double r1, sqlite3_int64 i){
           && i >= -2251799813685248LL && i < 2251799813685248LL);
 }
 
+/* Convert a floating point value to its closest integer.  Do so in
+** a way that avoids 'outside the range of representable values' warnings
+** from UBSAN.
+*/
+i64 sqlite3RealToI64(double r){
+  if( r<=(double)SMALLEST_INT64 ) return SMALLEST_INT64;
+  if( r>=(double)LARGEST_INT64) return LARGEST_INT64;
+  return (i64)r;
+}
+
 /*
 ** Convert pMem so that it has type MEM_Real or MEM_Int.
 ** Invalidate any prior representations.
@@ -770,7 +780,7 @@ int sqlite3VdbeMemNumerify(Mem *pMem){
     assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
     rc = sqlite3AtoF(pMem->z, &pMem->u.r, pMem->n, pMem->enc);
     if( ((rc==0 || rc==1) && sqlite3Atoi64(pMem->z, &ix, pMem->n, pMem->enc)<=1)
-     || sqlite3RealSameAsInt(pMem->u.r, (ix = (i64)pMem->u.r))
+     || sqlite3RealSameAsInt(pMem->u.r, (ix = sqlite3RealToI64(pMem->u.r)))
     ){
       pMem->u.i = ix;
       MemSetTypeFlag(pMem, MEM_Int);