From 8d2f3a1f82b47572250230f61e2a5eca1a66ac4c Mon Sep 17 00:00:00 2001 From: drh <> Date: Fri, 26 Sep 2025 11:53:54 +0000 Subject: [PATCH] Fix harmless integer overflows caused by over-sized integer constants in the "{m,n}" syntax of the regexp extension. FossilOrigin-Name: 8f17e1d869685b51f3368feed03dc06543ec16bc8fd81b8daad2ac2dbf99c5d6 --- ext/misc/regexp.c | 6 +++--- manifest | 14 +++++++------- manifest.uuid | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/ext/misc/regexp.c b/ext/misc/regexp.c index 71c7ea4c22..447e403f80 100644 --- a/ext/misc/regexp.c +++ b/ext/misc/regexp.c @@ -563,8 +563,8 @@ static const char *re_subcompile_string(ReCompiled *p){ break; } case '{': { - int m = 0, n = 0; - int sz, j; + unsigned int m = 0, n = 0; + unsigned int sz, j; if( iPrev<0 ) return "'{m,n}' without operand"; while( (c=rePeek(p))>='0' && c<='9' ){ m = m*10 + c - '0'; p->sIn.i++; } n = m; @@ -574,7 +574,7 @@ static const char *re_subcompile_string(ReCompiled *p){ while( (c=rePeek(p))>='0' && c<='9' ){ n = n*10 + c-'0'; p->sIn.i++; } } if( c!='}' ) return "unmatched '{'"; - if( n>0 && nsIn.i++; sz = p->nState - iPrev; if( m==0 ){ diff --git a/manifest b/manifest index 1038dc2fd6..9823a03bc9 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Docs\sand\sdead\scode\sremoval\sin\smkwasmbuilds.c. -D 2025-09-26T11:47:13.381 +C Fix\sharmless\sinteger\soverflows\scaused\sby\sover-sized\sinteger\sconstants\sin\nthe\s"{m,n}"\ssyntax\sof\sthe\sregexp\sextension. +D 2025-09-26T11:53:54.114 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea @@ -389,7 +389,7 @@ F ext/misc/percentile.c 72e05a21db20a2fa85264b99515941f00ae698824c9db82d7edfbb16 F ext/misc/prefixes.c 82645f79229877afab08c8b08ca1e7fa31921280906b90a61c294e4f540cd2a6 F ext/misc/qpvtab.c fc189e127f68f791af90a487f4460ec91539a716daf45a0c357e963fd47cc06c F ext/misc/randomjson.c ef835fc64289e76ac4873b85fe12f9463a036168d7683cf2b773e36e6262c4ed -F ext/misc/regexp.c 388e7f237307c7dfbfb8dde44e097946f6c437801d63f0d7ad63f3320d4e61cc +F ext/misc/regexp.c fb3647ab48bf9e49dd4401e5168b6c13868018b4867ba95d5b84ef18851ee3da F ext/misc/remember.c add730f0f7e7436cd15ea3fd6a90fd83c3f706ab44169f7f048438b7d6baa69c F ext/misc/rot13.c 51ac5f51e9d5fd811db58a9c23c628ad5f333c173f1fc53c8491a3603d38556c F ext/misc/scrub.c 2a44b0d44c69584c0580ad2553f6290a307a49df4668941d2812135bfb96a946 @@ -2170,8 +2170,8 @@ F tool/version-info.c 3b36468a90faf1bbd59c65fd0eb66522d9f941eedd364fabccd7227350 F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7 F tool/warnings.sh 1ad0169b022b280bcaaf94a7fa231591be96b514230ab5c98fbf15cd7df842dd F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f -P 730323f95d126162fd2867dbee1e1f1fc1d6e05b8a905a6767c4ab1cb43dacff -R faa2ab647662f02d7597fe8c7adf751b -U stephan -Z 5abc90edeae288fecddcb4d9b9371ac5 +P d022ee167b90a7c32049a93d476e869270018017f60551185024409730d77640 +R b5ba3b2e9358725e1c77fc6398b42b2c +U drh +Z 70b5e36db724d08f297bb83c1614bd83 # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index 27345a6617..22e1faa956 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -d022ee167b90a7c32049a93d476e869270018017f60551185024409730d77640 +8f17e1d869685b51f3368feed03dc06543ec16bc8fd81b8daad2ac2dbf99c5d6 -- 2.47.3