]> git.ipfire.org Git - thirdparty/sqlite.git/commitdiff
projects / thirdparty / sqlite.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5dbbe50)
Extra defenses against integer overflow in the decimal extension.
authordrh <>
Tue, 14 Oct 2025 14:03:09 +0000 (14:03 +0000)
committerdrh <>
Tue, 14 Oct 2025 14:03:09 +0000 (14:03 +0000)
FossilOrigin-Name: 1a7414d9b5be7ce18b23c357fd98cd0e96d78ac626abfa6e4e0dee494b6a1efc

ext/misc/decimal.c patch | blob | blame | history
manifest patch | blob | blame | history
manifest.uuid patch | blob | blame | history

diff --git a/ext/misc/decimal.c b/ext/misc/decimal.c
index a29251c1b78125f602b63b52bb0830d3e8d835f0..f87699f96b157edc8662001dc97dae9eee0377a2 100644 (file)
--- a/ext/misc/decimal.c
+++ b/ext/misc/decimal.c
@@ -128,7 +128,8 @@ static Decimal *decimalNewFromText(const char *zIn, int n){
       }
     }
     if( iExp>0 ){   
-      p->a = sqlite3_realloc64(p->a, p->nDigit + iExp + 1 );
+      p->a = sqlite3_realloc64(p->a, (sqlite3_int64)p->nDigit
+                                     + (sqlite3_int64)iExp + 1 );
       if( p->a==0 ) goto new_from_text_failed;
       memset(p->a+p->nDigit, 0, iExp);
       p->nDigit += iExp;
@@ -147,7 +148,8 @@ static Decimal *decimalNewFromText(const char *zIn, int n){
       }
     }
     if( iExp>0 ){
-      p->a = sqlite3_realloc64(p->a, p->nDigit + iExp + 1 );
+      p->a = sqlite3_realloc64(p->a, (sqlite3_int64)p->nDigit
+                                     + (sqlite3_int64)iExp + 1 );
       if( p->a==0 ) goto new_from_text_failed;
       memmove(p->a+iExp, p->a, p->nDigit);
       memset(p->a, 0, iExp);
@@ -251,7 +253,7 @@ static void decimal_result(sqlite3_context *pCtx, Decimal *p){
     sqlite3_result_null(pCtx);
     return;
   }
-  z = sqlite3_mallocp->nDigit+4 );
+  z = sqlite3_malloc64( (sqlite3_int64)p->nDigit+4 );
   if( z==0 ){
     sqlite3_result_error_nomem(pCtx);
     return;
@@ -316,7 +318,7 @@ static void decimal_result_sci(sqlite3_context *pCtx, Decimal *p){
   for(nZero=0; nZero<nDigit && p->a[nZero]==0; nZero++){}
   nFrac = p->nFrac + (nDigit - p->nDigit);
   nDigit -= nZero;
-  z = sqlite3_mallocnDigit+20 );
+  z = sqlite3_malloc64( (sqlite3_int64)nDigit+20 );
   if( z==0 ){
     sqlite3_result_error_nomem(pCtx);
     return;
@@ -537,7 +539,8 @@ static void decimalMul(Decimal *pA, Decimal *pB){
   ){
     goto mul_end;
   }
-  acc = sqlite3_malloc64( pA->nDigit + pB->nDigit + 2 );
+  acc = sqlite3_malloc64( (sqlite3_int64)pA->nDigit +
+                          (sqlite3_int64)pB->nDigit + 2 );
   if( acc==0 ){
     pA->oom = 1;
     goto mul_end;
diff --git a/manifest b/manifest
index 6fcec11f7752e740c6db1fbb0b62bc1209bb357d..53737f54ff428e623712ae16542682ae892801da 100644 (file)
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Add\sa\ssection\sto\sext/wasm/README.md\sabout\sthe\sdependency\son\swabt/wasm-strip\sfor\srelease\sbuilds.
-D 2025-10-14T13:47:40.907
+C Extra\sdefenses\sagainst\sinteger\soverflow\sin\sthe\sdecimal\sextension.
+D 2025-10-14T14:03:09.126
 F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
@@ -369,7 +369,7 @@ F ext/misc/completion.c c27b64fdd0943c1b7f152376599814cee2641f7d67a7bb9bd2b957c2
 F ext/misc/compress.c 2c79a74330e0e0ba6cb3f7397f8ba5af12d46377ef5d3ee075e12dd8a6ed57f0
 F ext/misc/csv.c 7cae8c2666a058a58fb8994ed2457339a06c97d31c251d9a8445cdd966629890
 F ext/misc/dbdump.c 678f1b9ae2317b4473f65d03132a2482c3f4b08920799ed80feedd2941a06680
-F ext/misc/decimal.c 96a0ccd0b5f28720271d8e4409066ad4e2804d6987a9c1042016774dded79df8
+F ext/misc/decimal.c d4883de142f6dcd36eda23da40b55e2b51374e7b01eb54a7173940191389fc5e
 F ext/misc/eval.c 04bc9aada78c888394204b4ed996ab834b99726fb59603b0ee3ed6e049755dc1
 F ext/misc/explain.c 606100185fb90d6a1eade1ed0414d53503c86820d8956a06e3b0a56291894f2b
 F ext/misc/fileio.c 88cb2e5744296de6638af02ef6349fd468c2eb5e5f41ba405f88d9b4ad500f8e
@@ -2170,8 +2170,8 @@ F tool/version-info.c 33d0390ef484b3b1cb685d59362be891ea162123cea181cb8e6d2cf6dd
 F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7
 F tool/warnings.sh 1ad0169b022b280bcaaf94a7fa231591be96b514230ab5c98fbf15cd7df842dd
 F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P d98d5abf6d27c5359ff8c797ad57394b96074e47010bc4c24120ba69a967dc3c
-R 76d54a7a608a3f3da51434ba1a9bb1ba
-U stephan
-Z efcf9de719ad345452815fbe6955044e
+P 0dbb13863b3ff1da1be664967ac05c79cf34f7a78def05fe4f6407c06cb4322a
+R 7e333075895f8edd4f7647c4292e64bd
+U drh
+Z 0373c2483e2c2a255425cc55e633179b
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index d2d0348f75f67beccb974c6a602dbe37ef038d1a..78df5059b2636c7454ceb5a3fe2b5142cf556c38 100644 (file)
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-0dbb13863b3ff1da1be664967ac05c79cf34f7a78def05fe4f6407c06cb4322a
+1a7414d9b5be7ce18b23c357fd98cd0e96d78ac626abfa6e4e0dee494b6a1efc
Mirror of https://github.com/sqlite/sqlite.git