From: drh <>
Date: Wed, 28 Feb 2024 01:12:21 +0000 (+0000)
Subject: Always convert 32-bit integer literals into EP_IntValue notation, even if
X-Git-Tag: version-3.46.0~182
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=8597eee1196c263be80f9d03639360b40fe17307;p=thirdparty%2Fsqlite.git

Always convert 32-bit integer literals into EP_IntValue notation, even if
they contain "_" separators.

FossilOrigin-Name: 2dfc427f676255cbe189a26bfec2405d41d31ccc4512c55b31e6e633261d7a23
---

diff --git a/manifest b/manifest
index 4fc938e015..a458d26d4f 100644
--- a/manifest
+++ b/manifest
@@ -1,5 +1,5 @@
-C Fix\san\seputf()\smacro\swithout\sits\sargument\sin\sthe\sCLI.
-D 2024-02-27T20:19:32.980
+C Always\sconvert\s32-bit\sinteger\sliterals\sinto\sEP_IntValue\snotation,\seven\sif\nthey\scontain\s"_"\sseparators.
+D 2024-02-28T01:12:21.520
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@@ -700,7 +700,7 @@ F src/date.c 90df32c2d8b2a38dd2e83d32e47802629305c4882fb2ec75c9ecdcd75b68bcb2
 F src/dbpage.c 80e46e1df623ec40486da7a5086cb723b0275a6e2a7b01d9f9b5da0f04ba2782
 F src/dbstat.c 3b677254d512fcafd4d0b341bf267b38b235ccfddbef24f9154e19360fa22e43
 F src/delete.c cb766727c78e715f9fb7ec8a7d03658ed2a3016343ca687acfcec9083cdca500
-F src/expr.c 3381ee4c9aa7ccde22a2a7f35ce343925a7a25d96bdc943649131f9decdebad2
+F src/expr.c 2803f5e7e3458ced24c0de48ec3640cd7a68ec61350d99c9f30b1bcd6640bd61
 F src/fault.c 460f3e55994363812d9d60844b2a6de88826e007
 F src/fkey.c a47610f0a5c6cb0ad79f8fcef039c01833dec0c751bb695f28dc0ec6a4c3ba00
 F src/func.c 4204c56196847faefef57fa14e43b8e4d65eb8d7e65318abe463472e3fd148cb
@@ -818,7 +818,7 @@ F src/trigger.c 0905b96b04bb6658509f711a8207287f1315cdbc3df1a1b13ba6483c8e341c81
 F src/update.c 6904814dd62a7a93bbb86d9f1419c7f134a9119582645854ab02b36b676d9f92
 F src/upsert.c fa125a8d3410ce9a97b02cb50f7ae68a2476c405c76aa692d3acf6b8586e9242
 F src/utf.c f23165685a67b4caf8ec08fb274cb3f319103decfb2a980b7cfd55d18dfa855e
-F src/util.c 7a49c6a5442757bb6344e7839e0b1f6ba8e54df4e4d092b439c6f6b7035bb01a
+F src/util.c 0765014847e2a06c952dd64aef0bea5144cd5b335a161eb0768ebe4f63dfe216
 F src/vacuum.c 604fcdaebe76f3497c855afcbf91b8fa5046b32de3045bab89cc008d68e40104
 F src/vdbe.c 523a88b3df328810fbcbb407738c352dd9d5163b7af4c953e6e9887a4b582859
 F src/vdbe.h c2d78d15112c3fc5ab87f5e8e0b75d2db1c624409de2e858c3d1aafb1650bb4f
@@ -1368,7 +1368,7 @@ F test/like2.test d3be15fefee3e02fc88942a9b98f26c5339bbdef7783c90023c092c4955fe3
 F test/like3.test a76e5938fadbe6d32807284c796bafd869974a961057bc5fc5a28e06de98745c
 F test/limit.test 350f5d03c29e7dff9a2cde016f84f8d368d40bcd02fa2b2a52fa10c4bf3cbfaf
 F test/limit2.test 9409b033284642a859fafc95f29a5a6a557bd57c1f0d7c3f554bd64ed69df77e
-F test/literal.test c4f6f281964ac5ab48a32bd978e80644affac822664879d7558762b2fad7aff5
+F test/literal.test a65dca9fef86e51b8e45544268e37abbd4bb94ba35fd65f6fdcab2f288cd8f79
 F test/literal2.tcl 1499037beaf661aeecdbe48801220a181d805372a64c6128d5f26bb6a4a8f0ce
 F test/literal2.test b149e16b5fc9ee6249069a8858ed41052f222014fe0ba7ad43c2fb989c2dada2
 F test/loadext.test faa4f6eed07a5aac35d57fdd7bc07f8fc82464cfd327567c10cf0ba3c86cde04
@@ -2176,8 +2176,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 10d26f1ee8e7624cbb957332b4397d2f1fcdaf916acec93077f2ddd33e01f1d8
-R 5abca0ff3e66ec32c7da5aae96062851
+P c2f5e257d2cfb91341f5261ed3924dc4ec2a6f854f3692fb416043f5c654a963
+R a81000c304b1245e80843833b1cb44da
 U drh
-Z 174bf550e5155919f4d414b95c3db5bd
+Z 74cbb43b6190c4a6f68e781473d23cde
 # Remove this line to create a well-formed Fossil manifest.
diff --git a/manifest.uuid b/manifest.uuid
index d100fcde72..25ba439edc 100644
--- a/manifest.uuid
+++ b/manifest.uuid
@@ -1 +1 @@
-c2f5e257d2cfb91341f5261ed3924dc4ec2a6f854f3692fb416043f5c654a963
\ No newline at end of file
+2dfc427f676255cbe189a26bfec2405d41d31ccc4512c55b31e6e633261d7a23
\ No newline at end of file
diff --git a/src/expr.c b/src/expr.c
index f9b280bbc5..e2cc15cfd6 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -914,11 +914,12 @@ void sqlite3ExprSetErrorOffset(Expr *pExpr, int iOfst){
 ** appear to be quoted.  If the quotes were of the form "..." (double-quotes)
 ** then the EP_DblQuoted flag is set on the expression node.
 **
-** Special case:  If op==TK_INTEGER and pToken points to a string that
-** can be translated into a 32-bit integer, then the token is not
-** stored in u.zToken.  Instead, the integer values is written
-** into u.iValue and the EP_IntValue flag is set.  No extra storage
+** Special case (tag-20240227-a):  If op==TK_INTEGER and pToken points to
+** a string that can be translated into a 32-bit integer, then the token is
+** not stored in u.zToken.  Instead, the integer values is written
+** into u.iValue and the EP_IntValue flag is set. No extra storage
 ** is allocated to hold the integer text and the dequote flag is ignored.
+** See also tag-20240227-b.
 */
 Expr *sqlite3ExprAlloc(
   sqlite3 *db,            /* Handle for sqlite3DbMallocRawNN() */
@@ -934,7 +935,7 @@ Expr *sqlite3ExprAlloc(
   if( pToken ){
     if( op!=TK_INTEGER || pToken->z==0
           || sqlite3GetInt32(pToken->z, &iValue)==0 ){
-      nExtra = pToken->n+1;
+      nExtra = pToken->n+1;  /* tag-20240227-a */
       assert( iValue>=0 );
     }
   }
diff --git a/src/util.c b/src/util.c
index bdf92d9c4f..311b7385a6 100644
--- a/src/util.c
+++ b/src/util.c
@@ -317,10 +317,12 @@ void sqlite3DequoteExpr(Expr *p){
 ** that contain '_' characters that must be removed before further processing.
 */
 void sqlite3DequoteNumber(Parse *pParse, Expr *p){
+  assert( p!=0 || pParse->db->mallocFailed );
   if( p ){
     const char *pIn = p->u.zToken;
     char *pOut = p->u.zToken;
     int bHex = (pIn[0]=='0' && (pIn[1]=='x' || pIn[1]=='X'));
+    int iValue;
     assert( p->op==TK_QNUMBER );
     p->op = TK_INTEGER;
     do {
@@ -336,6 +338,14 @@ void sqlite3DequoteNumber(Parse *pParse, Expr *p){
       }
     }while( *pIn++ );
     if( bHex ) p->op = TK_INTEGER;
+
+    /* tag-20240227-a: If after dequoting, the number is an integer that
+    ** fits in 32 bits, then it must be converted into EP_IntValue.  Other
+    ** parts of the code expect this.  See also tag-20240227-b. */
+    if( p->op==TK_INTEGER && sqlite3GetInt32(p->u.zToken, &iValue) ){
+      p->u.iValue = iValue;
+      p->flags |= EP_IntValue;
+    }
   }
 }
 
diff --git a/test/literal.test b/test/literal.test
index 30205692c9..5aa331e39b 100644
--- a/test/literal.test
+++ b/test/literal.test
@@ -93,4 +93,11 @@ foreach {tn lit unrec} {
   test_literal_error 4.$tn $lit $unrec
 }
 
+# dbsqlfuzz e3186a9e7826e9cd7f4085aa4452f8696485f9e1
+# See tag-20240224-a and -b
+#
+do_catchsql_test 5.1 {
+  SELECT 1 ORDER BY 2_3;
+} {1 {1st ORDER BY term out of range - should be between 1 and 1}}
+
 finish_test