Add extra checks for the validity of a numeric literal to sqlite3DequoteNumber().

FossilOrigin-Name: d57407ef59baf699b72c8c4859abfaa7977dd41f6f16eb8fe1d53a68806eb966
This commit is contained in:
dan 2024-01-23 11:20:58 +00:00
parent a545de6827
commit 406eb5a146
7 changed files with 28 additions and 35 deletions

View File

@ -1,5 +1,5 @@
C Fix\sa\sproblem\sin\sthe\sprevious\scommit\swith\shex\sliterals\sthat\sstart\swith\s"0X"\sinstead\sof\s"0x".
D 2024-01-22T19:42:56.220
C Add\sextra\schecks\sfor\sthe\svalidity\sof\sa\snumeric\sliteral\sto\ssqlite3DequoteNumber().
D 2024-01-23T11:20:58.812
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@ -727,7 +727,7 @@ F src/os_win.c 4a50a154aeebc66a1f8fb79c1ff6dd5fe3d005556533361e0d460d41cb6a45a8
F src/os_win.h 7b073010f1451abe501be30d12f6bc599824944a
F src/pager.c ff60e98138d2499082ac6230f01ac508aba545315debccfca2fd6042f5f10fcd
F src/pager.h 4b1140d691860de0be1347474c51fee07d5420bd7f802d38cbab8ea4ab9f538a
F src/parse.y 2354aaf964e7c4154a9dbe56ea55a797a0fa3021c38b50afe491ea4a387bf971
F src/parse.y d2823ae4a503f83b3e8629c31470686624e46851d576c1f2b7bbec2e7328bb05
F src/pcache.c 040b165f30622a21b7a9a77c6f2e4877a32fb7f22d4c7f0d2a6fa6833a156a75
F src/pcache.h 1497ce1b823cf00094bb0cf3bac37b345937e6f910890c626b16512316d3abf5
F src/pcache1.c 602acb23c471bb8d557a6f0083cc2be641d6cafcafa19e481eba7ef4c9ca0f00
@ -743,7 +743,7 @@ F src/shell.c.in d1ed426aae2d547932971e8019939cacb4dfda8258e45b8924b250e488e2d53
F src/sqlite.h.in 61a60b4ea04db8ead15e1579b20b64cb56e9f55d52c5f9f9694de630110593a3
F src/sqlite3.rc 5121c9e10c3964d5755191c80dd1180c122fc3a8
F src/sqlite3ext.h 3f046c04ea3595d6bfda99b781926b17e672fd6d27da2ba6d8d8fc39981dcb54
F src/sqliteInt.h 6e5e330d84b4ace70e3163721601f01df84566e6db21e1fc45bd00636e3d6640
F src/sqliteInt.h a1367a4cd90c90e5eb2e5ca7d1be96823507f63b43030deb394f90f4f8d9ac10
F src/sqliteLimit.h 6878ab64bdeb8c24a1d762d45635e34b96da21132179023338c93f820eee6728
F src/status.c cb11f8589a6912af2da3bb1ec509a94dd8ef27df4d4c1a97e0bcf2309ece972b
F src/table.c 0f141b58a16de7e2fbe81c308379e7279f4c6b50eb08efeec5892794a0ba30d1
@ -800,13 +800,13 @@ F src/test_windirent.h da2e5b73c32d09905fbdd00f27cd802212a32a58ead882736fe4f5eb7
F src/test_window.c cdae419fdcea5bad6dcd9368c685abdad6deb59e9fc8b84b153de513d394ba3f
F src/test_wsd.c 41cadfd9d97fe8e3e4e44f61a4a8ccd6f7ca8fe9
F src/threads.c 4ae07fa022a3dc7c5beb373cf744a85d3c5c6c3c
F src/tokenize.c 3ea60fcd98a0eb1391592a080fb8871b0026eaffbdb5795ef3b19bb7d48e702a
F src/tokenize.c 3f703cacdab728d7741e5a6ac242006d74fe1c2754d4f03ed889d7253259bd68
F src/treeview.c c6fc972683fd00f975d8b32a81c1f25d2fb7d4035366bf45c9f5622d3ccd70ee
F src/trigger.c 0905b96b04bb6658509f711a8207287f1315cdbc3df1a1b13ba6483c8e341c81
F src/update.c 6904814dd62a7a93bbb86d9f1419c7f134a9119582645854ab02b36b676d9f92
F src/upsert.c fa125a8d3410ce9a97b02cb50f7ae68a2476c405c76aa692d3acf6b8586e9242
F src/utf.c f23165685a67b4caf8ec08fb274cb3f319103decfb2a980b7cfd55d18dfa855e
F src/util.c ef37d377684d6f725773c15bfc1ef5b75483b4f3b6b6198d4b8b969831623be0
F src/util.c 88484a62e2465728288ca6e5b10f30489058e66266f52c70e87663310298793b
F src/vacuum.c 604fcdaebe76f3497c855afcbf91b8fa5046b32de3045bab89cc008d68e40104
F src/vdbe.c 92910d536e0b77505599cd6ae5d9d449e4a5d31ada61da4c0bb84f6ccb2c3189
F src/vdbe.h 88e19a982df9027ec1c177c793d1a5d34dc23d8f06e3b2d997f43688b05ee0eb
@ -1355,7 +1355,7 @@ F test/like2.test d3be15fefee3e02fc88942a9b98f26c5339bbdef7783c90023c092c4955fe3
F test/like3.test a76e5938fadbe6d32807284c796bafd869974a961057bc5fc5a28e06de98745c
F test/limit.test 350f5d03c29e7dff9a2cde016f84f8d368d40bcd02fa2b2a52fa10c4bf3cbfaf
F test/limit2.test 9409b033284642a859fafc95f29a5a6a557bd57c1f0d7c3f554bd64ed69df77e
F test/literal.test e3d65d4091126cb008f31f57a324364511a83dd9461df31f60b5df6bd1f1f846
F test/literal.test c4f6f281964ac5ab48a32bd978e80644affac822664879d7558762b2fad7aff5
F test/literal2.tcl 1499037beaf661aeecdbe48801220a181d805372a64c6128d5f26bb6a4a8f0ce
F test/literal2.test b149e16b5fc9ee6249069a8858ed41052f222014fe0ba7ad43c2fb989c2dada2
F test/loadext.test faa4f6eed07a5aac35d57fdd7bc07f8fc82464cfd327567c10cf0ba3c86cde04
@ -2161,8 +2161,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
P 81a56229460cc5b6acfd3c3729fcf89ea3cccb546ca2b4f4035b140c60911e18
R 8fee7748a406cec8844b4286c6b28b8f
P c063c89b11487e6e712b97de604db316fa97bcf91ed810bb2dcbbcb54c68dbf4
R 92b3c6e9a0a36e247ccad3d6a5b99b6c
U dan
Z 6bae334234c9987a328b3a9421e4a531
Z 62284248efaccf35cb9923c551aa2ba1
# Remove this line to create a well-formed Fossil manifest.

View File

@ -1 +1 @@
c063c89b11487e6e712b97de604db316fa97bcf91ed810bb2dcbbcb54c68dbf4
d57407ef59baf699b72c8c4859abfaa7977dd41f6f16eb8fe1d53a68806eb966

View File

@ -1926,7 +1926,7 @@ filter_clause(A) ::= FILTER LP WHERE expr(X) RP. { A = X; }
term(A) ::= QNUMBER(X). {
A=tokenExpr(pParse,@X,X);
sqlite3DequoteNumber(A);
sqlite3DequoteNumber(pParse, A);
}
/* There must be no more than 255 tokens defined above. If this grammar

View File

@ -4794,7 +4794,7 @@ int sqlite3ErrorToParser(sqlite3*,int);
void sqlite3Dequote(char*);
void sqlite3DequoteExpr(Expr*);
void sqlite3DequoteToken(Token*);
void sqlite3DequoteNumber(Expr*);
void sqlite3DequoteNumber(Parse*, Expr*);
void sqlite3TokenInit(Token*,char*);
int sqlite3KeywordCode(const unsigned char*, int);
int sqlite3RunParser(Parse*, const char*);

View File

@ -439,10 +439,7 @@ int sqlite3GetToken(const unsigned char *z, int *tokenType){
if( z[0]=='0' && (z[1]=='x' || z[1]=='X') && sqlite3Isxdigit(z[2]) ){
for(i=3; 1; i++){
if( sqlite3Isxdigit(z[i])==0 ){
if( z[i]==SQLITE_DIGIT_SEPARATOR
&& sqlite3Isxdigit(z[i-1])
&& sqlite3Isxdigit(z[i+1])
){
if( z[i]==SQLITE_DIGIT_SEPARATOR ){
*tokenType = TK_QNUMBER;
}else{
break;
@ -454,10 +451,7 @@ int sqlite3GetToken(const unsigned char *z, int *tokenType){
{
for(i=0; 1; i++){
if( sqlite3Isdigit(z[i])==0 ){
if( z[i]==SQLITE_DIGIT_SEPARATOR
&& sqlite3Isdigit(z[i-1])
&& sqlite3Isdigit(z[i+1])
){
if( z[i]==SQLITE_DIGIT_SEPARATOR ){
*tokenType = TK_QNUMBER;
}else{
break;
@ -469,10 +463,7 @@ int sqlite3GetToken(const unsigned char *z, int *tokenType){
if( *tokenType==TK_INTEGER ) *tokenType = TK_FLOAT;
for(i++; 1; i++){
if( sqlite3Isdigit(z[i])==0 ){
if( z[i]==SQLITE_DIGIT_SEPARATOR
&& sqlite3Isdigit(z[i-1])
&& sqlite3Isdigit(z[i+1])
){
if( z[i]==SQLITE_DIGIT_SEPARATOR ){
*tokenType = TK_QNUMBER;
}else{
break;
@ -488,10 +479,7 @@ int sqlite3GetToken(const unsigned char *z, int *tokenType){
if( *tokenType==TK_INTEGER ) *tokenType = TK_FLOAT;
for(i+=2; 1; i++){
if( sqlite3Isdigit(z[i])==0 ){
if( z[i]==SQLITE_DIGIT_SEPARATOR
&& sqlite3Isdigit(z[i-1])
&& sqlite3Isdigit(z[i+1])
){
if( z[i]==SQLITE_DIGIT_SEPARATOR ){
*tokenType = TK_QNUMBER;
}else{
break;

View File

@ -316,21 +316,26 @@ void sqlite3DequoteExpr(Expr *p){
** and set the type to INTEGER or FLOAT. "Quoted" integers or floats are those
** that contain '_' characters that must be removed before further processing.
*/
void sqlite3DequoteNumber(Expr *p){
void sqlite3DequoteNumber(Parse *pParse, Expr *p){
if( p ){
const char *pIn = p->u.zToken;
char *pOut = p->u.zToken;
int bHex = (pIn[0]=='0' && (pIn[1]=='x' || pIn[1]=='X'));
assert( p->op==TK_QNUMBER );
p->op = TK_INTEGER;
do {
if( *pIn!=SQLITE_DIGIT_SEPARATOR ){
*pOut++ = *pIn;
if( *pIn=='e' || *pIn=='E' || *pIn=='.' ) p->op = TK_FLOAT;
}else{
if( (bHex==0 && (!sqlite3Isdigit(pIn[-1]) || !sqlite3Isdigit(pIn[1])))
|| (bHex==1 && (!sqlite3Isxdigit(pIn[-1]) || !sqlite3Isxdigit(pIn[1])))
){
sqlite3ErrorMsg(pParse, "unrecognized token: \"%s\"", p->u.zToken);
}
}
}while( *pIn++ );
if( p->u.zToken[0]=='0' && (p->u.zToken[1]=='x' || p->u.zToken[1]=='X') ){
p->op = TK_INTEGER;
}
if( bHex ) p->op = TK_INTEGER;
}
}

View File

@ -74,7 +74,7 @@ test_literal 3.8 -9_223_372_036_854_775_808 integer -9223372036854775808
foreach {tn lit unrec} {
0 123a456 123a456
1 1_ 1_
2 1_.4 1_
2 1_.4 1_.4
3 1e_4 1e_4
4 1_e4 1_e4
5 1.4_e4 1.4_e4
@ -86,7 +86,7 @@ foreach {tn lit unrec} {
11 12__34 12__34
12 1234_ 1234_
13 12._34 12._34
14 12_.34 12_
14 12_.34 12_.34
15 12.34_ 12.34_
16 1.0e1_______2 1.0e1_______2
} {