Limit the size of the exponent input in the second argument to the

ieee754() SQL function, to avoid integer overflow. Ticket [22dea1cfdb9151e4]. FossilOrigin-Name: 99aab32da14cc76beb5c1823a70bdeab144459398d61c42a858be4d6868d361e
2021-03-02 16:27:04 +00:00 · 2021-03-02 16:27:04 +00:00 · 898ec7927a
commit 898ec7927a
parent 730629680a
3 changed files with 16 additions and 8 deletions
--- a/ext/misc/ieee754.c
+++ b/ext/misc/ieee754.c
@ -167,6 +167,14 @@ static void ieee754func(
    int isNeg = 0;
    m = sqlite3_value_int64(argv[0]);
    e = sqlite3_value_int64(argv[1]);
+
+    /* Limit the range of e.  Ticket 22dea1cfdb9151e4 2021-03-02 */
+    if( e>10000 ){
+      e = 10000;
+    }else if( e<-10000 ){
+      e = -10000;
+    }
+
    if( m<0 ){
      isNeg = 1;
      m = -m;
--- a/14
+++ b/14
@ -1,5 +1,5 @@
-C Change\sthe\stimeout\sfor\stest\scase\s"valgrindfuzz"\sfrom\s600\sseconds\sto\s1200.
-D 2021-03-02T13:50:56.639
+C Limit\sthe\ssize\sof\sthe\sexponent\sinput\sin\sthe\ssecond\sargument\sto\sthe\nieee754()\sSQL\sfunction,\sto\savoid\sinteger\soverflow.\nTicket\s[22dea1cfdb9151e4].
+D 2021-03-02T16:27:04.746
 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
 F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@ -304,7 +304,7 @@ F ext/misc/explain.c 0086fab288d4352ea638cf40ac382aad3b0dc5e845a1ea829a694c015fd
 F ext/misc/fileio.c 9b69e25da3b51d4a1d905a464ccb96709792ad627a742ba09215bc0d1447e7bd
 F ext/misc/fossildelta.c 1240b2d3e52eab1d50c160c7fe1902a9bd210e052dc209200a750bbf885402d5
 F ext/misc/fuzzer.c eae560134f66333e9e1ca4c8ffea75df42056e2ce8456734565dbe1c2a92bf3d
-F ext/misc/ieee754.c 5c7ca326361c7368f95f5743972eade3b8b24f60359ed7cba4706668a5682896
+F ext/misc/ieee754.c cd6ab89f85fda8a020559b3f4d03001a8a62dd856beda5af3f558621d12be913
 F ext/misc/json1.c f31e89171f932d1821c91f10d2cb4979fc0447030030a8bce70420cd43d074c0
 F ext/misc/memstat.c 3017a0832c645c0f8c773435620d663855f04690172316bd127270d1a7523d4d
 F ext/misc/memtrace.c 7c0d115d2ef716ad0ba632c91e05bd119cb16c1aedf3bec9f06196ead2d5537b
@ -1908,7 +1908,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
 F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
 F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
-P 275a75aa82bf5d2366fd4020066d7b9fbb93a955ac9ec15dc7d5b8bfa29074e4
-R c373869bc96fc586d3402291bf9340d0
-U dan
-Z 3b4e27f86c56b854caf42a3578645a4e
+P 7c6aa6f38403931df7940c7acfeba4e2f8099a419222fcab2a3c959ccae90e40
+R 4b7008b2d896fb2345868e9330fd6fad
+U drh
+Z 8d007010cf38126393218aad44f4b7ca
--- a/manifest.uuid
+++ b/manifest.uuid
@ -1 +1 @@
-7c6aa6f38403931df7940c7acfeba4e2f8099a419222fcab2a3c959ccae90e40
+99aab32da14cc76beb5c1823a70bdeab144459398d61c42a858be4d6868d361e