To whom it may concern, We are using SQLite 3.7.13 with an amalgamation version of sqlite3.c. We discovered a type mismatch security issue with a recent Fortify scan. The problem is on lines 22407, 51807, 63005, 93150 of sqlite3.c.
For example, the function strHash() in sqlite3.c is declared to return an unsigned value on line 22400, but on line 22407 it returns a signed value. This would cause a type mismatch security issue (http://www.hpenterprisesecurity.com/vulncat/en/vulncat/cpp/type_mismatch_signed_to_unsigned.html). We are not sure if the problem still exists in the latest version but most probably it's still there. It would be much appreciated if you could fix it. Thanks, Jay Xue _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users